Binah
Privacy Policy
Last updated: April 11, 2025
This Privacy Policy describes how American Friends of Gal Einai (“we,” “us,” or “our”), the operator of Binah, explains how we collect, use, disclose, and protect your information when you use the Binah service accessible at binah.inner.org and any related services (collectively, the “Service”).
By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, please do not use the Service.
Table of Contents
- Information We Collect
- How We Use Your Information
- Legal Bases for Processing (EEA/UK)
- When and With Whom We Share Your Information
- Cookies and Local Storage
- Third-Party Services
- How Long We Keep Your Information
- How We Keep Your Information Safe
- Children and Minors
- Your Privacy Rights
- California Privacy Rights (CCPA)
- International Data Transfers
- AI-Generated Content Disclaimer
- Updates to This Policy
- Contact Us
1. Information We Collect
Information You Provide Directly
When you create an account or use the Service, we may collect:
- Name — first and last name
- Email address
- WhatsApp phone number — used for authentication (OTP verification) and, for subscribers, for delivering chat via WhatsApp
- Physical address
- Preferred language
Information Generated Through Use
- Chat messages — the questions you ask and the responses generated by the Service
- Session and usage data — session identifiers, message counts, subscription tier, and billing period information
Information Collected Automatically
When you access the Service, we automatically collect certain technical information, including:
- IP address
- Browser type and version
- Device type, operating system, and screen resolution
- Pages visited, referring URLs, and interaction timestamps
- General geographic location (derived from IP address)
Sensitive Personal Information
We do not intentionally collect sensitive personal information such as health data, religious beliefs, or financial account numbers (beyond payment processing). However, please be aware that content you voluntarily share in chat conversations may contain personal or sensitive topics. We treat all chat data with care and confidentiality.
2. How We Use Your Information
We use the information we collect to:
- Provide, operate, and maintain the Service
- Authenticate your identity and manage your account
- Deliver AI-generated spiritual guidance based on your questions
- Process payments and manage subscriptions
- Send transactional communications (e.g., OTP codes, subscription confirmations)
- Send occasional updates about the Service (you may opt out at any time)
- Improve the quality and accuracy of our AI responses
- Monitor usage to detect abuse, fraud, or technical issues
- Comply with legal obligations
3. Legal Bases for Processing (EEA/UK)
If you are located in the European Economic Area or United Kingdom, we rely on the following legal bases:
- Consent — when you voluntarily provide information or opt in to communications. You may withdraw consent at any time.
- Performance of a contract — to provide you with the Service you have requested, including processing subscriptions.
- Legitimate interests — to improve the Service, ensure security, and conduct analytics, provided these interests are not overridden by your rights.
- Legal obligations — to comply with applicable laws and regulations.
4. When and With Whom We Share Your Information
We do not sell your personal information. We may share your information with:
- Service providers — third parties that help us operate the Service (see Section 6 below), bound by contractual obligations to protect your data
- Legal requirements — if required by law, court order, or governmental authority
- Business transfers — in connection with a merger, acquisition, or sale of assets, with notice to you
- With your consent — for any purpose you have explicitly authorized
5. Cookies and Local Storage
The Service uses a limited number of cookies and browser storage mechanisms:
Cookies
- Authentication tokens — session cookies to keep you signed in (expire after 7 days)
Local Storage
- Chat state — your conversation history is cached locally so it persists across page reloads
- Usage counters — tracks your monthly message count locally
We use Google Analytics for aggregated website analytics, which may set its own cookies. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.
Most browsers allow you to refuse or delete cookies. Please note that disabling cookies may prevent you from using certain features of the Service.
6. Third-Party Services
We use the following third-party services to operate Binah:
- Google Firebase — authentication and infrastructure (Privacy Policy)
- Stripe — payment processing and subscription management (Privacy Policy)
- Google Analytics — aggregated website analytics (Privacy Policy)
- WhatsApp (Meta) — OTP verification and message delivery for subscribers (Privacy Policy)
- SendGrid (Twilio) — transactional and marketing email delivery (Privacy Policy)
- Google Cloud Platform — hosting and infrastructure (Privacy Notice)
Each third-party provider processes data in accordance with its own privacy policy. We encourage you to review their policies.
7. How Long We Keep Your Information
We retain your personal information for as long as your account is active or as needed to provide you the Service. Specifically:
- Account data — retained while your account is active and for up to 6 months after account deletion or inactivity
- Chat history — retained while your account is active to provide continuity in your conversations
- Payment records — retained as required by applicable tax and accounting laws
- Server logs — retained for up to 90 days for security and debugging purposes
When we no longer need your data, we will securely delete or anonymize it.
8. How We Keep Your Information Safe
We implement appropriate technical and organizational measures to protect your personal information, including:
- Encryption of data in transit (TLS/HTTPS)
- Encrypted storage of authentication credentials
- Access controls limiting data access to authorized personnel
- Regular security reviews of our systems and third-party integrations
However, no method of electronic transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
9. Children and Minors
The Service is not directed at individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us and we will promptly delete such data.
10. Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal information:
- Access — request a copy of the personal information we hold about you
- Correction — request correction of inaccurate or incomplete information
- Deletion — request deletion of your personal information
- Restriction — request that we restrict processing of your information
- Portability — request your data in a structured, machine-readable format
- Objection — object to processing based on legitimate interests
- Withdraw consent — where processing is based on consent, withdraw it at any time
To exercise any of these rights, please contact us at support@inner.org. We will respond within 30 days (or the timeframe required by applicable law).
If you are located in the EEA or UK and believe we are processing your data unlawfully, you have the right to lodge a complaint with your local data protection authority.
11. California Privacy Rights (CCPA)
If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights:
- Right to know — what personal information we collect, use, and disclose
- Right to delete — request deletion of your personal information
- Right to opt out of sale — we do not sell your personal information
- Right to non-discrimination — we will not discriminate against you for exercising your privacy rights
To exercise these rights, contact us at support@inner.org.
12. International Data Transfers
The Service is hosted in the United States. If you access the Service from outside the United States, your information may be transferred to and processed in the United States or other countries where our service providers operate. By using the Service, you consent to such transfers. We take steps to ensure that your data receives an adequate level of protection in accordance with applicable data protection laws.
13. AI-Generated Content Disclaimer
Binah uses artificial intelligence to generate responses based on Torah, Chassidic, and Kabbalistic teachings. While we strive for accuracy and depth:
- AI-generated responses are not a substitute for professional rabbinical, legal, medical, or psychological advice
- Responses may occasionally contain inaccuracies or misinterpretations
- We do not guarantee the completeness or correctness of any response
- Your individual chat data will never be used to train AI models and will never be shared with any third party
14. Updates to This Policy
We may update this Privacy Policy from time to time. The updated version will be indicated by the “Last updated” date at the top of this page. We encourage you to review this Privacy Policy periodically. Continued use of the Service after changes are posted constitutes your acceptance of the revised policy.
15. Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, please contact us: