Privacy Policy
Last updated: February 22, 2026
At AFE Leaks Research and Consulting, LLC ("AFE Leaks," "we," "us," or "our"), we value your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, share, and protect your information when you use our website, mobile application, and associated services (collectively, the "Service").
1. Information We Collect
a. Information You Provide
| Data Type | Examples |
|---|---|
| Account information | Name, email address, password (managed by Firebase Authentication) |
| Payment information | Billing details processed by Stripe (we do not store card numbers) |
| User-generated content | Saved type curve configurations, AI chat conversations, search queries |
| Communications | Emails or messages you send to our support team |
b. Information Collected Automatically
| Data Type | Examples |
|---|---|
| Device information | Device type, operating system, browser type and version |
| Usage data | Pages visited, features used, time spent on pages |
| Network information | IP address, approximate location (country/region) |
| Cookies and similar technologies | Session cookies, authentication tokens (see Section 8) |
| Crash and performance data | Error logs, app performance metrics |
2. How We Use Your Information
We use the information we collect for the following purposes:
- Provide and maintain the Service — Account authentication, subscription management, delivering oil & gas research data
- Process payments — Managing subscriptions and billing through Stripe
- Improve the Service — Analyzing usage patterns, fixing bugs, developing new features
- AI features — Processing your queries through our AI chat assistant (powered by Google Vertex AI)
- Communicate with you — Service updates, security alerts, support responses
- Ensure security — Preventing fraud, enforcing rate limits, detecting unauthorized access
3. Third-Party Services and SDKs
We use the following third-party services that may collect data:
| Service | Purpose | Data Shared |
|---|---|---|
| Firebase Authentication (Google) | User login and account management | Email, authentication tokens |
| Firebase Firestore (Google) | Storing user preferences and session data | User ID, saved configurations |
| Google Cloud Vertex AI | AI chat assistant | Chat queries (not linked to personal identity) |
| Stripe | Payment processing | Email, billing information |
| HubSpot | Analytics and customer tracking | Page views, email (if provided) |
Each third-party service operates under its own privacy policy. We encourage you to review them:
- Google Privacy Policy (Firebase, Vertex AI)
- Stripe Privacy Policy
- HubSpot Privacy Policy
4. How We Share Your Information
We do not sell your personal information. We may share your information only in these circumstances:
- Service providers — Third-party services listed in Section 3 that help us operate the Service
- Legal requirements — When required by law, court order, or to protect our legal rights
- Business transfers — In connection with a merger, acquisition, or sale of assets (you would be notified)
5. Data Retention
| Data Type | Retention Period |
|---|---|
| Account information | Until you delete your account |
| Chat history | Until you clear it or delete your account |
| Saved configurations | Until you delete them or delete your account |
| Billing and transaction records | Up to 7 years after last transaction (tax/legal requirements) |
| Usage and analytics data | Up to 26 months (aggregated and anonymized) |
| Server logs | Up to 90 days |
After the retention period, data is permanently deleted or anonymized so it can no longer be linked to you.
6. Your Data Protection Rights
You have the right to:
- Access your personal information
- Correct inaccurate or incomplete data
- Delete your account and associated data
- Export your data in a portable format
- Object to the processing of your data
- Opt out of marketing communications
How to Delete Your Account
You can delete your account and all associated data by visiting our Account Deletion page. Alternatively, you can email bd@afeleaks.com with the subject line "Delete My Account." We will process deletion requests within 30 days.
For details on what data is deleted and what may be retained, see our Account Deletion page.
7. Data Security
We use industry-standard security measures to protect your information, including:
- HTTPS encryption for all data in transit
- Firebase Authentication with secure session management
- Rate limiting to prevent abuse
- Single-session enforcement to prevent unauthorized account sharing
However, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.
8. Cookies and Tracking Technologies
We use the following cookies:
| Cookie | Purpose | Duration |
|---|---|---|
__session | Firebase authentication session | Session |
afe_sid | Single-session enforcement | 30 days |
We use HubSpot tracking for analytics purposes. You can manage cookie preferences through your browser settings.
9. Children's Privacy
The Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal data from a child under 13, we will take steps to delete that information promptly. If you believe a child under 13 has provided us with personal data, please contact us at bd@afeleaks.com.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you via email or an in-app notice. We encourage you to review this policy periodically.
11. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:
AFE Leaks Research and Consulting, LLC
Email: bd@afeleaks.com