NEON WILDERNESS/Authority Audit
Initialize Audit

— Legal

Privacy Policy

LEGAL

Privacy Policy

Last updated: June 4, 2026

1. Who We Are

Neon Wilderness (“we,” “us,” “our”) is an authority infrastructure platform operated by Jordan Wayne Lee. Our primary domain is neonwilderness.co and the platform is served across subdomains including os, admin, archetypes, signal, praxis, jux, brandintensive, authorityaudit, dashboard, manifesto, and api.

If you have questions about this policy, contact us at [email protected].

2. What We Collect

We collect only what is necessary to operate the platform:

Account dataEmail address, display name, and hashed password (bcrypt, cost factor 12). If you sign in with Google, we receive your email, name, and profile image from Google's OAuth flow.
Contact form submissionsName, email, subject, and message text. Stored in our database and forwarded to the team via email notification.
Brand and project dataInformation you voluntarily enter into platform tools — brand names, voice attributes, archetype scores, content drafts, visual preferences, and related project materials.
Payment dataProcessed entirely by Stripe. We store only the Stripe customer ID and subscription status. We never see or store your card number.
Usage and session dataActivity logs (actions taken within the platform), session tokens, and basic request metadata. We do not use third-party analytics trackers.
AI chat interactionsMessages sent through the on-site support chat are forwarded to a language model API for response generation. These messages are not stored in our database after the session ends.

3. Where Your Data Lives

We want you to know where your data is processed and stored:

DatabaseManaged relational database, US-hosted
Application hostingUS-based cloud infrastructure
File storageEncrypted cloud storage (US region) for uploaded brand assets
AuthenticationSessions stored as encrypted, signed cookies on your device — not on our servers
PaymentsStripe — PCI-DSS Level 1 compliant. We never see or store card numbers.
AI processingUS-based language model API — used for chat and content generation only
EmailTransactional emails only (signup confirmations, contact responses). No marketing emails.
Google sign-inOAuth 2.0 handshake only — no data stored at Google beyond standard authentication

All core infrastructure is US-based. We do not transfer data to jurisdictions outside the United States unless required by a third-party service you explicitly connect (e.g., a social media account).

4. How We Use Your Data

  • To operate the platform and deliver the services you signed up for.
  • To authenticate your identity and maintain your session.
  • To process payments through Stripe.
  • To send transactional emails — contact form confirmations, signup alerts, and system notifications.
  • To generate AI-assisted content and brand analysis when you use platform tools.
  • To improve platform reliability through error logging (sanitized — no PII in logs).

5. What We Don't Do

We do not sell your data. Not to advertisers, not to data brokers, not to anyone.

We do not export your data to personal email accounts. Admin notifications go to company addresses only.

We do not store passwords in plain text. All passwords are hashed using industry-standard algorithms before storage.

We do not run third-party advertising trackers, pixels, or retargeting scripts.

We do not share your brand data, project files, or archetype results with other users.

We do not use your content to train AI models. Your inputs are processed for your response only.

6. Cookies

We use only essential cookies required for the platform to function:

Session cookieAn encrypted JWT token that keeps you logged in. Scoped to .neonwilderness.co, HttpOnly, Secure, SameSite=Lax. Expires when your session ends.
CSRF tokenA __Host-prefixed token that prevents cross-site request forgery. Required for form submissions.

We do not use marketing cookies, analytics cookies, or any non-essential tracking. There is no cookie banner because there are no optional cookies to consent to.

7. Data Retention

Your account data and project data persist as long as you maintain an active account. Contact form submissions are retained for operational follow-up. If you want your data deleted, email us at [email protected] and we will remove your account and associated data within 30 days.

8. Your Rights

You have the right to:

  • Access — Request a copy of the personal data we hold about you.
  • Correction — Ask us to correct inaccurate data.
  • Deletion — Request deletion of your account and all associated data.
  • Portability — Receive your data in a structured, machine-readable format.
  • Objection — Object to processing where we rely on legitimate interest.

To exercise any of these rights, email [email protected]. We respond within 30 days.

9. Security

We take reasonable measures to protect your data, including:

  • HTTPS with HSTS on all subdomains.
  • Content Security Policy restricting script and resource origins.
  • Industry-standard password hashing — passwords are never stored in readable form.
  • Encrypted, HttpOnly session cookies with SameSite protections.
  • Rate limiting on authentication and contact endpoints.
  • Input validation and output sanitization on all API routes.
  • No sensitive data in server logs — error messages are sanitized.

10. Third-Party Services

We integrate with the following third-party services, each with their own privacy policies:

11. Children's Privacy

Neon Wilderness is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it.

12. Changes to This Policy

We may update this policy from time to time. Significant changes will be communicated via email or a notice on the platform. The “Last updated” date at the top reflects the most recent revision.

13. Contact

For any privacy-related questions, requests, or concerns:

Neon Wilderness

Attn: Jordan Wayne Lee

[email protected]

This policy applies to all Neon Wilderness properties and tools including Authority Audit, Authority OS, Signal, Archetypes, JUX, Praxis, and Brand Intensive.

Canonical source: os.neonwilderness.co/privacy