A

ACE Pattern Learning

ACE

← Back to Legal

Privacy Policy

Last updated: January 2026

Overview

At ACE, we take your privacy seriously. This Privacy Policy explains how Code Engine ("we", "us", or "our") collects, uses, and protects your personal data when you use ACE ("the Service").

We are committed to GDPR compliance and the protection of your data rights as an EU citizen or resident.

Data Controller

Code Engine
European Union
Email: privacy@ace-ai.app

Data We Collect

Account Information

  • Email address
  • Name (optional)
  • Profile picture (optional, via authentication provider)
  • Organization name and membership

Usage Data

  • API call logs and timestamps
  • Feature usage patterns
  • Error logs (anonymized)
  • Performance metrics

Content Data

  • Patterns and playbook content you create
  • Project configurations
  • Organization settings

Payment Information

Payment processing is handled by Stripe. We do not store full credit card numbers. We receive limited billing information (last 4 digits, expiry date) for reference.

How We Use Your Data

We use your data for the following purposes:

  • Providing the Service: Processing your patterns, managing your projects, and enabling AI-assisted curation
  • Account Management: Authentication, authorization, and subscription management
  • Communication: Sending service notifications, billing alerts, and (with consent) product updates
  • Improvement: Analyzing usage patterns to improve the Service (anonymized and aggregated)
  • Security: Detecting and preventing fraud, abuse, and security threats

Legal Basis (GDPR)

We process your data under the following legal bases:

  • Contract: To provide the Service you have subscribed to
  • Legitimate Interest: For security, fraud prevention, and service improvement
  • Legal Obligation: For tax records and regulatory compliance
  • Consent: For marketing communications (opt-in only)

Data Sharing

We share data only with the following categories of recipients:

  • Service Providers: Stripe (payments), Clerk (authentication), cloud infrastructure providers
  • AI Providers: Anthropic (for pattern analysis) - see AI & Data Processing section
  • Legal Requirements: When required by law, court order, or governmental authority

We do not sell your personal data to third parties.

AI & Data Processing

ACE uses AI services to analyze and curate your patterns:

  • Your content is processed by Anthropic's Claude for pattern analysis
  • We use zero-data-retention agreements where available
  • Your data is not used to train external AI models
  • Processing is scoped to your organization only
  • You can request deletion of all AI-processed data

Data Retention

We retain your data as follows:

  • Account Data: Until account deletion
  • Content Data: Until you delete it or close your account
  • Usage Logs: 90 days (anonymized after)
  • Billing Records: 7 years (legal requirement)

After account deletion, we remove your personal data within 30 days, except where retention is required by law.

Your Rights (GDPR)

As an EU resident, you have the following rights:

  • Access: Request a copy of your data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion of your data
  • Portability: Export your data in a machine-readable format
  • Restriction: Limit processing of your data
  • Objection: Object to processing based on legitimate interest
  • Withdraw Consent: Withdraw marketing consent at any time

To exercise these rights, contact privacy@ace-ai.app. We will respond within 30 days.

Data Security

We implement appropriate technical and organizational measures:

  • Encryption in transit (TLS 1.3) and at rest (AES-256)
  • Access controls and audit logging
  • Regular security assessments
  • Incident response procedures
  • Employee training on data protection

International Transfers

Some of our service providers are located outside the EU. We ensure appropriate safeguards through Standard Contractual Clauses (SCCs) or adequacy decisions. For transfers to the US, we rely on the EU-US Data Privacy Framework where applicable.

Cookies

We use essential cookies for authentication and security. We use analytics cookies only with your consent. You can manage cookie preferences in your browser settings.

  • Essential: Authentication, security, user preferences
  • Analytics: Usage patterns (with consent)

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. The "Last updated" date at the top indicates when the policy was last revised.

Contact & Complaints

For privacy questions or to exercise your rights:

You also have the right to lodge a complaint with your local data protection authority.