Privacy Policy

Last updated 24 April 2026

This is the privacy policy for the Imagine Qira School at courses.imagineqira.com, operated by Qira LLC, an Arizona limited liability company. The short version: we collect the minimum we need to deliver your course, we do not sell your data to anyone, and we use a small set of named third parties to process payments, send email, and answer your chat questions.

1. What we collect

Data	When & why	Where it lives
Email + name	When you check out via Stripe, so we can deliver your course access and a receipt.	Stripe (payment) + our database (sales record)
Email only	When you join the catalogue updates list at the bottom of the homepage.	Our database (waitlist)
Chat content + IP	When you talk to the on-site assistant, so we can rate-limit abuse and improve replies.	Our database, Cerebras (LLM provider) for the duration of the request
Anonymous analytics	Page visits, referrers, country. Used to know which pages people read.	Plausible Analytics (privacy-first; no cookies, no cross-site tracking)
Admin session cookie	Only set when the instructor signs in to the admin dashboard.	Your browser; expires after 7 days

We do not use marketing cookies. We do not set Facebook, Google, or LinkedIn pixels. We do not sell, rent, or trade any data to third parties.

2. Who we share with (and only what they need)

Stripe — handles every payment. Your card data goes directly to Stripe and is never seen by us. Stripe's privacy policy: stripe.com/privacy.
SendGrid (Twilio) — sends your welcome email and any system emails. Your email address is shared. Privacy policy: twilio.com/legal/privacy.
Cerebras Inference — runs the AI model behind the chat assistant. Your messages (without your IP) are sent to generate replies. Privacy policy: cerebras.ai/privacy-policy.
Plausible Analytics — privacy-first analytics. No cookies, no fingerprints, no cross-site tracking. Privacy policy: plausible.io/privacy.
Hosting — DigitalOcean. Standard server logs (IP, timestamp, request path) are retained for 30 days for security and debugging.

3. How long we keep your data

Sales records: kept indefinitely as required by US tax and accounting law.
Waitlist email: kept until you ask to be removed (or you click any unsubscribe link in our emails).
Chat content: kept for 90 days, then deleted.
Server logs: 30 days, then rotated out.
Admin session cookie: 7 days from sign-in.

4. Cookies

We do not use any tracking cookies. We use exactly one functional cookie:

iqira_admin — set only when the instructor signs in to /admin. Used to keep the admin signed in. Strictly necessary; expires after 7 days.

5. Your rights

You can ask us to:

Show you what we have about you (email + sales records).
Correct anything wrong.
Delete your waitlist email and chat history (we cannot delete sales records due to tax law, but we can anonymise them).

Email bryanleonard@imagineqira.com from the address on file and we'll handle it within 14 days.

6. International users

The school is operated from the United States. By enrolling, you consent to your data being processed in the US and (where the third parties listed above operate) other jurisdictions. We follow standard contractual clauses where required.

7. Children

The school is intended for adults. We do not knowingly collect data from anyone under 16. If you believe a minor has enrolled, email us and we will delete the account.

8. Security

We use HTTPS everywhere. Database is encrypted at rest. Payment data never touches our servers (Stripe handles it directly). Access keys are stored in environment variables outside the web tree, with file permissions restricted to root.

9. Changes

If we change this policy, the new version replaces this page. Material changes are noted in the next catalogue email.

10. Contact

Qira LLC · Phoenix, Arizona, USA · bryanleonard@imagineqira.com

Terms · bryanleonard@imagineqira.com