Legal
Privacy Policy
Last updated: May 15, 2026
DRAFT. This page is a working baseline pending a formal legal review. The substance below describes Express Intent's actual practices today.
1. Who we are
Express Intent is an AI agent training platform operated by Enoch Odu Studios. Contact: hello@express-intent.com.
2. What we collect
- Booking and payment data: name, email address, billing address, and payment method via Stripe. We never see your raw card number; Stripe handles it.
- Communication preferences: if you select a contact channel (iMessage, FaceTime, Telegram, WhatsApp, SMS, Slack) during booking, we store your handle so we can reach you.
- Booking notes: the one-sentence prompt you write describing what you want built.
- Local storage: a few essential preferences on your device (dismissed notice flags, admin auth tokens for admin users). No third-party tracking cookies. No advertising pixels.
3. How we use it
- To deliver the product you bought (calls, cohort access, course materials, community invites).
- To send transactional emails: payment confirmation, calendar invites, scheduling links.
- To respond to your booking notes and follow up after a session.
- For accounting, fraud prevention, and Stripe-required record-keeping.
4. What we don't do
- We do not sell your personal information.
- We do not use your data to train AI models, ours or anyone else's.
- We do not run third-party advertising or analytics pixels that follow you across sites.
- We do not share booking notes or personal context outside the team delivering your session.
5. Service providers we use
- Stripe for payments. Subject to Stripe's privacy policy.
- Vercel for hosting. Subject to Vercel's privacy policy.
- Resend for transactional email delivery.
- Zoom or Jitsi for video calls. Recording is opt-in per session.
- Twilio, Telegram, Slack only if you opt into those communication channels.
6. Your rights
You can ask us to export or delete your data at any time by emailing hello@express-intent.com from the email address tied to your booking. We respond within 30 days. EU and UK visitors retain all rights under GDPR Articles 15 to 22. California residents retain CCPA rights including the right to know and the right to delete; we do not sell personal information.
7. Retention
We keep booking and payment records for 7 years to meet US tax and Stripe compliance requirements. Communication logs are kept for 12 months. You can request earlier deletion of communication logs at any time; tax records cannot be deleted before the legal retention period.
8. Security
All traffic is HTTPS. Payment data flows through Stripe's PCI-compliant infrastructure. Admin access is gated by token-based authentication. We do not store passwords or raw payment instruments. Security headers including HSTS and CSP are deployed site-wide.
9. Children
Express Intent is intended for adults 18 and older. We do not knowingly collect data from minors. If you believe we have collected data from someone under 18, email us and we will delete it.
10. Changes
If we materially change this policy, we will update the date at the top and announce the change in our next transactional email. Continued use of the site after a change indicates acceptance.
11. Contact
Privacy questions: hello@express-intent.com. We aim to respond within two business days.
Back to home