Privacy · plain English
What we collect, what we don't.
Short version: the audit answers go in a private database so I can spot patterns over time. Email is optional and stays separate. Nothing is sold or shared with ad networks. You can ask me to delete your record at any time.
Last updated: 2026-05-02 · ai-spokane.com is operated by Cory Thomas Consulting LLC, Spokane, WA.
What we collect when you take the audit
- Your 10 audit answers (revenue band, industry, scored 1–5 responses, named bottlenecks, where you'd put back-saved hours)
- The audit's computed score, tier, and the personalized report we generate for you
- An anonymous audit ID (a random UUID — not tied to anything else unless you opt in to email)
- Your IP address — used only for rate limiting (5 audits per IP per day) and stored briefly in cache, not in the audit database
- Your browser's user-agent string, if you submit it (used only to debug rendering issues)
If you opt in to email a copy
- Your email address is stored in a separate table from the audit answers, linked by audit ID
- It is used to send the requested audit copy and, occasionally, updates from Cory when something useful publishes
- Unsubscribe by replying STOP to any email, or by emailing cory@systemwyze.com
What we don't collect
- Your name, phone number, business name, or specific revenue figure
- Anything from third-party ad networks, fingerprinting libraries, or session-replay tools
- Your IP address in the audit record itself (it's used only at the edge for throttling)
- Cookies beyond what Cloudflare's edge needs to route the request
How long we keep it
- Audit answers: kept indefinitely so we can study patterns across submissions and improve the audit. Anonymized — there's no PII in this dataset.
- Email addresses: kept until you unsubscribe or ask for deletion.
- Rate-limit cache: 48 hours, then auto-expires.
Who else sees it
- OpenAI — the audit answers (anonymized) are sent to OpenAI's GPT-4o API to generate your personalized report. OpenAI's API terms state submitted data is not used for training. OpenAI's API data usage policies.
- Cloudflare — hosts the audit page, Worker, database, and routing. Standard edge logs apply (IP, request path, response code; retention per Cloudflare's policy).
- Resend — handles the email if you opt in. Email + audit ID + report content are sent through their API to deliver your copy. Resend's privacy policy.
- No one else. No data brokers, no ad networks, no analytics resellers.
Your rights
- Ask for a copy of what's stored about you — email cory@systemwyze.com with the audit ID from your report email
- Ask for deletion — same address. The audit answers can be deleted by audit ID; email opt-ins by email address
- If you're an EU/UK resident, you have rights under GDPR/UK-GDPR (access, rectification, erasure, objection). Same email gets to me.
Children
The audit is for business owners; the form is not directed at anyone under 18. If you believe a minor has submitted answers, email me and I'll delete the record.
Changes to this page
If this page changes meaningfully, the date at the top will update. The current public history of changes lives in the deploy log.
Questions
Email cory@systemwyze.com — I read every reply. No bots.