Privacy Policy

Last updated: June 30, 2026

Chavruta is a digital Beit Midrash for shared Torah study. We believe that respect for a person includes respect for their data, so we collect only the little that is needed for you to learn, write, and connect with other learners, and no more. This document explains what information is collected, for what purpose, with whom it is shared, and what rights are available to you.

1. Who We Are

The service is operated privately by Almog Hazaz ("the operator," "we"). For any privacy-related question, you may reach us at almoghazaz@gmail.com. The operator is the Data Controller for the purposes of this document.

2. What Information We Collect

a. Information you provide to us voluntarily:

  • Account details: a username, and the email address received when you sign in with Google or register with a password.
  • A password (when registering with email), which is stored only in hashed form (bcrypt) and never as plain text.
  • Optional profile details: a personal bio, an avatar, and a Hebrew and Gregorian date of birth.
  • Content you create: commentaries, insights, questions, private notes, and chat messages in the Beit Midrash and in chavrutas.

b. Information generated through your use:

  • Study activity: where you are learning, progress markers, days of activity, and the last place you visited.
  • Live presence: which text you are currently studying, for the purpose of the live Beit Midrash display shown to others. You can hide at any moment using "invisible" mode.
  • Social connections: learners you follow, notifications, and chavruta requests.

c. Technical information:

  • Your IP address, collected temporarily for security and rate-limiting purposes (preventing break-in attempts and spam) only. It is not stored together with usage data.
  • An authentication cookie that is essential for identifying your session (see Section 4).
  • Usage data: time on site and active time, pages and texts viewed, and interactions — to understand usage and improve the service. Only a coarse device category (browser and OS type) is stored, not your full browser fingerprint. This data is deleted automatically after about a year.

3. How We Use the Information

We use the information solely to operate and improve the service:

  • To identify you and to save your content and your study history.
  • To display live presence, a heatmap of study days, and learning reputation in the community.
  • To suggest chavruta matches and surface learners with shared interests.
  • To greet you on your Hebrew birthday and show your birth parashah (only if you provided a date of birth).
  • To maintain the security of the system, prevent abuse, and enforce the terms of service.

We do not sell personal information, we do not rent it, and we do not display advertising. Your information is not a product.

4. Cookies

We use only cookies that are essential to the functioning of the service: a signed session cookie (httpOnly) that identifies you after sign-in, and the service cookies of the authentication mechanism. We do not use advertising cookies, third-party tracking, or marketing profiling. Without the essential cookies, you cannot stay signed in.

5. Sharing of Information and Service Providers

We do not share personal information with third parties, except for infrastructure providers that process data on our behalf and solely for the purpose of operating the service:

  • Google: secure sign-in service (OAuth), when you choose to sign in with a Google account.
  • Neon: database storage (managed PostgreSQL).
  • Railway: hosting of the application and the real-time service (presence and chat).

We will also disclose information if required to do so by law, by court order, or in order to protect the rights, safety, and security of users and of the service. Sefaria serves solely as the source of the study texts and does not receive any personal information about you.

6. Public Content and Visibility

Some information is visible to others by the very nature of a Beit Midrash: commentaries and replies you post as "public," your username, your avatar, your learning reputation, and live presence (unless you have enabled "invisible" mode). Notes you mark as "private" are kept in your personal notebook alone and are not shown to others. Always consider what you choose to publish publicly.

7. Information Security

We take customary measures to protect the information: traffic encryption (HTTPS), passwords hashed with bcrypt, cryptographically signed session cookies, and rate-limiting against break-in attempts. That said, no system is entirely immune, and we cannot guarantee absolute security. Keep your login credentials confidential.

8. Data Retention and Deletion

We retain the information for as long as your account is active and as needed to operate the service. Usage and analytics data (activity events and sessions) is deleted automatically after about 12 months, via a scheduled task. When you close your account, your personal identity details and private notebook are deleted. The public contributions you made (commentaries, insights, questions) remain in the database with your name forever — as part of preserving the beit midrash — and cannot be deleted or anonymized (see also the Terms of Use).

9. Your Rights

At any time you may:

  • Review your details and edit your profile, avatar, and date of birth.
  • Delete your private notebook and make notes private.
  • Enable "invisible" mode to hide your live presence.
  • Export a copy of your data, and close your account — identity details and the private notebook are deleted, and public contributions remain with your name.

To exercise any of these rights, contact almoghazaz@gmail.com. We will handle the request within a reasonable time.

10. Minors

The service is intended for Torah study and is open to learners of all ages. We do not knowingly collect sensitive information from minors beyond what is required to operate the account. If you are a minor, use the service with the permission and guidance of a parent or guardian.

11. International Data Transfer

Our infrastructure providers may store and process data on servers outside your country. By using the service, you consent to such transfer and processing, subject to the security measures described in this document.

12. Changes and Contact

We may update this policy from time to time. A material change will be posted on the website, and continued use after the update constitutes acceptance of the revised version. For any question: almoghazaz@gmail.com.