Privacy

Privacy Policy

Last updated 2026-05-30

Who we are

Friday (“we”, “us”) is a product of StarkSphere Labs Umbrella FZ-LLC. We provide an embeddable AI assistant that website owners install on their sites to help their visitors.

If you are a visitor chatting with Friday on someone else's website, the website owner is the data controller; we are the processor. If you are a website owner with a Friday account, we are the controller for your account data.

What we collect

From visitors (people chatting with Friday):

  • Identity you give us through the chat: name, email, optional phone number.
  • The messages you send and Friday's replies.
  • A first-party cookie (fr_vid) that identifies your session for up to 90 days.
  • The page URL you're on when chatting, page title, and a short text excerpt (≤ 4 KB) from the visible page so Friday can answer questions about it.
  • Any actions Friday takes for you on the site (clicks, form fills, navigations) — recorded as an audit log so the site owner can review what Friday did.

From website owners (Friday account holders):

  • Email address (via Supabase Auth), optional name.
  • Site URLs you connect, content you upload (PDFs, text), workspace settings.
  • Billing data (handled by Stripe — we don't see card numbers).

What we don't collect

  • Anything from form fields marked as password, credit card, or sensitive (the widget actively skips these).
  • Anything in DOM elements marked with data-friday-deny by the site owner.
  • Browser fingerprints, IP geolocation, advertising identifiers — we don't sell or share data with ad networks.

Who we share data with

To answer visitor questions, message content is sent to AI providers as the technical processing step:

  • Anthropic (Claude) — primary AI provider. Anthropic does not train on the data sent to us.
  • Google (Gemini) — used as fallback. Same no-training stance.
  • Supabase — hosts the database (visitor messages, audit logs, account data).
  • Vercel — hosts the application servers.
  • Stripe (when paid plans are introduced) — handles payments.

We never sell visitor data. We never use it to train our own models.

How long we keep it

  • Visitor messages: retained for the lifetime of the website owner's account, or until the visitor requests deletion (whichever is shorter).
  • Visitor identity (name / email / phone): kept until the visitor requests deletion via the website owner.
  • Audit logs of actions Friday took: retained 90 days for support / debugging, then aggregated.
  • The fr_vid cookie: 90 days; resets on clearing browser cookies.

Your rights

If you're an EU/UK/California resident, you have the right to access, correct, export, or delete your data. To exercise these rights:

  • If you're a visitor: contact the website owner whose Friday widget you used (they hold the controller relationship). Or email us at support@starkspherelabs.com and we'll route the request.
  • If you're a Friday account holder: email support@starkspherelabs.com or delete your account from the dashboard.

We respond to verifiable requests within 30 days.

Cookies + tracking

Friday sets one first-party cookie on the host site: fr_vid (90 days, SameSite=Lax). It identifies a returning visitor so Friday remembers them across visits. It is not used for advertising and is not shared with third parties.

If the host website uses a cookie-consent banner, Friday respects its decisions: when consent is rejected, the cookie isn't set and Friday operates as a stateless guest each visit.

Security

Data is transmitted over TLS, stored encrypted at rest by Supabase, and accessible to our team via least-privilege service roles. We log access for audit. No system is perfectly secure — but we treat your data like our own.

Changes to this policy

We'll post material changes here with a new “Last updated” date. For substantial changes (e.g. adding a new processor), we'll notify Friday account holders by email.

Contact

Questions, requests, or concerns: support@starkspherelabs.com

StarkSphere Labs Umbrella FZ-LLC — Dubai, UAE.

Terms of Service · Back to Friday