ComplexityLab

Privacy Policy

Effective June 9, 2026

Who we are

ComplexityLab (“we”, “us”) is an interactive web application for learning algorithms and computational complexity. For any privacy-related questions, requests, or concerns, you can contact the ComplexityLab team at:

What we collect

Account data. Sign-in is handled by Clerk using Google. We receive your name, email address, and profile picture from your Google account. We never see or store a password.

Content you create. Code you submit to the analyzer is processed to produce a complexity result. It is stored only when you explicitly save an analysis or a snippet; otherwise it is discarded after the analysis completes. Saved analyses and snippets are private to your account.

Profile settings. An optional display name and a preferred programming language.

Technical data. Server logs for security and reliability (timestamps, account identifier, selected language, code size, result class, durations, and rate-limit events). We do not log the content of your code.

How we use it

To operate the product (run analyses, store what you save, show your dashboard), to keep the service secure (authentication, rate limiting, abuse prevention), and to fix problems (error logs). We do not sell your data and we do not use it for advertising.

When AI-assisted analysis is enabled, the code you submit is sent to our AI inference provider (Groq, Inc.) solely to produce your analysis result.

Cookies

We use a small set of strictly functional cookies:

  • __session and related Clerk cookies — keep you signed in (essential).
  • cl-consent — remembers that you accepted this policy (essential).
  • theme (localStorage) — remembers your light/dark preference.

We do not use advertising or cross-site tracking cookies. Because the essential cookies are required for the service to function, you must accept them to use ComplexityLab.

Who processes your data

We rely on these service providers, each receiving only what they need to perform their function:

  • Clerk (authentication and session management)
  • Google (sign-in identity provider)
  • Supabase (database hosting for your saved content)
  • Vercel (application hosting and logs)
  • Groq (AI inference, only when AI analysis is enabled)

Retention and deletion

Saved analyses and snippets are kept until you delete them. You can delete individual items from their pages, or remove everythingat once from Settings → Account → Danger zone (“Delete all lab data”). Deleting your data there is immediate and irreversible. To remove your sign-in identity as well, contact us at tirth2093@gmail.comor remove the app’s access from your Google account.

Your rights

Depending on where you live (e.g. GDPR in the EU/UK, CCPA in California), you may have rights to access, correct, export, or delete your personal data, and to object to or restrict certain processing. Exercise them via the in-app deletion tools or by emailing tirth2093@gmail.com. We respond within 30 days.

Security

All traffic is encrypted in transit (HTTPS). Database access is restricted to server-side code with row-level security enabled, and privileged keys are never shipped to the browser. API endpoints are authenticated and rate-limited.

Children

ComplexityLab is not directed at children under 13 (or the minimum age in your jurisdiction), and we do not knowingly collect their data. If you believe a child has used the service, contact us and we will delete the data.

Changes

If we materially change this policy, we will update the effective date above and ask for your consent again on your next visit.