Privacy Policy
ReliaSim, a ChiAha™ product · Last updated 2026-05-21
The short version
ReliaSim is a free public walkthrough + MCP server for the ReliaSim discrete-event manufacturing-line simulation framework. The real product is desktop software that runs on your network — your line data never leaves your machine. This site collects only the minimum needed to run the walkthrough chat, process licensing signups, and prevent abuse. We do not retain chat content, do not sell or share your data with advertisers, and do not use your inputs to train AI models.
Contents
1. What we collect
1.1 Operational telemetry (every visitor)
- IP address — processed in memory by the rate limiter and appears in Fly.io's platform HTTP access logs (retained per Fly's standard log window, up to 30-90 days). IP is not written to durable files on our side.
- User-agent string — appears in Fly's transient HTTP access logs only; not persisted by us.
- Timestamp, request path, response status, response time — standard HTTP access logging.
1.2 On-page AI chat (/sandbox and the walkthrough chat)
If you use the chat widget on /sandbox or the per-step chat on the walkthrough pages, the following happens:
- Your message is sent to Anthropic via their Messages API to generate a response from Claude. Anthropic's API does not train its public models on traffic from API calls by default; see Anthropic's data-use policy linked below.
- Your message and the assistant's response are not persisted to our durable storage. We only record per-turn metadata: timestamp, a non-reversible session hash (SHA-256 of your IP + user-agent bucket, first 16 hex chars), the chapter/scenario context, input/output token counts, and a proposals-fired count. This metadata is purged after 90 days by an automatic retention cron.
- Chat is rate-limited to 20 messages per rolling 24 hours per IP and capped at a monthly inference-spend budget.
- If a user opens the chat to ask a follow-up that includes copy-pasted content, that content is sent to Anthropic for the turn but is not stored on our side after the response is generated.
- Optional content capture — Report link. Each assistant response has a small Report this response link. If you click it, a modal opens; if you submit it, we persist that specific exchange (your message, the assistant's response, your free-text note, and the chapter context at the time of the click) to a separate file (
/data/reports.jsonl) for product debugging. No content is persisted unless you click Submit on that modal. Reports are subject to the same 90-day retention.
1.3 Public MCP API (reliasim.com/mcp)
ReliaSim publishes a public Model Context Protocol server at reliasim.com/mcp, intended for use from Claude / ChatGPT / Cursor / other MCP clients. It exposes seven read-only tools that return canned reference numbers from real dys-cli engine runs against authoritative .aidos models (eight chapters across two curriculum tracks — Constraint-Level and LEDS-Level).
| Tool | Input | Returns |
|---|---|---|
find_bottleneck | chapter id | Single Run bottleneck analysis: worst-availability node, per-interrupt downtime split, throughput, OEE |
get_chapter_facts | chapter id | Topology, rate limits, interrupt distributions, expected efficiency |
get_chapter_narrative | chapter id | Long-form narrative — what the chapter adds to the complexity ladder |
run_gain_loss | chapter id | Gain/Loss experiment — per-interrupt production recovered |
run_buffer_tradeoff | chapter id, buffer id | Buffer-size sweep showing diminishing-returns elbow |
explain_concept | concept name | Definitional primer on framework concepts |
compare_chapters | two chapter ids | Side-by-side comparison of tracks, topology, OEE, throughput |
There is no authentication, signup, account, or payment surface on the MCP endpoint. The endpoint is rate-limited per IP. The MCP path does not persist per-tool-call records to disk; the only durable records of MCP traffic are the standard HTTP access logs in Fly's platform window.
1.4 Signup / get-started form (/signup, only if you submit it)
- If you submit your email through the signup form, we pass it to the ChiAha gateway service (HMAC-signed) which forwards into our CRM (ActiveCampaign) for product-update emails and licensing follow-up.
- You can unsubscribe at any time via the link in any email we send.
1.5 Analytics
- We use Google Tag Manager (container
GTM-NL7VDMTV) and Google Analytics 4 to count pageviews, traffic sources, and aggregate usage. GA4 collects standard browser/device fingerprints; IP anonymization is enabled where supported.
2. What we do NOT collect
- No client manufacturing-line data. The ReliaSim product is desktop software by design — your .aidos models, line data, OEE numbers, and what-if results stay on your machine. The public walkthrough chat answers questions about the bundled reference chapters only.
- No account data on this site. Authentication for the desktop product is separate.
- No payment data. Pricing and licensing happen via the ChiAha sales process.
- No chat content stored. Per-turn aggregates only (timestamp, session hash, token counts).
- No third-party advertising trackers. No retargeting pixels, no ad-network beacons.
- No sensitive personal information. We do not request or collect race, religion, sexual orientation, health, financial, biometric, or precise geolocation data.
3. How we use what we collect
- Run the chat coach and MCP server against bundled reference chapters.
- Detect and prevent abuse (rate-limit floods, scraping).
- Compute aggregate site analytics for product decisions.
- Send you licensing and product emails if you submitted the signup form.
We do not use any of the data we collect for advertising, profiling, or automated decisions that produce legal or similarly significant effects on you.
4. Who we share data with
- Fly.io — hosts the application and the standard HTTP access logs. fly.io/legal/privacy-policy
- Anthropic — processes on-page chat messages and walkthrough chat messages via their Messages API. anthropic.com/legal/privacy
- OpenAI — if you invoke our MCP from ChatGPT or another OpenAI platform, your inputs pass through OpenAI's pipeline. openai.com/policies/privacy-policy
- Other MCP clients — if you invoke our MCP from Cursor, Smithery, Glama, or any other third-party client, that client's privacy policy governs its handling of your inputs before they reach us.
- ActiveCampaign — receives your email for the product-update list (only if you submitted the signup form). activecampaign.com/legal/privacy-policy
- Google (Tag Manager + Analytics 4) — receives aggregate site analytics. policies.google.com/privacy
We do not sell, rent, or trade your data. We do not "share" personal information for cross-context behavioral advertising as that term is defined under California law.
5. AI model training
- We do not use any of the data we collect to train AI models. Your chat messages, walkthrough questions, signup submissions, and analytics are not used to train Claude or any other model on our side.
- Anthropic processes API traffic. Per Anthropic's published policy, Anthropic does not train its public models on API traffic by default.
- OpenAI / other MCP clients have their own data-use policies.
6. Cookies
| Cookie | Source | Purpose | Lifetime |
|---|---|---|---|
_ga | Google Analytics 4 (via GTM) | Distinguishes unique visitors | ~2 years |
_ga_<property-id> | Google Analytics 4 (via GTM) | Session state for GA4 | ~2 years |
We do not set any advertising or cross-site tracking cookies.
7. Retention
Durable storage is automatically aged out via a background retention service that runs every 24 hours.
| What | Where | Retention |
|---|---|---|
| HTTP access logs (IP, UA, path, status) | Fly.io platform logs | Up to 90 days (Fly's standard log window) |
| Chat-history JSONL (aggregate metadata only — no message content) | /data/chat-history.jsonl | 90 days, enforced by retention cron |
| Reports (user-submitted chat content via the Report link) | /data/reports.jsonl | 90 days, enforced by retention cron |
| In-memory rate-limit state and counters | Application memory | Resets on every server restart |
| Signup list | ActiveCampaign | Until you unsubscribe, then suppressed |
| GA4 aggregate analytics | Google Analytics property | 14 months (configured GA4 default) |
8. Your rights and how to exercise them
To exercise a right, email reliasim@chiaha.com and include:
- What action you want. Common options: access, deletion, correction, opt-out of analytics, unsubscribe.
- Any identifier we'd have on file. For email requests, your email. For chat / MCP requests, the approximate date/time and the IP you were using.
We respond within 5 business days.
9. International users (GDPR, UK GDPR)
ReliaSim is operated from the United States. If you are accessing from the EEA, UK, or another jurisdiction with similar data-protection laws, your data is transferred to and processed in the United States.
Lawful bases (under GDPR Article 6):
- Legitimate interest — operational telemetry, rate limiting, abuse prevention, aggregate analytics.
- Consent — signup form submission. Withdraw any time by emailing us or unsubscribing.
10. California users (CCPA / CPRA)
- Categories collected: identifiers (IP, email if you submit the form), internet/network activity (UA, request paths, GA4 cookies). No sensitive personal information.
- Sources: directly from you, from automated server logs.
- Sale or sharing: we do not sell or share personal information for cross-context behavioral advertising.
- Rights: access, deletion, correction, opt-out of sale or sharing (not applicable since we don't do so). Email reliasim@chiaha.com.
11. Children's privacy
ReliaSim is not directed to children under the age of 13. We do not knowingly collect personal information from anyone under 13. If you are a parent or guardian and believe your child has provided us with personal information, contact us and we will delete it.
12. Security
Infrastructure runs on Fly.io with TLS terminating at the edge. There are no user passwords or accounts on the marketing site. The MCP and chat endpoints are rate-limited; the chat endpoint is additionally budget-capped. The retention service automatically purges rows older than 90 days from durable storage.
13. Changes to this policy
If we make material changes, we'll update this page and revise the "Last updated" date above.
14. Contact
Questions, requests, or concerns: reliasim@chiaha.com. We aim to respond within 5 business days.