Skip to main content
Legal

Privacy Policy

Last updated: December 1, 2024

Our Core Commitment

Your data is yours. We do not use your conversations to train AI models. We do not sell your data. We do not share your data except as required to provide our services or comply with law.

1. Information We Collect

1.1 Account Information

When you create an account, we collect your email address, name (optional), and payment information (processed securely by our payment provider). We use this information to provide and manage your account.

1.2 Conversation Data

We store the conversations you have with AI models through our platform. This data is necessary to provide core functionality including conversation history, search, and continuity. Your conversation data is:

  • Never used to train AI models — We have contractual agreements with all model providers prohibiting training on your data
  • Encrypted at rest and in transit — Using AES-256 and TLS 1.3
  • Accessible only to you — Unless you explicitly share
  • Deletable upon request — You can delete your data at any time

1.3 Usage Data

We collect anonymized usage data to improve our service, including feature usage patterns, error logs, and performance metrics. This data cannot be used to identify individual users or reconstruct conversations.

1.4 Uploaded Files

Files you upload for AI analysis are processed to provide the requested functionality. Files are stored securely with the same protections as conversation data and are not used for any purpose other than serving your request.

2. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve our services
  • Process transactions and send related information
  • Send technical notices, updates, and support messages
  • Respond to your comments, questions, and requests
  • Monitor and analyze trends, usage, and activities
  • Detect, investigate, and prevent security incidents
  • Comply with legal obligations

3. How We Share Your Information

We share your information only in the following circumstances:

3.1 AI Model Providers

When you send a message, that message is transmitted to the AI model provider (e.g., OpenAI, Anthropic, Google) to generate a response. We maintain enterprise agreements with all providers that explicitly prohibit them from using your data to train their models.

3.2 Service Providers

We use trusted third-party services for payment processing, email delivery, and infrastructure. These providers are contractually obligated to protect your data and use it only for providing services to us.

3.3 Legal Requirements

We may disclose your information if required by law, subpoena, or other legal process, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

3.4 Business Transfers

If AOCodex is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

4. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption at rest (AES-256) and in transit (TLS 1.3)
  • Regular security audits and penetration testing
  • Access controls and authentication requirements
  • Monitoring and alerting for suspicious activity
  • Employee security training and background checks

5. Data Retention

We retain your data for as long as your account is active or as needed to provide services. You can delete your conversations at any time. Upon account deletion, we remove your data within 30 days, except where retention is required by law.

6. Your Rights

Depending on your location, you may have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your information
  • Export your data in a portable format
  • Opt out of certain data processing
  • Lodge a complaint with a supervisory authority

To exercise these rights, contact us at privacy@aocodex.ai.

7. International Data Transfers

AOCodex is based in the United States. If you access our services from outside the US, your data may be transferred to and processed in the US. We implement appropriate safeguards for international transfers, including Standard Contractual Clauses where applicable.

8. Children's Privacy

AOCodex is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the service. Your continued use of AOCodex after changes become effective constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Don't Panic Consulting

Email: privacy@aocodex.ai

Brunswick, Maine, USA