ajo_agent
Get started
Legal

Privacy Policy

What we collect, why, and what you can do about it. We don't train on your data — ever.

Last updated May 8, 2026

This Privacy Policy explains how ajo_agent(“we”, “us”) collects, uses, shares, and protects information when you use the Service.

1. What we collect

Information you provide

  • Account info — name, email, hashed password, optional avatar.
  • Customer Data — prompts, documents you upload, chat conversations, knowledge base content.
  • Billing info — handled by our payment processor (Stripe). We never see your card number.
  • Support correspondence — when you email us.

Information collected automatically

  • Usage data — request paths, response times, feature usage, error stack traces.
  • Device data — browser, OS, IP address (for security and rate limiting).
  • Cookies — see our Cookie Policy.

2. Why we use it

  • To operate, maintain, and improve the Service;
  • To process subscriptions and prevent fraud;
  • To send transactional email (account, billing, security alerts);
  • To respond to support requests;
  • To detect abuse and enforce our Terms.

3. AI processing

When you use AI features, your prompts and the relevant context are sent to our configured model providers (e.g. OpenAI, Anthropic, Google) for processing. We choose providers that contractually agree not to use your data for training.

We don't train any of our own models on your data.

4. Data sharing

We share data only with:

  • Sub-processors we use to operate the Service (hosting, model providers, payment processor, email delivery, error monitoring). A current list is available on request.
  • Authoritiesif required by law, but we'll push back where we can and notify affected users where legally permitted.
  • An acquirer in the event of a merger or sale, with continuing obligations under this Policy.

5. Retention

We keep Customer Data for as long as your account is active. After deletion, backups are purged within 30 days. Logs and metrics are retained up to 90 days for security and operational analysis.

6. Your rights

Depending on where you live, you may have rights to access, correct, delete, or export your personal data, and to object to or restrict certain processing. Email privacy@example.com to exercise them. We respond within 30 days.

7. International transfers

We host primarily in the EU. Where data is processed outside your country, we rely on standard contractual clauses or equivalent safeguards.

8. Security

We use TLS in transit, AES-256 at rest, role-based access control, and audit-logged admin actions. See the Security page for details.

9. Children

The Service isn't directed to children under 16. We don't knowingly collect information from them.

10. Changes

We'll notify you in-app or via email before any material change takes effect. Continued use after the effective date constitutes acceptance.

11. Contact

Questions or requests: privacy@example.com.