Privacy Policy

Our Commitment

At Aetherion, privacy is not a feature -- it is the foundation. Your conversations, memories, and personal data belong to you. We employ zero-knowledge encryption, never sell your data, and never use it to train AI models. This policy explains exactly how we handle your information.

Information We Collect

Account Information: Your name, email address, phone number (if you opt in to SMS), and authentication credentials when you create an account.

Conversation Data: Messages exchanged with your AI companion are encrypted and stored in your private vault. We cannot read this data.

Memory Entries: Information your companion remembers about you is encrypted per-user and stored separately from your conversations.

Usage Data: Basic analytics such as session duration and feature usage to improve the Service. This data is anonymized and never linked to your personal content.

How We Protect Your Data

Encryption at Rest: All personal data is encrypted using per-user keys derived from a zero-knowledge architecture. Even our team cannot access your content.

Encryption in Transit: All communications use TLS 1.3 encryption.

PII Scrubbing: Sensitive information such as social security numbers, credit card numbers, and phone numbers are automatically detected and scrubbed before storage.

No AI Training: Your data is never used to train, fine-tune, or improve any AI model -- ours or any third party's. We maintain explicit no-training agreements with all AI providers.

How We Use Your Information

We use your information solely to provide and improve the Service. Specifically:

• To operate your AI companion and maintain your memory vault
• To authenticate your identity and secure your account
• To send service-related communications (billing, security alerts)
• To improve service reliability and performance (anonymized data only)

SMS & Phone Number Data

If you opt in to SMS notifications, we collect and store your phone number solely for the purpose of delivering messages you have requested. Your phone number is:

• Encrypted at rest alongside your other account data
• Never sold, rented, or shared with third parties for marketing
• Never used for purposes beyond delivering Aetherion notifications
• Shared only with our SMS delivery provider (Twilio) under a data processing agreement for the sole purpose of message delivery

You may revoke SMS consent at any time by replying STOP or disabling SMS in your account settings. Upon opting out, we retain your phone number only for the purpose of honoring your opt-out preference. For full details, see our SMS Terms & Conditions.

What We Never Do

• Sell, rent, or share your personal data with third parties
• Use your conversations or memories for AI model training
• Display targeted advertising based on your content
• Access your encrypted data without your explicit authorization
• Retain your data after you request deletion

Third-Party Services

We use the following third-party services to operate Aetherion. Each operates under strict data processing agreements:

• Supabase: Database hosting and authentication
• OpenAI / Anthropic: AI model inference (no training on your data)
• Twilio: SMS message delivery (opted-in users only)
• Cloudflare: CDN and DDoS protection
• Google: OAuth 2.0 for optional Gmail and Google Calendar integration (see below)

Google Email & Calendar Integration

You may optionally connect your Google account to access Gmail and Google Calendar within Aetherion. This connection uses Google's OAuth 2.0 protocol and requires your explicit consent.

What we access: With your permission, we access your Gmail messages (read-only), the ability to compose and send emails on your behalf, and your Google Calendar events. We also retrieve your Google email address to identify your connected account.

How we store credentials: Your Google OAuth tokens are encrypted at rest using per-user encryption keys. We never store your Google password.

How we use your data: Email and calendar data is used solely to display information in your dashboard and to enable your AI companion to draft or send messages at your request. This data is never used for AI model training, advertising, or any purpose beyond providing the Service to you.

Revoking access: You may disconnect your Google account at any time from your profile page. You may also revoke access directly from your Google Account settings. Upon disconnection, we delete your stored Google tokens immediately.

No training: Your email and calendar data is never used to train, fine-tune, or improve any AI model.

Data Retention and Deletion

Your data is retained for as long as your account is active. You may request complete data deletion at any time. Upon confirmed deletion, we permanently remove all your data from our systems within 30 days, including backups. This includes conversations, memory entries, personal information, and authentication data.

Your Rights

You have the right to:

• Access all data we hold about you
• Request correction of inaccurate data
• Request complete deletion of your data
• Export your data in a portable format
• Withdraw consent for optional data processing at any time

Children's Privacy

Aetherion is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from minors.

Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notification at least 30 days before taking effect.

Contact

For privacy-related questions or data requests, please contact us at kateparker@shethrivesmarketing.com.