Privacy Policy

This Privacy Policy explains how Achiral AI collects, uses, discloses, and protects personal information when people visit our website, create accounts, use the Service, communicate with us, or interact with billing and support.

This policy focuses on personal information. Customer Content processed inside an organization's Achiral AI tenant is primarily governed by our Terms of Service, Data Processing Policy, and any applicable customer agreement.

Account information, such as name, email address, organization name, role, authentication details, account settings, administrator status, and invited-user information.

Billing and transaction information, such as billing contact details, subscription plan, invoices, tax information, and payment-provider records. Full payment card numbers are handled by our payment provider.

Communications, such as support requests, billing inquiries, security reports, survey responses, feedback, and messages exchanged with Achiral AI.

Technical and usage information, such as IP address, device and browser information, log data, session events, product telemetry, security events, integration status, and approximate location derived from technical signals.

Customer Content may include prompts, messages, documents, connector data, memory records, retrieval results, generated outputs, configuration data, and feedback submitted through an organization account.

For business accounts, Achiral AI generally processes Customer Content on behalf of the customer organization. We do not use business Customer Content to train shared foundation models unless you expressly agree in a separate written agreement or opt-in control.

We use personal information to provide, secure, maintain, troubleshoot, and improve the Service; create and administer accounts; process billing; communicate with users and administrators; provide support; detect abuse; comply with law; and enforce our terms.

We may use aggregated or de-identified information to understand product performance, reliability, security, and usage patterns. We do not attempt to re-identify de-identified information.

We may disclose personal information to service providers that help us operate the Service, such as hosting, infrastructure, analytics, billing, support, security, communications, and professional-service providers.

We may disclose information to customer administrators for the relevant organization account, to comply with law or valid legal process, to protect rights and safety, to investigate abuse or security incidents, or as part of a merger, acquisition, financing, or similar business transaction.

Organization administrators may control users, connectors, memory settings, billing settings, and support access through the product or by contacting support.

Individuals may request access, correction, deletion, export, or objection where applicable by contacting [email protected]. Some requests may need to be directed to the customer organization when we process information on that organization's behalf.

We retain personal information for as long as reasonably necessary to provide the Service, maintain security, comply with legal obligations, resolve disputes, enforce agreements, and support legitimate business operations.

Customer Content retention depends on organization settings, plan terms, connector behavior, deletion requests, backups, legal requirements, and any applicable written agreement. Additional details are in the Data Processing Policy.

We use administrative, technical, and organizational safeguards designed to protect personal information and Customer Content. These safeguards include tenant isolation, access controls, encryption, logging, monitoring, and security review practices appropriate to the nature of the Service.

No online service is completely secure. Customers are responsible for managing their own users, permissions, connected tools, credentials, and endpoint security.

We may process information in the United States and other locations where we or our service providers operate. Where required, we use appropriate transfer mechanisms or contractual protections.

Achiral AI is not directed to children and is intended for business users who are at least 18 years old. We do not knowingly collect personal information from children.

We may update this Privacy Policy from time to time. Material changes will be posted with a new last updated date and, where appropriate, notice to account administrators.

Questions or privacy requests may be sent to [email protected].