Your Privacy, Your Control

At Privyy, privacy isn't just a feature—it's our foundation. This Privacy Policy explains how we collect, use, and protect your information when you use our service.

We've designed Privyy with a zero-knowledge architecture, which means we cannot see your data even if we wanted to. Your conversations, files, and sensitive information are encrypted before they reach our servers.

By using Privyy, you trust us with your data. We take that trust seriously and are committed to protecting your privacy.

Account Information: When you sign up, we collect basic information like your email address and any profile information you choose to provide.

Usage Data: We collect information about how you use Privyy, such as which features you use and when you access the service. This helps us improve the platform.

Technical Data: We collect technical information like your IP address, browser type, device information, and operating system. This is standard practice for web services.

Content Data: Your conversations, uploaded files, and other content you create on Privyy. This data is encrypted and stored securely. We cannot see the contents due to our zero-knowledge architecture.

We do NOT collect: Payment information (handled by secure third-party processors), location data beyond what's necessary for service delivery, or any data from third-party services you haven't explicitly connected.

To Provide the Service: We use your data to deliver Privyy's features, process your requests, and maintain your account.

To Improve the Service: We analyze usage patterns (in aggregate, anonymized form) to understand how to make Privyy better. We never analyze your individual conversations or files.

To Communicate: We may send you service-related emails, such as account updates, security alerts, or important announcements. You can opt out of marketing emails.

To Ensure Security: We monitor for security threats and fraudulent activity to protect you and our service.

What We DON'T Do: We never sell your data. We never use your conversations or files to train AI models. We never share your data with third parties for advertising purposes. We never access your encrypted content.

Encryption at Rest: All your data is encrypted using AES-256 encryption before it's stored on our servers. This means even if someone gained physical access to our servers, they couldn't read your data.

Encryption in Transit: All data transmitted between your device and our servers is encrypted using TLS 1.3, the latest and most secure encryption protocol.

Zero-Knowledge Architecture: Your encryption keys are generated on your device and never transmitted to our servers in plaintext. We cannot decrypt your data even if we wanted to.

Data Location: Your data is stored in secure data centers. We may use cloud infrastructure providers that meet our security standards.

Backups: We maintain encrypted backups of your data to ensure availability and disaster recovery. These backups are also encrypted and follow the same security standards.

We do not sell, rent, or trade your personal information to third parties.

We may share data only in these limited circumstances:

• Service Providers: We work with trusted service providers (like hosting providers) who help us operate Privyy. These providers are contractually bound to protect your data and can only use it to provide services to us.

• Legal Requirements: If required by law, court order, or government regulation, we may disclose information. We'll notify you when legally permitted.

• Business Transfers: If Privyy is acquired or merged, your data may be transferred as part of that transaction. We'll notify you of any such change.

• With Your Consent: We'll only share your data with third parties if you explicitly consent.

Access Your Data: You can access all your data through your Privyy account. You can view your conversations, files, and account information at any time.

Export Your Data: You can export your data in a machine-readable format. This includes your conversations, files, and account information.

Delete Your Data: You can delete your account and all associated data at any time. When you delete your account, we'll remove your data from our active systems. Some data may remain in encrypted backups for a limited time as part of our disaster recovery procedures.

Correct Your Data: You can update or correct your account information at any time through your account settings.

Opt-Out: You can opt out of marketing communications while still receiving important service-related messages.

Data Portability: You have the right to receive your data in a portable format and transfer it to another service.

We are committed to complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Legal Basis: We process your data based on: (1) your consent when you sign up, (2) our legitimate interest in providing and improving the service, and (3) contractual necessity to deliver the services you've requested.

Your GDPR Rights: As a data subject, you have the right to:

• Access your personal data

• Rectify inaccurate data

• Erase your data ("right to be forgotten")

• Restrict processing

• Data portability

• Object to processing

• Withdraw consent at any time

To exercise these rights, contact us at privacy@privyy.io. We'll respond within 30 days.

Note: While we're working towards formal GDPR compliance certification, our practices already align with GDPR principles. We're committed to achieving full compliance and will update this policy as we obtain certifications.

Active Accounts: We retain your data for as long as your account is active. You can delete your account at any time.

Deleted Accounts: When you delete your account, we remove your data from active systems immediately. However, some encrypted data may remain in backups for up to 90 days as part of our disaster recovery procedures. After this period, all data is permanently deleted.

Legal Requirements: We may retain certain data longer if required by law or for legitimate business purposes (such as fraud prevention).

Aggregate Data: We may retain anonymized, aggregate data indefinitely for analytics and service improvement purposes. This data cannot be used to identify you.

We implement industry-standard security measures to protect your data:

• Encryption at rest for all sensitive data

• Regular security audits and penetration testing

• Secure data centers with physical security controls

• Access controls and authentication requirements

• Monitoring and incident response procedures

• Employee training on data protection

• Regular software updates and security patches

However, no method of transmission or storage is 100% secure. While we do our best to protect your data, we cannot guarantee absolute security.

We use cookies and similar technologies to provide and improve our service. We use:

• Essential cookies: Required for the service to function (authentication, security)

• Analytics cookies: To understand how users interact with Privyy (anonymized)

• Preference cookies: To remember your settings and preferences

You can control cookies through your browser settings. However, disabling certain cookies may affect the functionality of the service.

We do not use third-party advertising cookies or tracking pixels for advertising purposes.

Privyy is not intended for users under the age of 18. We do not knowingly collect personal information from children.

If you believe we have collected information from a child, please contact us immediately at privacy@privyy.io, and we'll take steps to delete that information.

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements.

We'll notify you of significant changes by email or through a prominent notice on our website. The "Last Updated" date at the top of this page indicates when the policy was last revised.

Your continued use of Privyy after changes become effective means you accept the updated policy.

If you have questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:

Email: privacy@privyy.io

We're committed to transparency and will respond to your inquiries promptly.

For GDPR-related requests, we'll respond within 30 days as required by law.