Privacy Policy

Last updated: March 27, 2026

1. Data Controller

The AI Check ("AIC," "we," "us," or "our") is the data controller responsible for your personal data. You can reach us at:

If AIC is required to appoint an EU Representative under GDPR Article 27, that appointment and contact details will be published here.

2. What Data We Collect

CategoryDataPurposeLegal Basis (GDPR)
Account dataEmail address, hashed passwordAuthenticationContract (Art. 6(1)(b))
Profile dataDisplay name, avatar URL, subscription tier, notification preferencesPersonalizationContract (Art. 6(1)(b))
Encrypted vault contentCiphertext of AI chat history; wrapped encryption keysCore serviceContract (Art. 6(1)(b))
Billing dataStripe customer ID, subscription statusBillingContract (Art. 6(1)(b))
Extension sync metadataPlatform name, timestamp, turn count, sync statusDiagnosticsLegitimate interest (Art. 6(1)(f))
AnalyticsAnonymized page views, events — no personally identifiable informationProduct improvementLegitimate interest (Art. 6(1)(f))
Support dataSupport ticket content, correspondenceCustomer supportContract (Art. 6(1)(b))

Extension scope: The Universal Bridge Extension only activates on supported AI platform domains (Gemini, ChatGPT, Claude, Grok). It does not track, collect, or monitor your general web browsing history, and has no access to websites outside of these specific platforms.

What We Do NOT Collect

  • AI conversation content in plaintext. We store only ciphertext encrypted on your device. We cannot read your archived conversations.
  • User API keys in plaintext. BYOK keys are encrypted with your master key on your device. We store only the encrypted form.
  • Google Analytics, Facebook Pixel, or any advertising technology. We do not use third-party tracking or advertising networks.
  • We do not sell your data. Not now, not ever.

3. The Zero-Knowledge Vault

AIC uses a zero-knowledge encryption architecture called the Zurich Protocol. Your AI chat history and any BYOK API keys are encrypted on your device using AES-GCM-256 encryption before being transmitted to our servers.

  • AIC receives and stores ciphertext only.
  • AIC staff cannot read, access, or produce your vault content in plaintext under any circumstance.
  • AIC cannot provide vault content to third parties, law enforcement, or any government agency in readable form. Valid legal process requests produce only ciphertext.
  • If you lose your master encryption key, your vault content is permanently inaccessible. AIC cannot recover it.

For a visual explanation of how the Zurich Protocol protects your data, see our Security page.

4. How We Use Your Data

  • Account data: Authentication, password reset, subscription tier enforcement.
  • Encrypted vault data: Storage and retrieval as directed by you. We cannot read or process the content.
  • Billing data: Subscription management via Stripe.
  • Analytics: Aggregated, non-identifiable product improvement metrics.
  • Support data: Resolving your support requests.

5. Data Sharing and Sub-Processors

We share data only with the service providers necessary to operate AIC. A complete list is maintained on our Sub-Processor List page. Our current sub-processors include:

  • Supabase — Database, authentication, storage (USA; EU on request for enterprise)
  • Vercel — Hosting, CDN, edge functions (USA; global edge)
  • Stripe — Payment processing (USA)
  • Resend — Transactional email delivery (USA)
  • Plausible Analytics — Privacy-first analytics; no PII, no cookies, no fingerprinting (EU)

AIC does not share data with AI providers. BYOK API calls are initiated by your device directly to the AI provider — AIC is not in that data flow.

6. International Data Transfers

AIC is operated from Canada. Our sub-processors (Supabase, Vercel, Stripe, Resend) may process data in the United States. For transfers of personal data from the European Economic Area (EEA) or the United Kingdom, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission.

Enterprise customers may request EU data residency. Contact us at [email protected] for details.

7. Data Retention

Data TypeRetention Period
Account dataDeleted within 30 days of account deletion
Encrypted vault contentCryptographic erasure immediate on deletion; row deletion within 30 days
Billing dataRetained as required by financial regulations (typically 7 years)
Support tickets3 years after closure
AnalyticsAggregated and non-identifiable; not subject to deletion requests
Inactive Free accountsAIC reserves the right to cryptographically erase vault data and delete accounts on the Free tier after 24 months of inactivity. We will send at least 30 days' email notice before any such deletion.

8. Your Rights Under GDPR

If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights:

RightHow to ExerciseResponse Time
Access (Art. 15)Dashboard data export or email request30 days
Rectification (Art. 16)Dashboard settings (self-service)Immediate
Erasure (Art. 17)Dashboard account deletion (self-service)Cryptographic erasure immediate; rows within 30 days
Portability (Art. 20)Dashboard JSON export (self-service)Self-service
Object (Art. 21)Email request to opt out of analytics30 days
ComplaintYou may contact your national supervisory authority (e.g., ICO, CNIL, BfDI)

To exercise any right, email [email protected]. We will respond within 30 days.

Important limitation: Because of our zero-knowledge architecture, AIC cannot access or produce your vault content in plaintext. If you request access to or a copy of your vault data, we can provide the ciphertext — but only you can decrypt it using your master key. We recommend using the self-service dashboard export for data portability.

9. Your Rights Under CCPA (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the CPRA, provides you with additional rights regarding your personal information.

Categories of Personal Information Collected

CCPA CategoryAIC DataCollected?
IdentifiersEmail address, account UUIDYes
Personal information (Cal. Civ. Code 1798.80)Name, account credentialsYes
Commercial informationSubscription status, purchase historyYes
Internet/electronic activitySync event metadata, anonymized page viewsYes
Encrypted contentVault ciphertext (AIC cannot access plaintext)Yes
InferencesNone — AIC does not build user profilesNo
Sensitive personal informationNone intentionally collectedNo

Sale and Sharing of Personal Information

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. This is consistent with our zero-knowledge architecture — there is nothing to sell.

Your California Rights

  • Right to Know: You may request what personal information we have collected about you. Contact [email protected]. We will respond within 45 days (extendable by an additional 45 days with notice).
  • Right to Delete: You may delete your account and all associated data through the dashboard at any time. Cryptographic erasure is immediate.
  • Right to Correct: You may correct inaccurate personal information through your dashboard settings.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of these rights.
  • Authorized Agent: You may designate an authorized agent to submit requests on your behalf. We will require written authorization and may verify your identity before processing requests submitted by agents.

Shine the Light (Cal. Civ. Code 1798.83)

AIC does not share personal information with third parties for their direct marketing purposes.

10. Your Rights Under PIPEDA (Canadian Residents)

AIC is operated from Canada and is subject to the Personal Information Protection and Electronic Documents Act (PIPEDA). As a Canadian resident, you have the following rights:

  • Access: You may request access to the personal information we hold about you. Contact [email protected]. We will respond within 30 days.
  • Correction: You may challenge the accuracy and completeness of your personal information and request corrections through your dashboard settings or by contacting us.
  • Consent withdrawal: You may withdraw consent for the collection, use, or disclosure of your personal information at any time, subject to legal or contractual restrictions. Withdrawing consent for data essential to the Service (such as account data) may require account closure.
  • Complaint: You may file a complaint with the Office of the Privacy Commissioner of Canada (OPC) at priv.gc.ca.

Cross-border transfers: Some of our sub-processors (Supabase, Vercel, Stripe, Resend) are located in the United States. Under PIPEDA, we ensure that personal information transferred outside of Canada receives a comparable level of protection through contractual arrangements with our sub-processors. Your personal information may be accessible to law enforcement and national security authorities in those jurisdictions.

11. Cookies and Tracking

AIC uses a minimal cookie footprint. We use one strictly necessary first-party cookie: the Supabase authentication session cookie. We use Plausible Analytics for privacy-first product analytics — Plausible does not use cookies, does not collect personally identifiable information, and does not fingerprint users.

We do not use third-party tracking cookies, advertising pixels, Google Analytics, or any advertising technology. For full details, see our Cookie Policy.

12. Children's Privacy

AIC does not knowingly collect personal data from anyone under the age of 18. Our Terms of Service require users to be at least 18 years of age. If we discover that we have inadvertently collected data from a person under 18, we will promptly delete their account and all associated data.

If you believe a minor has created an AIC account, please contact us at [email protected].

13. Data Breach Notification

In the event of a security breach that compromises personal data, AIC will:

  • Notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where required by GDPR (Article 33) or PIPEDA.
  • Notify affected users without undue delay if the breach poses a high risk to their rights and freedoms.
  • Provide details of the breach, its likely consequences, and the measures taken or proposed to address it.

Important context: Your vault content (AI chat history, BYOK keys) is encrypted client-side with a key AIC does not hold. In the event of a server breach, this data consists of ciphertext that is meaningless without your encryption key. However, account metadata — such as your email address, hashed password, and billing references — is not encrypted at rest and would be subject to standard breach notification requirements.

14. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will provide at least 30 days' notice via email and an in-app notification before the changes take effect. Non-material changes (such as formatting corrections) may be made without notice.

15. Contact

If you have questions about this Privacy Policy or wish to exercise your data protection rights, contact us at [email protected].

This document was last updated on March 27, 2026. It is a pre-launch draft and will be reviewed by legal counsel before becoming effective.