Privacy Policy

AIBA Technologies ("AIBA," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AIBA application and services (collectively, the "Service").

1. Information We Collect

We collect information in the following ways:

A. Information You Provide to Us

• Account Information: When you create an account, we collect your email address and a securely hashed password.
• User Content: We collect the content you create and store within the Service, including conversation transcripts, contacts, notes, and any external API keys you provide.
• Voice Data: When you use our voice chat feature, your voice audio is processed in real-time by your browser's speech recognition service to generate a text transcript. We do not store or retain the raw audio files of your conversations. The resulting text transcript is stored as part of your User Content.
• Communications: If you contact us directly, we may receive additional information about you such as your name, email address, and the contents of your message.

B. Information We Collect Automatically

• Log and Usage Data: We collect information that your browser or device sends automatically, such as your IP address, browser type, operating system, and the dates and times of your requests. We use this information for security, debugging, and to analyze trends to improve the Service.
• Guest User Data: For non-registered "Guest" users, we store a temporary, hashed, or anonymized identifier based on your IP address to enforce our daily message limit. This identifier is not linked to any other personal information and is periodically deleted.

2. How We Use Your Information

We use the information we collect for various purposes, including to:

• Provide, operate, and maintain our Service.
• Authenticate users and secure your account.
• Provide conversation history and context-aware memory features.
• Process your requests and respond to your inquiries.
• Monitor and analyze usage to improve and personalize the Service.
• Prevent fraudulent activity and enforce our Terms of Service.

3. How We Share Your Information

We do not sell your personal data. We may share your information in the following limited circumstances:

• With AI Service Providers: Your conversation content is sent to our underlying AI service provider (e.g., Google Gemini) to generate responses. If you provide your own external API key for a third-party model, your content will be sent to that provider, subject to their privacy policy.
• With Service Providers: We may share information with third-party vendors and service providers that perform services on our behalf, such as cloud hosting (e.g., AWS, GCP) and payment processing (e.g., Stripe).
• For Legal Reasons: We may disclose your information if required to do so by law or in response to valid requests by public authorities.

4. Data Security

We implement a variety of security measures to protect your information. These include:

• Encryption in Transit: All data transmitted between your device and our servers is encrypted using Transport Layer Security (TLS).
• Encryption at Rest: Sensitive User Content, such as external API keys and conversation history, is encrypted when stored in our database.
• Password Hashing: We use strong, industry-standard hashing algorithms (bcrypt) to protect your password.

5. Your Privacy Rights

You have certain rights regarding your personal information, subject to local law. These include the right to:

• Access the personal data we hold about you.
• Request that we correct any inaccurate personal data.
• Request that we delete your personal data.

You can manage most of your data directly within the application's account settings. For other requests, please contact us.

6. Children's Privacy

Our Service is not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13.