Privacy Policy

Our Commitment to Your Privacy

Key Privacy Principles

• We Do NOT Train AI Models: AIgility is not an AI model provider. We do not use your data to train any AI models. Your conversations, documents, and content are never used for model training.
• Features Serve You, Not Us: Features like agent memory, conversation history, and personalization exist solely to improve your experience—not for data collection purposes.
• Your Data Stays Encrypted: All user data is encrypted both in transit and at rest. Only you (and authorized team members you designate) can access your data.
• Ephemeral Processing: When you upload documents for RAG (Retrieval-Augmented Generation), files are processed in ephemeral memory during vectorization and are not stored to disk.
• Anonymized Logs: Platform logs used for performance monitoring and debugging are anonymized and cannot be traced back to individual users.

AI Model Providers & Your Data

AIgility is a platform provider, not an AI model provider. We integrate with third-party AI model providers to deliver AI capabilities. As of the date of this policy, we support:

• OpenAI (GPT models)
• Anthropic (Claude models)
• Perplexity (Search-enhanced models)

API Data Usage

When you use AI features on our Platform, your prompts and content are sent to these providers via their APIs. As of the date of this policy, the API agreements with these providers state that they do not use API data to train their models. Specifically:

• OpenAI's API data usage policy excludes API data from model training
• Anthropic's API terms do not use API data for training
• Perplexity's API terms do not use API data for training

Intellectual Property

AIgility Solutions retains all intellectual property rights in and to the Platform, including all software, source code, algorithms, documentation, designs, and content created by AIgility. Unless otherwise noted, all materials on the Platform are protected as copyrights, trademarks, and other intellectual properties owned by AIgility Solutions and are protected by Canadian copyright, trademark, and international laws.

No portion of the Platform may be copied, reproduced, modified, distributed, or used for derivative works without express written consent from AIgility Solutions.

For complete intellectual property terms, please see our Terms of Service.

1. Information We Collect

1.1 Personal Information

When you create an account or use our services, we collect:

• Name, username, and email address
• Password (encrypted and securely hashed—we never store plain text passwords)
• Profile information (job role, company affiliation)
• Avatar/profile picture (optional)
• Billing and payment information (processed by third-party providers—we do not store credit card numbers)

1.2 Usage Information

To provide our services, we collect information about how you use our Platform:

• Conversation history with AI agents: Stored encrypted and accessible only to you (and your designated team members). This feature exists to provide continuity in your AI interactions—not for data mining.
• Agent memory and preferences: Stored encrypted to personalize your experience. You control what agents remember and can delete this data at any time.
• Agents and products you create: Your intellectual property, stored securely and isolated from other users.
• Usage analytics: Tokens consumed, API calls, and response times—used for billing and to help you understand your usage.

1.3 Enterprise Information

For enterprise customers, we also collect:

• Company name, industry, and organization size
• Billing and invoice information
• Team member details and access permissions
• Enterprise-specific configurations and branding

2. How We Use Your Information

We use your information for the following purposes:

• Service Delivery: To provide, maintain, and improve our AI platform
• Personalization: To customize your experience and remember your preferences (for your benefit)
• Your Insights: To provide you with analytics and insights into your own usage
• Communication: To send service updates, security alerts, and support messages
• Security: To detect fraud, prevent abuse, and protect user safety
• Compliance: To meet legal obligations and enforce our terms
• Billing: To process payments and manage subscriptions

2.1 RAG Document Processing

When you upload documents for RAG (Retrieval-Augmented Generation) to enhance your AI agents:

• Ephemeral Processing: Documents are processed in ephemeral memory during vectorization. Raw files are not stored to disk after processing.
• Vector Embeddings: Only the vector embeddings (numerical representations) are stored, not the original document content.
• Your Control: You can delete your RAG data at any time.
• Isolated Storage: Your embeddings are isolated from other users and accessible only to you and your authorized team members.

2.2 What We Do NOT Do With Your Data

• ❌ We do NOT train AI models on your data
• ❌ We do NOT sell your data to third parties
• ❌ We do NOT share your data for advertising purposes
• ❌ We do NOT mine your conversations for insights
• ❌ We do NOT use your content to improve our services without your explicit consent

3. Platform Logs and Analytics

We maintain platform logs for operational purposes. Here's how we handle logging:

3.1 Purpose of Logs

• Platform Performance: To monitor system health, identify bottlenecks, and improve performance
• Debugging: To diagnose and fix technical issues
• Security: To detect and prevent security threats
• Your Usage Insights: To provide you with visibility into your own usage patterns and costs

3.2 Log Anonymization

All platform performance logs are anonymized. This means:

• Logs used for platform analytics cannot be traced back to individual users
• Personal identifiers are stripped or hashed in aggregate analytics
• We cannot identify you from anonymized performance data

Note: Your personal usage dashboard shows your identifiable data to you—this is for your benefit to understand your own usage. Aggregate platform analytics that we use internally are anonymized.

4. Data Sharing and Disclosure

We do NOT sell your personal data. We may share your information in the following limited circumstances:

4.1 Service Providers

We work with trusted third-party service providers who assist us in operating our Platform:

• AI Model Providers: OpenAI, Anthropic, Perplexity (for LLM services—see API Data Usage section above)
• Cloud Infrastructure: Google Cloud Platform (for hosting and storage)
• Payment Processing: Stripe (for billing and subscriptions)
• Email Services: For transactional emails and notifications

All contractors and service providers have signed agreements which include clauses about information handling, confidentiality, and security.

4.2 Legal Requirements

We may disclose your information if required by law, court order, subpoena, or government request, or to establish or exercise our legal rights or defend against legal claims.

4.3 Enterprise Administrators

If you're part of an enterprise account, your enterprise administrator may have access to your usage data and activity within the organization's workspace.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and your options regarding your data.

5. Information Access Restrictions

We restrict access to personal information to those in our organization who require access in order to manage our Platform, fulfill our services, or respond to service requests. All employees sign confidentiality agreements which include how client data may be used.

6. Data Retention

We retain your data for as long as necessary to provide our services and comply with legal obligations:

• Conversation Sessions: 30 days (configurable by you or your enterprise)
• Conversation Messages: 30 days (configurable)
• Agent Interaction Logs: 365 days (configurable)
• User Activity Logs: 365 days (configurable)
• Account Data: Retained until account closure
• Enterprise Data: Retained per enterprise agreement terms

Note: You can request earlier deletion of your data at any time using the "Delete Account" feature or by contacting us. When you delete data, it is permanently removed.

7. Your Privacy Rights

7.1 GDPR Rights (EU Users)

If you are in the European Union, you have the following rights:

• Right to Access: Request a copy of your personal data (Download My Data)
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data (Delete Account)
• Right to Restriction: Limit how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to our processing of your data
• Right to Withdraw Consent: Withdraw consent at any time

7.2 CCPA Rights (California Users)

If you are a California resident, you have the right to:

• Know: Request disclosure of data we collect, use, and share
• Delete: Request deletion of your personal information
• Opt-Out: Opt-out of the sale of your personal information (we do not sell data)
• Non-Discrimination: Not receive discriminatory treatment for exercising your rights

7.3 Canadian Privacy Rights (PIPEDA)

If you are in Canada, you have the right to:

• Access your personal information held by us
• Challenge the accuracy and completeness of your information
• Withdraw consent for the collection, use, or disclosure of your information

7.4 How to Exercise Your Rights

To exercise any of these rights:

• Use the self-service tools in your Profile Settings
• Contact us at: privacy@aigility.io
• We will respond within 30 days of your request

8. Cookies and Tracking Technologies

Cookies are files containing a small amount of data commonly used as anonymous unique identifiers. These are sent to your browser from websites you visit and stored on your device.

We use cookies and similar technologies to:

• Essential Cookies: Required for authentication, security, and core functionality (cannot be disabled)
• Analytics Cookies: Track usage patterns to improve our service (optional)
• Preference Cookies: Remember your settings and preferences

If you do not want cookies saved in your browser, you can clear them from your cache and configure your browser to prevent cookies from being saved. Note that disabling essential cookies may affect Platform functionality.

9. Data Security

We value your trust in providing us with your personal information and strive to use commercially acceptable means of protecting it. We implement industry-standard security measures:

• Encryption in transit: All data is encrypted using HTTPS/TLS
• Encryption at rest: All stored data is encrypted
• Multi-tenant data isolation: Your data is logically isolated from other users
• Access controls: Strict authentication and authorization
• Secure password hashing: Using bcrypt
• Multi-factor authentication: Available and recommended
• Regular security audits: Ongoing security reviews

However, no method of transmission over the internet or electronic storage is 100% secure. If you discover a security vulnerability, please report it to: security@aigility.io

10. Payment Information

We use third-party payment processors (e.g., Stripe) for billing and subscriptions. We do not store credit card numbers on our servers. Payment information is handled directly by our payment processor in accordance with PCI-DSS compliance standards.

Our payment processors have their own privacy policies which govern how they handle your payment information.

11. International Data Transfers

AIgility Solutions is headquartered in Alberta, Canada. Your data may be processed in Canada, the United States, and other countries where our service providers operate. We ensure adequate safeguards are in place for international transfers, including:

• Standard Contractual Clauses (SCCs)
• Data Processing Agreements (DPAs)
• Compliance with applicable data protection frameworks

12. Links to Other Sites

Our Platform may contain links to external sites not operated by us. If you click on a third-party link, you will be directed to that site. We strongly advise you to review the Privacy Policies of these websites. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party sites or services.

13. Children's Privacy

The Platform does not target children and is not intended for persons under 18 years of age. We do not knowingly collect personal information from persons under 18. If you are under 18, you may review the Platform only with involvement of a parent or guardian, and you may not use any portion of the Platform that would require collection of personal information.

If you believe we have collected information from a child, please contact us immediately at privacy@aigility.io.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

• Updating the "Last Updated" date at the top of this policy
• Sending an email notification to registered users
• Displaying a prominent notice on our Platform

Your continued use of our Platform after changes indicates acceptance of the updated policy. We advise you to review this page periodically for any changes.

15. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us: