Legal

Privacy Policy

Last updated: May 2026

1. Overview

This Privacy Policy describes how aiio labs ("we," "us," or "our") collects, uses, and discloses your personal information when you use our software as a service (the "Service").

We are committed to protecting your personal information and your right to privacy. When you visit our software as a service and use our products, you trust us with your personal information. We take your privacy very seriously. In this Privacy Policy, we seek to explain to you in the clearest way possible what information we collect, how we use it, and what rights you have in relation to it.

This Privacy Policy applies to all information collected through our software as a service, as well as any related services, sales, marketing, or events.

Please read this Privacy Policy carefully as it will help you understand what we do with the information we collect.

2. Data We Collect

Account Data

  • Email address (used for authentication and notifications).
  • Display name (optional, set by the user or administrator).
  • Role and account status.

Authentication Data

  • Login timestamps and last-login date.
  • Authentication event type (login, logout, magic link sent).
  • IP address and user agent string, recorded at sign-in for security monitoring.

Usage Data

  • Evaluation run history linked to your account.
  • Credit transaction records.
  • Portal notification read/unread status.

3. How We Use Your Data

  • Authentication — to verify your identity and maintain your session.
  • Service delivery — to run evaluations, generate reports, and display results.
  • Security monitoring — IP and user agent data is used to detect unusual login patterns.
  • Billing — credit transaction records are maintained for account integrity.
  • Communications — your email is used to send magic links, evaluation completion notices, and service updates.

4. Data Retention

We retain account data for the duration of your service agreement and for a period thereafter as required by applicable law or our legitimate business interests. Authentication event logs are retained for 12 months. Evaluation data and reports are retained per the terms of your service agreement.

5. Data Sharing

We do not sell your personal data. We may share data with:

  • Infrastructure providers — cloud hosting and database services used to run the Portal.
  • AI model providers — evaluation runs send brand URL content to third-party AI APIs (e.g. Anthropic). No personally identifiable information is included in these requests.
  • Legal authorities — where required by law or to protect the rights and safety of aiio labs or its users.

6. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, or delete your personal data. To exercise these rights, contact privacy@aiiolabs.com.

7. Cookies and Session Storage

The Portal uses a server-side session cookie for authentication. No third-party tracking cookies or advertising trackers are used.

8. Security

Portal access is protected by magic-link authentication over HTTPS. Passwords are not stored. Authentication events are logged and monitored for anomalies.

9. Contact

For privacy-related enquiries, contact privacy@aiiolabs.com.