Privacy Policy

1. Information We Collect

We collect information you provide directly to us when using Aimly AI:

  • Account Information: Email address, name, and authentication details
  • Personal Goals: Goals, descriptions, and completion status you create
  • Chat History: Messages and conversations with our AI assistant
  • User Preferences: Settings and preferences you configure
  • Onboarding Responses: Answers to setup questions about your preferences

2. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

  • Performance of Contract: To provide the services you requested when creating an account
  • Legitimate Interests: To improve our services, ensure security, and prevent fraud
  • Consent: For optional features and communications (you can withdraw consent at any time)
  • Legal Obligation: To comply with applicable laws and regulations

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process and store your personal goals and preferences
  • Enable AI chat functionality and goal suggestions
  • Send you important service updates and notifications
  • Ensure the security and integrity of our platform

4. Data Storage and Security

Your data is stored securely using industry-standard practices:

  • Database: Stored in Supabase (PostgreSQL) with Row Level Security
  • Authentication: Handled by Supabase Auth with secure protocols
  • Encryption: Data encrypted in transit and at rest
  • Access Control: Only you can access your personal data

5. Third-Party Services and Data Processors

We use third-party services that act as data processors on our behalf. We have data processing agreements in place with these providers to ensure they handle your data in compliance with GDPR requirements:

  • OpenAI: Processes your chat messages to generate AI responses. OpenAI's privacy policy applies to data sent to their services. Note: You can choose not to use AI features if you prefer not to share data with OpenAI.
  • Supabase: Stores your account data, goals, and preferences. Supabase's privacy policy applies to data stored on their platform.
  • Vercel: Hosts our application and may collect basic usage analytics. Vercel's privacy policy applies to hosting-related data.

6. Data Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties, except:

  • To provide our services (e.g., sending data to OpenAI for AI responses)
  • When required by law or to protect our rights
  • With your explicit consent
  • To trusted service providers who assist in operating our platform

7. Your Rights and Choices (GDPR Data Subject Rights)

Under GDPR, you have the following rights:

  • Access: View and download your personal data
  • Rectification: Update and correct inaccurate data
  • Erasure: Delete your account and all associated data
  • Portability: Request a copy of your data in a portable format
  • Restriction: Limit how we process your data
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent for optional processing

How to Exercise Your Rights: You can exercise these rights by:

  • Using the in-app settings to update or delete your account
  • Contacting us directly at contact@aimly-ai.com
  • Submitting a request through our contact form in the Service

We aim to respond to your request within 30 days and may request additional information to verify your identity.

8. Data Retention

We retain your data for as long as your account is active or as needed to provide services. When you delete your account, we will:

  • Remove your personal information from our database
  • Delete your goals, preferences, and chat history
  • Cancel your account and authentication
  • Retain minimal data for legal compliance if required

Specific Retention Periods:

  • Account Data: Deleted immediately upon account deletion
  • Chat History: Deleted immediately upon account deletion
  • Backup Data: Retained for up to 30 days for disaster recovery
  • Security Logs: Retained for up to 12 months for security monitoring
  • Legal Compliance: Retained as required by applicable laws

9. Cookies and Tracking

We use essential cookies for:

  • Authentication and session management
  • Remembering your preferences
  • Ensuring the security of our platform

We do not use tracking cookies or analytics that monitor your behavior across other websites.

10. Children's Privacy and Parental Consent

Aimly AI is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

Parental Consent Requirements:

  • Under 13: Parental consent is required for users under 13 years old
  • 13-16: In some EU countries, parental consent may be required for users aged 13-16
  • Verification: We may request verification of parental consent when required
  • Contact: If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately

11. International Data Transfers

Your data may be processed and stored in countries other than your own, including countries outside the European Economic Area (EEA).

GDPR Compliance for International Transfers:

  • Standard Contractual Clauses (SCCs): We use EU-approved SCCs for transfers to countries without adequate data protection
  • Adequacy Decisions: We transfer data to countries with EU adequacy decisions
  • Data Processing Agreements: All third-party processors sign binding agreements to protect your data
  • Security Measures: Additional security measures are implemented for international transfers

We ensure that such transfers comply with applicable data protection laws and that your data receives adequate protection.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

13. Security Disclaimer

While we implement industry-standard security measures to protect your data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to maintaining appropriate technical and organizational measures to protect your personal information.

14. Contact Us

If you have questions about this Privacy Policy, want to exercise your GDPR rights, or have concerns about our data practices, please contact us:

  • Email: contact@aimly-ai.com
  • Through the Service: Use our in-app contact form
  • Response Time: We aim to respond to all requests as quickly as possible, typically within 30 days

By using Aimly AI, you acknowledge that you have read and understood this Privacy Policy.

Back to Home