Privacy Policy

PrivacyFrom.AI provides automated de-identification technology that strips personally identifiable information (PII) and protected health information (PHI) from your data before it reaches any AI system. We operate a hybrid model:

• De-identification happens on your device. Your original data is processed locally on your own hardware.
• Only anonymized data passes through our servers for routing to your chosen AI provider.
• We collect operational metadata (usage stats, performance data) to keep the service running — never your original content.

This policy applies to all users — whether you're an individual or using PrivacyFrom.AI through a business account.

This is the most important part of our privacy story. Because de-identification runs entirely on your device:

• We never see, access, store, or transmit your original unprotected data.
• We have no technical ability to read your raw prompts, documents, messages, or files.
• Your PII and PHI never leave your device in identifiable form.
• We cannot be compelled to produce data we don't have — even under a subpoena.

This isn't just a policy choice — it's an architectural one. Our system is designed so that access to your original data is technically impossible from our side.

We collect only what's necessary to operate, improve, and secure the Service. Here's a complete breakdown:

Account Information

• Name and email address
• Organization name (for business accounts)
• Password (stored as a salted hash — we never see your actual password)
• Billing information (processed and stored by Stripe — see Section 5)

Operational Metadata

• Usage volume (number of requests, de-identification operations)
• Which AI provider you routed to (not the content of the request)
• Service performance metrics (latency, error rates)
• Feature usage patterns (which tools you use, not what you use them on)

Technical Data

• IP address (for rate limiting and security — not for tracking)
• Browser type and operating system
• Device type
• Error logs and crash reports

We use the data we collect for the following purposes — and only these purposes:

• Providing the Service — routing your de-identified data to AI providers, managing your account, processing payments.
• Improving the Service — understanding usage patterns to make the product better. We analyze aggregated, anonymized metrics — never individual content.
• Security — detecting abuse, preventing fraud, and protecting against unauthorized access.
• Communication — sending account-related notifications, responding to support requests, and (with your consent) product updates.
• Legal compliance — meeting our obligations under applicable laws and regulations.

We do not sell your data. We do not use your data for advertising. We do not build profiles about you for third parties.

We work with a small number of trusted third parties to operate the Service. Each has access only to the data they need to perform their function:

AI Providers

We route your de-identified (anonymized) data to AI providers such as Anthropic, OpenAI, and xAI. These providers receive only the anonymized version of your data — never your original content. If you bring your own API key, your relationship with that provider is also governed by their privacy policy.

Stripe (Payments)

We use Stripe to process payments. Your payment information (credit card numbers, billing address) is sent directly to Stripe and never touches our servers. Stripe's handling of your data is governed by the Stripe Privacy Policy.

Google Analytics

We use Google Analytics to understand how visitors interact with our website. This collects anonymized browsing data (pages visited, time on site, general location). It does not have access to any data you process through the Service. You can opt out using a browser extension.

We use a minimal set of cookies to operate the Service:

• Essential cookies — required for authentication, session management, and security. These cannot be disabled.
• Analytics cookies — placed by Google Analytics to help us understand website usage. These are anonymized and do not track you across other sites.

We do not use advertising cookies, social media tracking pixels, or any form of cross-site tracking.

• Your original data: We don't have it. It lives on your device and is never transmitted to us.
• Account information: Retained for as long as your account is active. Deleted within 30 days of account closure.
• Operational metadata: Retained for up to 12 months for service improvement, then deleted or permanently anonymized.
• Billing records: Retained as required by tax and financial regulations (typically 7 years).
• Security logs: Retained for up to 90 days for incident investigation, then deleted.

Regardless of where you live, we believe you deserve control over your data. You have the right to:

• Access — Request a copy of the personal data we hold about you.
• Correction — Ask us to fix any inaccurate information.
• Deletion — Request that we delete your account and associated data.
• Portability — Receive your data in a structured, commonly used format.
• Objection — Object to certain types of processing (e.g., analytics).
• Withdraw consent — Where processing is based on consent, withdraw it at any time.

To exercise any of these rights, email us at privacy@privacyfrom.ai. We will respond within 30 days.

For California Residents (CCPA)

You have the right to know what personal information we collect, request its deletion, and opt out of its sale. We do not sell personal information.

For EU/EEA Residents (GDPR)

Our legal basis for processing your data is: (a) performance of our contract with you (providing the Service), (b) legitimate interests (security, service improvement), and (c) your consent (where applicable). You have the right to lodge a complaint with your local data protection authority.

We take security seriously — it's the foundation of everything we do.

• All data in transit is encrypted using TLS 1.2 or higher.
• All data at rest is encrypted using AES-256 encryption.
• We conduct regular security audits and penetration testing.
• Access to production systems is restricted and logged.
• Our de-identification engine runs on your device, meaning your sensitive data never enters a system we control.

If you discover a security vulnerability, please report it to security@privacyfrom.ai. We appreciate responsible disclosure.

PrivacyFrom.AI operates globally. Your metadata and account information may be processed in the United States or other countries where our infrastructure is located.

When we transfer data outside your jurisdiction, we use appropriate safeguards including Standard Contractual Clauses (SCCs) where required. Remember — your original, sensitive data never leaves your device, so international transfer concerns apply only to the limited metadata and account information described in this policy.

PrivacyFrom.AI is designed for professional and business use. We do not knowingly collect personal information from children under 13 (or the applicable age in your jurisdiction). If you believe a child has provided us with personal information, please contact us at privacy@privacyfrom.ai and we will promptly delete it.

We may update this Privacy Policy from time to time. When we make material changes:

• We will notify you via email or an in-app notification at least 30 days before the changes take effect.
• We will update the “Effective” date at the top of this page.
• Previous versions are available upon request.

We encourage you to review this policy periodically. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

Questions, concerns, or requests about your privacy? We're here to help.

• Privacy inquiries: privacy@privacyfrom.ai
• Security issues: security@privacyfrom.ai
• General support: support@privacyfrom.ai

PrivacyFrom.AI is operated under the laws of the State of Delaware, United States.