Privacy Policy — Ava: Innovation Companion

Privacy & Data Use

Ava is designed with privacy and transparency in mind. The current experience requires a registered account so we can persist your sessions, insight preferences, text-based reflection summaries, and workshop canvases across visits.

Data We Collect

Account Information: Name, email, secure PIN hashes, and authentication metadata provided during registration or profile updates.
Session Content: Guided and innovation coaching transcripts, text-based reflection summaries (summary, key insights, action items), insight preferences, and metadata (timestamps, model types, durations, token counts).
Workshop Assets: Saved sticky notes, canvases, board templates, and workshop summaries you choose to store.
Support Communications: Messages you send via the contact form or email for support purposes.
Technical Logs: Essential request logs (IP address, user agent, error traces) retained briefly to diagnose reliability and security issues.
Payment Confirmations: Payment success/failure status, subscription IDs, and anonymized payment tokens for entitlement verification. Detailed billing records (invoices, receipts, card details, billing addresses) are stored by Stripe and accessible to you via your Stripe account.

Legal Basis for Processing

We process personal data under the following bases: contract performance (to deliver sessions you request), legitimate interest (to secure and improve the service), consent (for optional features like marketing communications), and legal obligations (to meet tax, accounting, and regulatory requirements).

Children's Privacy

The service is not directed to children under 13 (or 16 in the EU) without verified parental consent. If you believe a child has provided personal information, contact us so we can remove it.

Session & Conversation Storage

Persistence: Conversations, text-based reflection summaries, and workshop boards are stored in our encrypted database so you can resume sessions, review reflections, and view progress dashboards.
Audio Playback (Optional): You may listen to your reflection summaries via text-to-speech. Audio is generated on-demand when you click the Listen button and streamed directly to your browser. Audio files are not stored—playback is ephemeral and discarded after use.
Insight Preferences: Feature toggles are stored to keep your experience consistent across devices.
Deletion: You can request deletion of specific sessions, reflections, or your entire account. We will remove stored data unless retention is required by law or for legitimate security purposes.

Payment & Paid Sessions

Stripe Processing: Payments are securely processed by Stripe, Inc. By completing a purchase, you consent to Stripe collecting your email address (for receipts and subscription management), card data, billing address, and transaction details. We receive only payment confirmation status and subscription IDs—we never see or store full card numbers or detailed billing information.
Email Requirement: Email addresses are required by Stripe for payment processing, receipts, subscription renewals, and legal compliance. If you do not wish to provide an email address, you will be unable to complete purchases.
Our Records: We store payment confirmation metadata (payment type, subscription status, anonymous tokens) to verify your entitlements and provide access to purchased sessions.
Your Billing History: Detailed invoices, receipts, and payment methods are stored by Stripe and accessible through your Stripe account or the Stripe Customer Portal. We cannot access or modify these records.
Saved Payment Methods: If you save a payment method, Stripe stores the tokenized details. You can manage or remove saved methods through Stripe Link or by contacting Stripe support.

Contact & Communication

Support: When you reach out via the contact form or email, we store your message, email address, and any attachments to respond and maintain a support history.
Email Delivery: Support emails are delivered via Gmail or another SMTP provider. Messages are subject to the provider's security and retention practices.
Notifications: We may send transactional emails (e.g., password resets, export links, billing notices). We do not send marketing emails without consent.

Analytics & Service Improvement

Product Metrics: We track feature adoption, session counts, AI usage, and latency metrics to improve reliability.
Access Logs: Short-lived logs of IP address, user agent, and error context are kept to defend against abuse and debug issues.
No Ad Tracking: We do not use third-party advertising pixels or behaviorally targeted analytics.

Data Retention

Account & Sessions: Retained while your account is active. When you request account deletion (via PIN confirmation in settings), your account and all associated data (sessions, reflections, workshop boards, preferences) are permanently deleted immediately.
Inactive Accounts: Accounts without active entitlements (trial, paid sessions, or subscriptions) are automatically deleted after 6 months (182 days) of inactivity via automated cleanup processes.
Payment Confirmations: Payment metadata (subscription status, payment tokens) is deleted with your account. Detailed billing records (invoices, receipts, transaction history) are retained by Stripe according to their policies and legal requirements—we cannot delete these on your behalf.
Stripe Data Retention: Stripe retains billing data (customer records, payment methods, transaction history) for legal, tax, and regulatory compliance purposes. This data may be retained for up to 7 years or longer as required by applicable law. Deleting your account with us does not automatically delete your Stripe customer record. To request deletion of your Stripe data, contact us and we will assist with the deletion request, or you may contact Stripe directly through their support channels.
Backups: Encrypted backups may retain deleted data for up to 30 days on a rolling schedule before being permanently purged.
Security Logs: Retained for up to 30 days unless longer retention is needed to investigate incidents.

Data Retention & Security

Encryption: Data in transit is protected via HTTPS/WSS. Stored data (databases, object storage, backups) is encrypted at rest.
Access Controls: Production systems are restricted to authorized personnel using MFA, role-based access, and logging.
Backups: Encrypted backups are maintained to recover from disasters and are deleted on a rolling schedule.
Security Reviews: We perform periodic internal reviews and vendor assessments to keep safeguards current.
Incident Response: In the event of a data incident, we will notify affected users and regulators as required by law.

Your Rights & Choices

Depending on your location, you may have the right to:

Access a copy of your personal data
Request correction or deletion of your personal information
Object to or restrict processing of your data
Withdraw consent (where applicable)
Lodge a complaint with your local data protection authority

Important Note: We can verify rights requests using your authenticated account or email address on file. If we cannot reasonably confirm your identity, we may be unable to fulfill certain requests.

Data Management

Exports: Download your session history through the in-app export tool or request a copy via support.
Deletion: Request deletion of specific sessions, reflections, or your entire account from within settings or via support. We will confirm completion once done.
Stripe Payment Data: Detailed billing records (invoices, receipts, payment methods, transaction history) are stored and controlled by Stripe, not by us. When you delete your account, we can submit a deletion request to Stripe on your behalf to remove your customer record. However, Stripe may retain certain transaction data for up to 7 years for legal, tax, and regulatory compliance purposes (e.g., fraud prevention, accounting records, tax reporting). To request Stripe data deletion, contact us via the contact form or email support, and we will process your request. You may also contact Stripe directly through their support channels or use the Stripe Customer Portal if available.
Service Discontinuation: You may deactivate or delete your account at any time. Residual backups will be purged on their regular cycle.

Third-Party Services

Stripe: Processes payments and stores billing data. See Stripe's Privacy Policy.
OpenAI: Provides AI inference for chat, insights, and reflections. Inputs may be retained for up to 30 days for abuse monitoring per OpenAI's policies. We do not opt in to training data programs.
Render / Cloud Hosting: Hosts our application servers and encrypted databases. Access is restricted to authorized maintainers.
Email Providers (e.g., Gmail): Deliver transactional and support messages.
No Additional Processors: We do not currently use other third-party processors for marketing, analytics, or data sharing. If this changes, we will update this policy.

Email Retention

If you provide an email address for payments or support, we retain it alongside correspondence and receipts as needed for compliance and customer service.

International Data Transfers

Some providers process data in the United States or other jurisdictions outside the EU/EEA. We rely on Standard Contractual Clauses or other approved transfer mechanisms, and we assess our vendors' security measures regularly.

Cookies and Tracking

We use essential cookies and local storage to maintain authenticated sessions, remember insight preferences, and protect against CSRF. These cookies are HTTPOnly or scoped to the app domain. We do not use advertising cookies or third-party trackers.

AI Outputs & Limitations

Generated Content: AI-generated insights, reflections, and text-to-speech audio may contain inaccuracies. Review outputs before acting on them.
Model Vendors: We rely on third-party AI providers (OpenAI for text generation and text-to-speech). Their systems may process inputs to deliver results consistent with their terms.
User Responsibility: Do not rely on AI responses for critical decisions without independent verification.

Disclaimer

This service is not a medical device and is not intended to diagnose, treat, or prevent any health conditions.

Conversations are generated by AI and intended for innovation support only.
The service is not a substitute for professional business consulting or critical decision-making.
Use of the service is voluntary and entirely at your discretion.
For critical business decisions, please consult with licensed professionals or experts in your field.

Contact and Complaints

If you have questions about this privacy policy or your data, please use our contact form. If you are located in the EU or another jurisdiction with data protection laws, you have the right to lodge a complaint with your local data protection authority.

Effective Date: This privacy policy was last updated on December 5, 2025.

By using this service, you agree to these privacy practices, our Terms & Conditions, and acknowledge the minimal data collection described above.