Privacy Policy

Effective Date: January 1, 2026
Last Updated: January 1, 2026

1. Introduction

Allytic ("Allytic", "we", "us", or "our") is committed to protecting your privacy and handling your personal information in a transparent and secure way. This Privacy Policy explains how we collect, use, store, and share information when you use Allytic's applications and services on iOS, Android, macOS, Windows, and the web (collectively, the "Service").

By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please do not use the Service.

If you have any questions about this Policy or your data, you can contact us at [email protected].

2. Information We Collect

2.1 Information You Provide

We collect information that you provide directly when using Allytic, including:

Account Information

  • Name
  • Email address
  • Password (stored in hashed form only)
  • Optional profile details and preferences

Voice Input (Transcripts Only)

  • When you speak to Allytic, your voice is converted to text in real time.
  • We do not store voice recordings.
  • We store only text transcripts of your requests, which are used to execute actions, maintain context, and provide memories.

Connected Services Data (via APIs) When you connect third‑party services, we access only the data necessary to perform tasks you request:

  • Email: email content, metadata, and actions (send, draft, read, organize)
  • Calendar: events, time, location, participants
  • Music: playlists, track information, and playback controls
  • Health/fitness: metrics or data you explicitly authorize for the Health Advisor

Connections are established via secure APIs and OAuth or similar authorization mechanisms. You can revoke access at any time through the third‑party service or within Allytic where supported.

Content You Create

  • Reminders, notes, tasks, preferences, and other content you provide
  • "Memories" that Allytic stores to personalize your experience (subject to plan limits)

2.2 Payment and Billing Information

When you subscribe to Allytic Pro or other paid services, we collect and process payment-related information:

Billing Information

  • Full name
  • Billing address (street address, city, state/province, postal code, country)
  • Email address for receipts and billing notifications

Payment Method Details

  • Credit or debit card information (card number, expiration date, CVV/CVC)
  • Bank account details (if using direct debit or other payment methods)
  • Payment method type and last four digits (for display in your account)

Transaction Data

  • Purchase amounts and dates
  • Subscription status and billing cycle
  • Payment history and invoice records
  • Failed payment attempts and retry information

Important: Payment card information and sensitive financial data are processed and stored by our third-party payment processor (currently Stripe when implemented) and are not stored on Allytic's servers. We receive only limited payment information necessary to manage your subscription (such as the last four digits of your card and payment status).

Stripe is PCI DSS compliant and uses industry-leading security measures to protect your payment information. For more details on how Stripe handles your payment data, please review Stripe's Privacy Policy.

2.3 Information Collected Automatically

When you use the Service, we automatically collect:

Device and Technical Data

  • Device type, operating system, app version
  • IP address and approximate location (city/country level)
  • Language and time zone

Usage Data

  • Features used, frequency and duration of sessions
  • Interaction patterns (e.g., which agents you call, how often)
  • Basic performance metrics and crash logs

This information is used to operate and improve the Service, maintain security, and understand usage trends.

3. How We Use Your Information

We use your information for the following purposes:

  1. To provide the Service

    • Process your voice commands (via transcripts) and execute actions
    • Send emails, manage calendar events, control music, set reminders
    • Store memories and context to make Allytic more helpful
    • Sync your experience across devices

  2. To process payments and manage subscriptions

    • Charge subscription fees and process payments
    • Send billing receipts, invoices, and payment confirmations
    • Manage subscription renewals, upgrades, downgrades, and cancellations
    • Detect and prevent payment fraud
    • Verify your identity for payment security purposes
    • Handle refunds and billing disputes

  3. To personalize your experience

    • Use your memories, preferences, and usage patterns to tailor responses
    • Provide proactive suggestions and recommendations (for Pro users, if enabled)

  4. To maintain and improve the Service

    • Diagnose problems, fix bugs, and improve performance
    • Analyze aggregated usage data to prioritize features and improvements

  5. To communicate with you

    • Send service‑related emails (e.g., account notices, security alerts, billing notifications)
    • Respond to your support requests and feedback

  6. To comply with legal obligations and enforce our rights

    • Address fraud, abuse, security incidents, and legal requests

3.1 Use of Data for Model Improvement

By default, Allytic does not use your personal data (including emails, calendar entries, health data, or other sensitive information) to train our models or the models of our AI providers without your explicit consent.

  • You may be offered an option in settings to opt in to sharing certain anonymized or pseudonymized interaction data to help improve Allytic.
  • You can withdraw this consent at any time in the app settings; this will not affect your basic ability to use the Service, but some improvements or personalization may be limited.

4. AI Providers and Processing

To understand your input and generate responses, Allytic uses external AI model providers acting as processors on our behalf. Currently, these providers include:

  • Cerebras
  • OpenAI

Only the minimum necessary data required to fulfill your request is sent to these providers, and it is transmitted securely. We do not give these providers permission to:

  • Use your data to train their general models, unless you have explicitly opted in via Allytic.
  • Use your data for advertising or their independent purposes.

We do not give these providers direct access to your connected email, calendar, health, or music accounts. Instead, Allytic prepares specific prompts containing only the data required to answer or complete the requested task.

5. Payment Processing and Third-Party Services

5.1 Payment Processor (Stripe)

Allytic uses Stripe as our third-party payment processor to handle all payment transactions securely. When you provide payment information:

  • Your payment card details are transmitted directly to Stripe using secure encryption (TLS)
  • Stripe processes and stores your payment information in compliance with PCI DSS (Payment Card Industry Data Security Standard)
  • Allytic receives only limited information from Stripe, such as:
    • Last four digits of your card
    • Card brand (Visa, Mastercard, etc.)
    • Expiration date
    • Payment status (successful, failed, pending)
    • Billing address for tax and fraud prevention purposes

We never store complete credit card numbers, CVV codes, or full bank account details on our servers.

5.2 Data Sharing with Stripe

When you make a payment, the following information is shared with Stripe:

  • Your name and email address
  • Billing address
  • Payment amount and currency
  • Subscription plan details
  • Device and browser information (for fraud detection)

Stripe acts as a data processor on our behalf and is contractually obligated to protect your information. Stripe may use this data to:

  • Process your payment transaction
  • Prevent fraud and comply with financial regulations
  • Provide customer support for payment issues

For complete details on how Stripe handles your data, please review Stripe's Privacy Policy.

5.3 Subscription Management

Your subscription and billing information is used to:

  • Maintain your account status (Free or Pro)
  • Process recurring subscription charges
  • Send billing reminders and payment failure notifications
  • Apply promotional discounts or credits
  • Process refunds when applicable
  • Generate invoices and receipts

You can view and manage your subscription, payment methods, and billing history in your account settings or by contacting [email protected].

5.4 Tax Compliance

Depending on your location, we may collect additional information for tax purposes:

  • Tax identification numbers (for business accounts)
  • Jurisdiction-specific information required for VAT, GST, or sales tax

This information is used solely for tax compliance and reporting as required by law.

6. Data Storage and Security

6.1 Storage in MongoDB

Allytic uses MongoDB as its primary database to store:

  • Account information
  • Memories and conversation transcripts
  • Configuration and preference data
  • Limited usage metadata

MongoDB is configured with industry‑standard security controls, including encryption at rest and access control. Access to the database is limited to authorized systems and personnel who require it to operate the Service.

6.2 Security Measures

We implement technical and organizational measures designed to protect your data, such as:

  • Encryption in transit (e.g., HTTPS/TLS 1.3 or higher)
  • Encryption at rest in our databases (AES-256)
  • Secure payment processing through PCI DSS compliant providers
  • Access controls and logging
  • Regular updates and security patches
  • Internal policies for data handling and access
  • Multi-factor authentication (MFA) for account protection

No system is perfectly secure, and we cannot guarantee absolute security. However, we work to maintain a level of security appropriate to the risk.

7. Data Retention

We retain your data only for as long as necessary for the purposes set out in this Policy or as required by law. In general:

  • Account data: Retained while your account is active and for up to 30 days after deletion for backup and legal purposes.
  • Payment and billing data: Retained for the duration required by tax and financial regulations (typically 7 years)
  • Transcripts and memories:
    • Free plan: Limited by your plan (e.g., up to 10 memories); older data may be deleted as new memories are added.
    • Pro plan: Retained until you delete them or request account deletion, subject to our backup cycles.
  • Logs and technical data: Retained for a limited period (for example, up to 12 months) and may then be aggregated or anonymized.

When we no longer need your data, we will delete or anonymize it in a reasonable timeframe.

8. Data Sharing and Third Parties

8.1 No Sale or Unnecessary Sharing

Allytic does not sell your personal data.
We do not share your data with third‑party apps for their own marketing or advertising.

Third‑party services that you connect (e.g., email, calendar, music, health) are accessed via secure APIs. These APIs are used only to perform tasks you request, and data is not shared beyond what is necessary for those tasks.

8.2 Service Providers

We may share data with carefully selected service providers that help us operate the Service, including:

  • Cloud hosting and infrastructure providers
  • AI processing providers (Cerebras, OpenAI)
  • Payment processors (Stripe)
  • Database and storage providers (e.g., MongoDB Atlas)
  • Error monitoring and analytics providers (if enabled)

These providers act under contracts that require them to protect your data and use it only for the purposes we specify.

8.3 Legal Requirements and Safety

We may disclose information if we believe it is reasonably necessary to:

  • Comply with a law, regulation, legal process, or governmental request
  • Enforce our terms or protect the security and integrity of the Service
  • Protect Allytic, our users, or the public from harm or illegal activities
  • Detect, prevent, or address fraud, security, or technical issues

8.4 Business Transfers

If Allytic is involved in a merger, acquisition, or asset sale, your data may be transferred as part of that transaction. We will take steps to ensure the confidentiality of your data and provide notice before your data is transferred or becomes subject to a different privacy policy.

9. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal data, including:

  • Access – Request a copy of the personal data we hold about you.
  • Correction – Request correction of inaccurate or incomplete data.
  • Deletion – Request deletion of your data, subject to legal and operational constraints (e.g., tax record retention).
  • Restriction – Request that we limit how we process your data.
  • Portability – Request a machine‑readable copy of certain data.
  • Objection / Opt‑Out – Object to certain types of processing (e.g., analytics or model‑improvement opt‑in).

9.1 Managing Payment Information

You can:

  • Update your payment method in account settings
  • View billing history and download invoices
  • Cancel your subscription at any time (you'll retain Pro features until the end of your billing period)
  • Request deletion of payment information after account closure (subject to legal retention requirements)

You can exercise many of these rights directly in the app (e.g., by deleting memories, disconnecting services, or deleting your account). For any request, you can also contact us at [email protected].

If you are in the EU, UK, or another region with similar regulations, you may also have the right to lodge a complaint with your local data protection authority.

10. Children's Privacy

Allytic is not directed to children under the age of 13 (or under 16 in some jurisdictions). We do not knowingly collect personal data from children in these age groups. If you believe that a child has provided us with personal information, please contact us at [email protected], and we will take steps to delete that information.

10. International Data Transfers

Your information may be processed and stored in countries other than your country of residence. These locations may have data protection laws different from those in your jurisdiction.

When we transfer personal data across borders, we use appropriate safeguards (such as Standard Contractual Clauses approved by the European Commission) designed to protect your information in accordance with applicable laws.

If you have questions about cross‑border data transfers, you can contact us at [email protected].

11. Cookies and Similar Technologies

Allytic and its web properties may use cookies and similar technologies to:

  • Keep you signed in
  • Remember your preferences
  • Measure usage and performance (if analytics are enabled)

You can usually control cookies through your browser settings. Some essential cookies are necessary for the Service to function correctly and cannot be disabled without affecting functionality.

12. Managing Your Account and Data

You can manage your data in several ways:

In the app:

  • Update profile and billing information
  • Delete memories or transcripts
  • Disconnect third‑party integrations
  • Adjust privacy and consent settings
  • Manage payment methods and subscription
  • Request account deletion

By email: Contact [email protected] with your request. We may need to verify your identity before fulfilling certain requests.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:

  • Update the "Effective Date" at the top of the Policy
  • Provide notice in the app or via email where appropriate

Your continued use of the Service after any changes to this Policy will constitute your acceptance of the updated terms.

14. Contact Us

If you have any questions, concerns, or requests about this Privacy Policy, our data practices, or billing matters, you can contact us at:

Email: [email protected]

We will do our best to respond within a reasonable time frame and in accordance with applicable laws.

Last reviewed and updated: January 1, 2026