← Legal

Privacy Policy

Effective: 2025-07-14 • Genesis-AGI

1. Data We Collect

• Account data: email, hashed password, role, tier
• Usage data: generation counts, engine usage, API call metadata
• Billing data: managed by Stripe — we do not store card numbers
• Generated content: prompts and outputs processed for service delivery

2. How We Use Data

• Provide and improve the service
• Enforce usage limits and billing
• Send transactional emails (subscription, payment, security)
• Detect abuse and enforce Terms

3. Data Sharing

We do not sell your data. We share data only with:

• Stripe (payment processing)
• Infrastructure providers (hosting, as necessary)
• Law enforcement (when legally required)

4. Data Retention

Account data: retained while account is active + 30 days. Generated content: not stored beyond the immediate request unless you save to projects. Billing records: retained per tax requirements.

5. Security

Passwords are hashed with PBKDF2-SHA256 (200K iterations). API keys are SHA-256 hashed. All traffic is encrypted via TLS. We follow OWASP security practices.

6. Your Rights

• Access your data via the portal
• Export your data
• Delete your account and data
• Opt out of non-essential communications

7. Contact

legal@genesis-agi.net