Ideario Privacy Policy

1. Scope of This Privacy Policy

This Privacy Policy applies to information we collect through the Services, including information you provide directly, information generated through your use of the Services, information processed through AI-assisted features, and information we receive from third-party services that you choose to connect to or use with the Services.

This Privacy Policy does not apply to third-party websites, applications, services, platforms, payment processors, authentication providers, AI model providers, analytics tools, hosting providers, or other services we do not own or control. Those services may have their own privacy policies and terms.

2. Information We Collect

We collect information depending on how you interact with the Services.

2.1 Account Information

When you create, access, or manage an account, we may collect:

• Name
• Email address
• Username or account identifier
• Password or authentication credentials where applicable
• Profile information you choose to provide
• Workspace or project information
• Account preferences and settings
• Subscription and entitlement information
• Authentication and security information
• Billing-related metadata

If you sign in using a third-party authentication provider such as Google, Apple, or another provider, we may receive information necessary to authenticate your account, such as your email address, profile image, user ID, or authentication token information.

2.2 Your Content

"Content" means the ideas, notes, prompts, text, files, documents, uploads, messages, drafts, project descriptions, workspace materials, feedback, instructions, images, audio, exports, or other information you submit, upload, create, generate, import, store, or otherwise provide through the Services.

Content may include unfinished ideas, personal notes, business concepts, product ideas, project plans, creative writing, strategic material, and other information you choose to enter into Ideario.

You control the nature of the Content you provide. You should avoid submitting highly sensitive information unless you are comfortable with that information being processed as described in this Privacy Policy and our Terms of Service.

2.3 AI Interaction Information

Because Ideario includes AI-assisted idea-shaping features, we may collect and process information related to AI interactions, including:

• Your prompts, drafts, idea fragments, instructions, and inputs
• Generated outputs, summaries, lenses, refinements, and responses
• Metadata related to interactions, such as timestamps, model routing, processing status, and request volume
• Feedback you provide about AI outputs
• Abuse-prevention, quality assurance, and debugging information

AI-generated outputs may be stored with your account so you can revisit and continue developing ideas over time.

2.4 Payment and Billing Information

If we offer paid subscriptions or paid features, we and/or our payment processors may collect:

• Billing name
• Billing address
• Email address
• Subscription plan
• Transaction history
• Tax-related information
• Limited payment method metadata such as card brand and last four digits

We do not intentionally store full credit card numbers on our own systems. Payment information is generally processed by third-party payment providers such as Stripe.

2.5 Usage, Device, and Technical Information

We may automatically collect:

• IP address
• Device type
• Browser type and version
• Operating system
• Pages viewed
• Features used
• Session activity
• Navigation behavior
• Date and time of access
• Error logs and crash reports
• Security and authentication logs
• Approximate location derived from IP address
• Performance metrics and diagnostics

We use this information to operate, secure, improve, debug, and understand the Services.

2.6 Cookies and Similar Technologies

We may use cookies, local storage, analytics technologies, authentication tokens, session replay technologies, and similar technologies to:

• Operate the Services
• Authenticate users
• Remember preferences
• Improve usability
• Prevent fraud and abuse
• Measure performance
• Understand product usage

Where required by law, we will request consent or provide controls for certain cookies or tracking technologies.

2.7 Communications and Support Information

If you contact us, we may collect:

• Your name and contact information
• The contents of your message
• Attachments or screenshots you provide
• Support history
• Diagnostic and troubleshooting information
• Communication preferences

2.8 Information From Third Parties

We may receive information from:

• Authentication providers
• Payment processors
• Hosting and infrastructure providers
• Analytics providers
• Marketing or referral partners
• Business partners
• Publicly available sources
• Third-party integrations you choose to use

3. How We Use Information

3.1 To Provide and Operate the Services

We use information to:

• Create and manage accounts
• Authenticate users
• Provide AI-assisted features
• Save, organize, and display Content
• Generate and refine outputs
• Maintain user workspaces and features
• Process subscriptions and billing
• Provide customer support
• Maintain security and reliability
• Send service-related communications

3.2 To Process AI Requests and Outputs

We use Content and AI interaction information to provide AI-assisted functionality.

This may include processing Content through:

• Internal systems
• Third-party AI providers
• Infrastructure providers
• Security and moderation systems

We may process Content where reasonably necessary to:

• Operate the Services
• Generate requested outputs
• Save and retrieve Living Documents
• Troubleshoot technical issues
• Investigate abuse or fraud
• Enforce our Terms of Service
• Comply with legal obligations
• Protect users, Ideario, or others

We do not intentionally use private user Content to train public AI models owned by Ideario.

However, Content submitted to AI-assisted features may be processed by third-party AI providers as necessary to provide the Services, subject to their own retention, security, and compliance practices.

3.3 To Improve and Protect the Services

We may use information to:

• Improve product quality and usability
• Develop new features
• Monitor performance and reliability
• Prevent fraud, abuse, spam, or unauthorized access
• Enforce our Terms of Service
• Conduct research and analytics
• Maintain operational stability

We may monitor usage patterns, request volume, automation behavior, and system activity for security, abuse prevention, fraud prevention, cost management, platform stability, and enforcement of our Terms of Service.

Where practical, we may use aggregated, de-identified, or pseudonymized information for analytics, reporting, product improvement, or operational purposes.

3.4 To Communicate With You

We may use your information to send:

• Account notices
• Product updates
• Security alerts
• Billing notices
• Support responses
• Legal notices
• Optional marketing communications where permitted by law

You may opt out of marketing communications using unsubscribe links or by contacting us.

3.5 To Market and Promote the Services

We may use information to:

• Measure marketing performance
• Understand user interest
• Improve outreach and onboarding
• Analyze campaign effectiveness

We will not intentionally use private user Content in public marketing materials without your permission.

3.6 For Legal, Safety, and Compliance Purposes

We may use information to:

• Comply with laws and legal obligations
• Respond to lawful requests or legal process
• Establish or defend legal claims
• Enforce our agreements
• Detect and prevent fraud or abuse
• Protect the rights, safety, privacy, and security of Ideario, users, or others

4. How We Disclose Information

4.1 Service Providers and Vendors

We may disclose information to service providers who help us operate the Services.

These providers may include:

• Vercel
• Firebase and Google Cloud
• Stripe
• Anthropic
• OpenAI
• PostHog
• Sentry
• Stalwart Mail
• Authentication providers
• Hosting providers
• Storage providers
• Infrastructure and AI providers
• Customer support and analytics providers
• Professional advisors

These providers may access information only as reasonably necessary to perform services for us.

4.2 AI Providers and Infrastructure Providers

To provide AI-assisted features, we may transmit prompts, Content, metadata, and outputs to third-party AI providers or infrastructure providers.

Those providers may process information to:

• Generate responses
• Route requests
• Monitor abuse and security
• Maintain reliability
• Support AI functionality

4.3 Third-Party Integrations

If you connect or authorize third-party services, we may disclose information necessary to enable those integrations.

Third-party integrations are governed by their own terms and privacy policies.

4.4 Business Transfers

We may disclose or transfer information in connection with:

• mergers
• acquisitions
• financings
• reorganizations
• bankruptcy proceedings
• asset sales
• due diligence processes
• or similar transactions

4.5 Legal and Safety Reasons

We may disclose information where reasonably necessary to:

• comply with law or legal process
• enforce our Terms
• protect rights or safety
• investigate abuse, fraud, or security incidents
• respond to emergencies

4.6 With Your Consent or Direction

We may disclose information where you direct us to do so or otherwise provide consent.

4.7 Aggregated or De-Identified Information

We may disclose aggregated, de-identified, or anonymized information that cannot reasonably identify you.

5. Analytics and Diagnostics

We may use analytics and diagnostic tools to understand product usage, improve reliability, and troubleshoot issues.

Certain analytics or diagnostic tools may capture:

• interaction patterns
• navigation behavior
• session activity
• device information
• error states
• performance diagnostics
• limited interface activity

We aim to avoid intentionally collecting private idea content unnecessarily through analytics tooling.

We may use tools such as:

• PostHog
• Sentry
• or similar analytics and monitoring systems

Analytics configurations may evolve over time.

6. Sale, Sharing, and Targeted Advertising

We do not sell personal information for money.

Depending on how analytics or tracking technologies are configured, certain disclosures may be considered "sharing" or "targeted advertising" under certain privacy laws.

Where required by law, we will provide appropriate opt-out rights.

We do not knowingly sell or share personal information of users we know are under 18.

7. Data Retention

We retain information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to:

• provide the Services
• maintain your account
• comply with legal obligations
• resolve disputes
• enforce agreements
• prevent fraud and abuse
• maintain backups and security systems

Retention periods vary depending on the type of information.

Deleted information may remain temporarily in:

• backups
• archives
• logs
• fraud-prevention systems
• legal records
• disaster recovery systems

Deleting your account may not immediately remove all associated information from backups, logs, archives, fraud-prevention systems, legal records, or disaster recovery systems.

We may retain aggregated or de-identified information indefinitely where permitted by law.

8. Your Choices and Rights

Depending on your location and applicable law, you may have rights to:

• access personal information
• correct inaccuracies
• delete information
• export information
• restrict processing
• object to processing
• opt out of certain processing activities

We may need to verify your identity before processing requests.

We may deny or limit requests where permitted by law.

Requests may be submitted to: privacy@ideario.io

9. Managing Your Content

You may access, edit, export, or delete certain Content through the Services where available.

Deleting Content from the interface may not immediately remove all copies from backups, logs, caches, archives, or disaster recovery systems.

If you request deletion of Content, some features may become unavailable.

10. Security

We use reasonable administrative, technical, and organizational safeguards designed to protect information against unauthorized access, misuse, disclosure, alteration, or destruction.

These measures may include:

• authentication controls
• encryption in transit
• infrastructure monitoring
• access controls
• security logging
• abuse-prevention systems

While we use reasonable safeguards designed to protect information, no system can guarantee absolute security, confidentiality, or protection from unauthorized access.

You should avoid submitting information that would create significant harm if disclosed.

You are responsible for maintaining the confidentiality of your account credentials and for securing your devices.

11. International Data Transfers

We may process, store, and transfer information in the United States and other countries where we or our service providers operate.

Those countries may have data protection laws different from those in your location.

Where required by law, we rely on lawful transfer mechanisms.

12. Children's Privacy

The Services are not intended for children under 18.

We do not knowingly collect personal information from children.

If we learn that we have collected information from a child without required consent, we will take reasonable steps to delete it.

13. Sensitive Information

Ideario is designed for idea capture and development. It is not designed for highly regulated or highly sensitive information.

Please avoid submitting:

• government identification numbers
• protected health information
• financial account credentials
• passwords or private keys
• classified information
• regulated medical records
• highly sensitive legal files
• confidential third-party trade secrets you are not authorized to share

If you choose to submit sensitive information, it will be processed as described in this Privacy Policy and our Terms of Service.

14. Teams, Collaboration, and Future Workspace Features

Ideario may later introduce:

• collaborative workspaces
• team features
• organization accounts
• shared boards
• shared Living Documents
• admin-managed environments

If these features are introduced, workspace administrators may have visibility into certain workspace-related Content, settings, usage information, or account-management features associated with their organization.

Additional disclosures may be added if those features launch.

15. Third-Party Links and Services

The Services may include links to third-party websites, integrations, or services.

We are not responsible for third-party privacy, security, or content practices.

Your use of third-party services is subject to their own terms and policies.

16. U.S. State Privacy Rights

Depending on your state of residence, you may have rights under applicable U.S. state privacy laws.

These may include rights to:

• know what information we collect
• access your information
• correct inaccuracies
• delete information
• opt out of targeted advertising or sharing
• obtain a portable copy of your information
• appeal certain decisions

To exercise applicable rights, contact: privacy@ideario.io Subject line: "Privacy Rights Request"

We may verify your identity before responding.

California Residents

California residents may have additional rights under the California Consumer Privacy Act, as amended.

We do not use sensitive personal information to infer characteristics about you unless permitted by law.

California privacy requests may be submitted to: privacy@ideario.io Subject line: "California Privacy Rights Request"

Nevada Residents

Nevada residents may submit opt-out requests to: privacy@ideario.io

17. EEA, UK, and Swiss Privacy Rights

If you are located in the EEA, UK, or Switzerland, you may have rights under applicable data protection laws.

These may include rights to:

• access data
• correct data
• delete data
• restrict processing
• object to processing
• data portability
• withdraw consent
• lodge complaints with supervisory authorities

Legal Bases for Processing

Where required, we rely on legal bases including:

• performance of a contract
• legitimate interests
• consent
• legal obligations
• vital interests

European privacy requests may be submitted to: privacy@ideario.io Subject line: "European Privacy Rights Request"

18. Canada and Australia Privacy Rights

If you are located in Canada or Australia, you may have rights to access or correct personal information subject to applicable law.

Requests may be submitted to: privacy@ideario.io

19. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

Updated versions will be posted with a revised "Last Updated" date.

If changes are material, we may provide additional notice through:

• email
• in-product notices
• website notices
• or other reasonable methods

Your continued use of the Services after updates become effective means you acknowledge the updated Privacy Policy.

20. Contact Us

If you have questions about this Privacy Policy, contact us at: privacy@ideario.io

Ideario by iVision Studios 6604 Richmond Road Williamsburg, VA 23188 United States