← Back to Allecta
PRIVACY POLICY — Allecta
Last Updated: November 2025
1. Overview
This Privacy Policy explains how Vasco Tech Pvt Ltd ("we," "our") collects, processes, and protects personal data when you use Allecta.
We comply with:
- GDPR (EU)
- CCPA (California)
- Global data protection obligations
2. Data We Collect
a. Account Data
Email, name, IP, login timestamps.
b. Usage Data
Prompts, messages, logs, token counts, model performance metrics.
We retain anonymized system telemetry for improving reasoning quality.
c. Billing Data
Payment method, subscription details, invoices (processed by third-party providers like Stripe).
d. Device & Technical Data
Browser type, OS, region, request metadata.
3. What We Do NOT Store
- We do NOT store passwords (hashed/salted via industry standard).
- We do NOT train our own models on identifiable customer data.
- We do NOT share or sell personal data to advertisers.
4. How Your Data Is Used
- To provide service functionality
- To improve performance and reliability
- To prevent misuse or security threats
- For analytics (aggregated & anonymized)
- For billing and customer communication
- For reflexive self-learning (non-identifiable reasoning metadata)
Legal basis: Legitimate interest (GDPR Art. 6(1)(f)) and Contract necessity (Art. 6(1)(b)).
5. Third-Party Providers
We use external AI APIs (OpenAI, Anthropic, Google, DeepSeek, Groq, and others).
Your inputs/outputs may be processed by their servers in accordance with their policies.
Links to their privacy policies must be included.
6. Data Sharing
We may share anonymized analytics and minimal operational data with reliable subprocessors.
We never sell data.
7. Data Retention
- Message history retained for 14 days unless deleted
- Billing data: up to 7 years (legal compliance)
- Logs: 30–180 days
You may request deletion anytime: privacy@vascotech.ai
8. User Rights (GDPR & CCPA)
You have the right to:
- Access your data
- Correct your data
- Request deletion
- Request export
- Restrict processing
- Object to automated decisions
- Opt-out of data sharing
9. Security
We use:
- Encryption in transit (TLS 1.3)
- Encryption at rest
- Role-based access control
- Rate limiting and abuse monitoring
10. Children
We do not allow users under 18.
11. Changes to Policy
We will notify users of major updates.
12. Contact
privacy@vascotech.ai
Vasco Tech Pvt Ltd, Hyderabad, India