Privacy Policy
Last Updated: September 2025
1. Introduction
AI Guardian ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our LLM security scanning service.
2. Information We Collect
2.1 Information You Provide
- Contact Information: Name, email address, company name when you contact us or sign up for updates
- Configuration Data: LLM provider selections, scan preferences, and test parameters
- API Keys: Temporarily stored in your browser's local storage (never sent to our servers)
- Feedback: Pricing feedback, bug reports, and feature requests you submit
2.2 Information Collected Automatically
- Usage Data: Pages visited, features used, scan types performed
- Technical Data: Browser type, operating system, IP address, device information
- Performance Data: Scan execution times, error logs, system performance metrics
2.3 Scan Data
When you perform security scans:
- Test prompts are generated locally in your browser
- Prompts are sent directly to your configured LLM providers
- Scan results are processed in your browser
- We may collect anonymized statistics about detected vulnerabilities
3. How We Use Your Information
We use the collected information for:
- Providing and maintaining the Service
- Improving and optimizing our security detection algorithms
- Responding to your inquiries and support requests
- Sending service updates and security advisories
- Analyzing usage patterns to improve user experience
- Complying with legal obligations
4. Data Storage and Security
4.1 Local Storage
Sensitive data including API keys are stored locally in your browser and are never transmitted to our servers.
4.2 Server Storage
Non-sensitive data stored on our servers includes:
| Data Type |
Retention Period |
Purpose |
| Contact form submissions |
2 years |
Customer support |
| Email signups |
Until unsubscribe |
Updates and announcements |
| Pricing feedback |
Indefinitely |
Product planning |
| Anonymous usage metrics |
1 year |
Service improvement |
4.3 Security Measures
We implement appropriate technical and organizational measures including:
- HTTPS encryption for all data transmission
- Regular security audits and vulnerability assessments
- Access controls and authentication requirements
- Regular backups and disaster recovery procedures
5. Data Sharing and Disclosure
We do not sell, trade, or rent your personal information. We may share information only in these circumstances:
- Service Providers: With trusted third parties who assist in operating our Service
- Legal Requirements: When required by law or to protect our rights
- Business Transfers: In connection with a merger, acquisition, or sale of assets
- Consent: With your explicit consent
6. Third-Party Services
Our Service integrates with third-party LLM providers. When you use these integrations:
- Your prompts and responses are subject to the provider's privacy policy
- We do not control how these providers handle your data
- You should review the privacy policies of your chosen LLM providers
7. Cookies and Tracking
We use cookies and similar technologies for:
- Maintaining session state
- Remembering your preferences
- Analyzing Service usage
- Improving performance
You can control cookies through your browser settings, but disabling them may limit Service functionality.
8. Your Rights and Choices
8.1 Access and Control
You have the right to:
- Access your personal information
- Correct inaccurate data
- Request deletion of your data
- Object to data processing
- Request data portability
8.2 Opt-Out Options
- Marketing Communications: Unsubscribe link in emails
- Analytics: Browser privacy settings or opt-out tools
- Cookies: Browser cookie settings
9. Children's Privacy
Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.
10. International Data Transfers
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers.
11. California Privacy Rights
California residents have additional rights under the California Consumer Privacy Act (CCPA), including:
- Right to know what personal information is collected
- Right to know if personal information is sold or disclosed
- Right to opt-out of the sale of personal information
- Right to non-discrimination for exercising privacy rights
12. European Privacy Rights
If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR), including:
- Legal basis for processing your data
- Right to lodge a complaint with supervisory authorities
- Right to withdraw consent
- Right to data portability
13. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last Updated" date.
14. Contact Us
For questions about this Privacy Policy or our privacy practices, please contact us through:
- The contact form on our website
- Email: privacy@aiguardian.security (coming soon)
15. Data Protection Officer
For privacy-related concerns, our Data Protection Officer can be reached through the contact methods above.