Privacy Policy

Last Updated: December 2025

1. Introduction

Lippi AI ("we," "us," "our," or "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services (the "Service").

Lippi AI stands for Local, Intelligent, Privacy Protection Interface. Privacy is at the core of our platform. We are designed to minimize data collection and maximize user control.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Password (encrypted)
  • Name (optional)
  • Account preferences

2.2 Usage Data

We collect information about how you use our Service:

  • Chat conversations (stored securely on your account)
  • Documents you upload (stored securely)
  • Features you use
  • Rulepacks you create
  • AI models you select
  • Timestamps and frequency of use

2.3 Technical Information

We automatically collect:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Pages visited and time spent
  • Referral source

2.4 Information from Third Parties

If you use third-party AI services (OpenAI, Anthropic, Google), you provide your own API keys. We do not store these keys on our servers. They are encrypted and used only to route your requests to the appropriate service.

3. How We Use Your Information

We use collected information for:

  • Service Delivery: Providing, maintaining, and improving the Service
  • Communication: Sending service updates, security alerts, and support messages
  • Security: Detecting and preventing fraud, abuse, and security incidents
  • Compliance: Meeting legal obligations and regulatory requirements
  • Analytics: Understanding usage patterns to improve features (anonymized data only)
  • User Support: Responding to your inquiries and providing customer service

4. Data Protection & Security

4.1 Encryption

All data transmitted between your device and our servers is encrypted using TLS 1.2 or higher. Sensitive data at rest is encrypted using AES-256 encryption.

4.2 Local Processing

Lippi AI supports local AI model processing. When you use local models, your data never leaves your device. No data is transmitted to our servers or external AI providers.

4.3 Rulepacks & Information Masking

Our Rulepacks feature automatically masks sensitive information before it reaches any AI model. This means:

  • Personal identifiable information (PII) is masked before transmission
  • Financial data, healthcare information, and custom patterns can be masked
  • Masked data is never sent to external AI providers
  • You maintain complete control over what gets masked

4.4 Access Controls

We implement strict access controls:

  • Only authorized personnel can access user data
  • Access is logged and monitored
  • Employees sign confidentiality agreements
  • Regular security audits are conducted

5. Data Sharing & Third Parties

5.1 AI Service Providers

If you use external AI models (ChatGPT, Claude, Gemini), your requests are sent to those providers' servers. You can use Rulepacks to mask sensitive information before transmission. We recommend reviewing their privacy policies.

5.2 Service Providers

We may share data with service providers who assist us (hosting, analytics, payment processing). These providers are contractually obligated to protect your data.

5.3 Legal Requirements

We may disclose your information if required by law, court order, or government request. We will notify you of such requests unless legally prohibited.

5.4 No Data Sales

We do not sell, rent, or trade your personal information to third parties. Your data is never used for marketing purposes without your explicit consent.

6. Data Retention

We retain your data as follows:

  • Account Data: Retained while your account is active. Deleted 30 days after account deletion.
  • Chat Conversations: Retained in your account. You can delete conversations anytime.
  • Documents: Retained in your account. You can delete documents anytime.
  • Technical Logs: Retained for 90 days for security purposes.
  • Backup Data: Retained for 30 days for disaster recovery.

7. Your Rights & Choices

7.1 GDPR Rights (EU Users)

If you're in the EU, you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your data (right to be forgotten)
  • Restrict processing
  • Data portability
  • Object to processing
  • Lodge a complaint with your data protection authority

7.2 CCPA Rights (California Users)

If you're in California, you have the right to:

  • Know what personal information is collected
  • Know whether personal information is sold or disclosed
  • Say no to the sale or sharing of personal information
  • Access your personal information
  • Request deletion of personal information
  • Get equal service and pricing

7.3 Communication Preferences

You can opt out of marketing emails anytime by clicking the unsubscribe link in our emails or updating your account settings.

8. Children's Privacy

Lippi AI is not intended for children under 13. We do not knowingly collect information from children under 13. If we become aware of such collection, we will delete the information immediately.

9. International Data Transfers

Your information may be transferred to, stored in, and processed in countries other than your country of residence. These countries may have data protection laws different from your home country. By using Lippi AI, you consent to such transfers.

10. Security Incidents

In the event of a data breach, we will:

  • Notify affected users without unreasonable delay
  • Provide information about the breach
  • Offer steps to protect your information
  • Comply with all applicable laws

11. Third-Party Links

Our Service may contain links to third-party websites. We are not responsible for their privacy practices. Please review their privacy policies before providing information.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by email or by posting the updated policy on our website. Your continued use of the Service constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

  • Email: privacy@lippi.ai
  • Mailing Address: Lippi AI, Privacy Team, [Your Address]
  • Data Protection Officer: dpo@lippi.ai

Your privacy is our priority. Lippi AI is built on the principle that you should have complete control over your data. We are committed to transparency and will always respect your privacy choices.