Privacy by Design

Privacy Policy

AiYOOS Technology Inc.
Effective Date: February 11, 2026

1. Purpose & Scope

This Privacy Policy describes how AiYOOS Technology Inc. ("AiYOOS," "we," "us," or "our") collects, uses, stores, and protects your personal information when you use our AI-powered search engine accessible at https://aiyoos.com and through our mobile applications (collectively, the "Service").

AiYOOS is built on a singular mission: to deliver the world's most accurate AI-powered search engine while respecting user privacy and maintaining unwavering focus on search excellence. Unlike traditional search engines, we do not monetize your data through advertising, behavioral profiling, or third-party sales. Our business model is subscription-based, ensuring that our incentives align with delivering value to you, not extracting value from you.

Our Core Privacy Commitments

  • You control your data – You retain full control over your search queries, interaction history, and personal information. We do not claim rights to your data beyond what is necessary to provide the Service.
  • Privacy by design – Privacy is not a policy statement; it is an architectural requirement embedded in every layer of our platform.
  • No advertising model – We do not sell ads, track you for behavioral targeting, or monetize your attention.
  • No use of your data for AI training – AiYOOS does not use your search queries or interactions to train AI models or build behavioral profiles. Third-party AI providers are contractually restricted from using your data for training.
  • Strict data isolation for enterprises – Enterprise and professional user data is isolated and not commingled with other users' data.

Legal Compliance

This Privacy Policy is designed to align with applicable privacy laws, including:

  • European Union General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)

2. Definitions & Glossary

To ensure clarity and transparency, we define the following terms as used throughout this Privacy Policy:

Personal Data: Any information that relates to an identified or identifiable individual. This includes your name, email address, and any data that can be linked to you.

Processing: Any operation performed on personal data, including collection, storage, use, analysis, transmission, or deletion.

Anonymization: The process of removing or altering personal data so that it can no longer be linked to an identifiable individual, even with additional information.

Deletion: The permanent and irreversible removal of personal data from our systems. Deleted data is not retained, archived, or used for any purpose.

User Account: Your registered profile on the AiYOOS platform, which includes your account information and user-controlled settings.

3. Purpose of Data Collection

AiYOOS collects only the minimal data necessary to operate and improve our search service. We do not collect data for advertising, behavioral profiling, or monetization purposes.

Why We Collect Data

  1. Operating and Delivering Search Functionality: To process your search queries, retrieve relevant sources, synthesize information using AI reasoning, and deliver structured, evidence-backed answers with traceable citations.
  2. Improving Search Relevance, Accuracy, and System Reliability: To refine retrieval algorithms, enhance semantic understanding, and ensure the platform performs reliably under real-world usage conditions. This improvement is based on anonymized, aggregated usage metrics and system performance data—not on individual user queries or identifiable patterns. This data is used for quality evaluation and system optimization, not for training AI models.
  3. Safety, Abuse Prevention, and Service Integrity: To detect and prevent fraudulent activity, unauthorized access, spam, misuse of the platform, and other security threats.
  4. Research and Service Improvement Using Anonymized Data Only: To conduct research on search quality, user experience, and platform performance using fully anonymized, aggregated data that cannot be traced back to individual users.

What We Do NOT Use Data For

  • Advertising or Behavioral Targeting: AiYOOS does not sell advertising space, track users for ad targeting, or monetize user attention.
  • AI Model Training on User Queries: AiYOOS does not use your search queries or interaction history to train large language models or build predictive profiles. Third-party AI providers we use are contractually restricted from using your data for model training.
  • Third-Party Data Sales or Sharing: We do not sell, rent, lease, or share your personal data with third parties for their commercial purposes.
  • Cross-Service Data Linking: Unlike multi-product platforms, AiYOOS is a single-purpose search engine. We do not link your search behavior to other services, devices, or platforms.

4. Types of Data Collected

AiYOOS collects only the data strictly necessary to provide our search service. The following sections describe exactly what we collect and, importantly, what we do NOT collect.

4.1 Account Information

When you create an account with AiYOOS, we collect:

  • First name and last name
  • Email address
  • Password (stored as a cryptographic hash—we never store plain-text passwords)

This information is used solely for account authentication, user identification, and service-related communications (such as password resets or critical service updates).

4.2 Search Queries and Interaction Data (User-Controlled)

AiYOOS processes the following data when you use our search service:

  • Search queries: The text, questions, or commands you submit to AiYOOS.
  • AI interaction logs: Records of your conversations with the AI reasoning engine, including follow-up questions and multi-step query sequences.
  • User preferences and settings: Customizations you apply to your search experience, such as display preferences or preferred citation formats.

Critical Point: You have complete control over this data.

  • Search history can be disabled completely – If disabled, queries are processed and answered but not stored.
  • Search history can be automatically deleted – You can configure automatic deletion after 24 hours, 7 days, 30 days, or a custom timeframe.
  • Search history can be manually cleared at any time – You can delete all or selected queries from your account instantly and permanently.

4.3 Payment Information (Processed by Stripe)

If you subscribe to a paid plan, payment processing is handled exclusively by Stripe, Inc., a third-party payment processor.

  • AiYOOS does NOT collect, store, or retain: Credit card numbers, bank account details, billing addresses, or any payment credentials.
  • What we receive from Stripe: A tokenized confirmation that payment was successful and your subscription status (active, canceled, expired).
  • For details on how Stripe handles your payment data, please review Stripe's Privacy Policy at https://stripe.com/privacy.

4.4 What We Do NOT Collect

AiYOOS is designed with data minimization at its core. Unlike traditional search engines and AI platforms, we do NOT collect:

  • IP addresses: We do not use IP addresses for tracking, profiling, or advertising purposes. IP addresses may be processed transiently by our infrastructure providers for security, fraud prevention, and service delivery, but are not retained by AiYOOS for user identification.
  • Cookies or persistent tracking identifiers: We do not use cookies or similar technologies for advertising, cross-site tracking, or behavioral profiling. Limited first-party, functional cookies may be used solely for authentication and security purposes.
  • Voice recordings or audio data: If you use voice search (where available), audio is processed in real-time for transcription only and is immediately discarded—never stored.
  • Image metadata beyond search functionality: If you upload images for multimodal search, we analyze the image to answer your query but do not extract EXIF data, GPS coordinates, or other metadata unrelated to the search task.
  • Biometric or special-category data: AiYOOS does not collect facial recognition data, fingerprints, health data, genetic data, or any sensitive categories protected under GDPR or CCPA.
  • Behavioral profiles or shadow profiles: We do not build user profiles based on search patterns, inferred demographics, or behavioral analysis.

5. How Data Is Used

Your data is used exclusively to operate and improve the AiYOOS search service. We do not use your data for advertising, profiling, or third-party monetization.

5.1 Core Service Operation

  • Processing search queries: When you submit a query, AiYOOS uses semantic understanding and AI reasoning to retrieve relevant sources, synthesize information, and deliver structured, evidence-backed answers with traceable citations.
  • Maintaining context across multi-step queries: For complex, multi-hop questions, AiYOOS maintains conversational context within a single session to provide coherent, connected answers.
  • Account management and authentication: Your account information is used to authenticate your access, manage your subscription, and provide account-related support.

5.2 Search Accuracy and Reliability Improvement

AiYOOS continuously refines its search capabilities to improve answer quality, source relevance, and citation accuracy. However, this improvement is based exclusively on anonymized, aggregated usage data and system performance metrics—not on individual user queries or identifiable search patterns.

  • System optimization vs. AI training: We analyze anonymized metrics to improve search algorithms, ranking, and relevance. This is system evaluation and optimization, not AI model training. Your individual queries are not used to train language models.
  • Example of acceptable use: We may analyze system-wide trends (e.g., "Users searching for technical documentation prefer structured tables over prose") but we do not analyze or store individual user behavior (e.g., "User A searched for X, Y, and Z").
  • Anonymization process: Before any data is used for system improvement or research, all personally identifiable information is permanently removed, ensuring that data cannot be traced back to individual users.

5.3 Security, Safety, and Abuse Prevention

To maintain the integrity and security of the Service, we use data to:

  • Detect and prevent fraudulent activity, unauthorized access, and spam.
  • Identify and mitigate security threats, including denial-of-service attacks and automated abuse.
  • Enforce our Terms of Service and protect the rights and safety of AiYOOS users.

5.4 External AI Model Processing (Google Gemini 2.5 Flash)

AiYOOS currently uses Google Gemini 2.5 Flash as the reasoning and synthesis engine to process your search queries and generate structured answers.

  • What this means: When you submit a query, AiYOOS sends your question and retrieved source content to Google's large language model for semantic analysis and synthesis.
  • Privacy safeguard: Under our enterprise agreement with Google, your queries processed through Gemini 2.5 Flash are contractually restricted from being used to train or improve Google's AI models. Google processes queries solely to generate responses in accordance with our enterprise agreement. Limited retention may occur as required for security, abuse prevention, or legal compliance.
  • Future roadmap: AiYOOS is developing a proprietary, search-optimized large language model to eliminate reliance on third-party AI providers entirely. This will provide even greater control over data processing and privacy.

Important note: While AiYOOS does not use your queries to train AI models, Google's processing of queries through Gemini 2.5 Flash is subject to Google's enterprise AI terms. AiYOOS has specifically selected an enterprise configuration that contractually restricts Google from using your data for model training. However, Google may process and temporarily retain data as necessary for security, abuse prevention, and compliance purposes.

5.5 What We Do NOT Do With Your Data

  • We do not use your data for advertising or behavioral targeting.
  • We do not build user profiles or analyze individual search patterns for profiling purposes.
  • We do not sell, rent, or lease your personal data to third parties.
  • We do not use your search queries to train AI models (including the proprietary LLM we are developing).

6. Privacy & Data Control: The AiYOOS Commitment

At AiYOOS, user control and data ownership are not optional features—they are foundational design principles. This section describes the comprehensive privacy controls available to you and the guarantees we make about how your data is handled.

6.1 You Control Your Data

You retain full control over your search queries, interaction history, and personal information. AiYOOS does not claim ownership rights to your data beyond what is necessary to provide the Service.

  • You control your knowledge exploration: Your research, questions, and discoveries remain yours. We do not claim rights to the intellectual property you create or discover through your use of the Service.
  • Export functionality: You can export your search history, interaction logs, and account data at any time in a structured, machine-readable format.
  • Deletion is permanent: When you delete data, it is removed from our active systems promptly and is overwritten or erased from backups according to our standard backup retention cycles. We do not repurpose deleted data for any use.

6.2 User-Controlled Search History

AiYOOS provides granular, user-controlled search history management:

  • Disable search history completely: You can turn off search history storage entirely. When disabled, queries are processed and answered in real-time but are not logged or retained after the session ends.
  • Automatic deletion: You can configure automatic deletion of search history after 24 hours, 7 days, 30 days, or a custom timeframe you specify.
  • Manual clearing: You can delete all search history or selectively delete specific queries at any time. Deletion is instant and irreversible.
  • Your choice, your control: You decide whether search history improves your personal experience (e.g., by enabling follow-up questions or query refinement) or whether you prefer to search without any record.

Important: Disabling search history does not affect the quality or functionality of AiYOOS. The Service operates identically whether history is enabled or disabled.

6.3 No Advertising Model

AiYOOS does not sell advertising. Period.

  • Our revenue model is subscription-based, not surveillance-based.
  • Your attention is not the product. Your questions are not inventory for ad targeting.
  • This alignment of incentives ensures that AiYOOS succeeds only by delivering value to you—not by extracting value from you.

6.4 Zero Data Training on User Queries

AiYOOS does not use your search queries to train AI models. Third-party AI providers we use are contractually restricted from using your data for model training.

  • What this means: Your questions, research topics, and interaction patterns are not analyzed to improve AI capabilities. We do not build predictive models based on your behavior.
  • Commitment: When AiYOOS develops its own proprietary large language model (as described in our technical roadmap), that model will be trained exclusively on licensed, curated, and synthetic datasets—not on user queries.

6.5 Transparent Data Practices

AiYOOS commits to radical transparency about data handling:

  • Plain-language privacy policy: This document is written in clear, accessible English—not legal jargon designed to obscure meaning.
  • Real-time data usage dashboard: You can view exactly what data AiYOOS has collected about you, when it was collected, and how it is being used.
  • Activity records: You can request a summary of data processing activities related to your account, subject to security and operational constraints.
  • No hidden data collection mechanisms: We do not use tracking pixels, third-party analytics scripts, or any covert data collection methods.

6.6 Enterprise and Professional Data Isolation

For enterprise and institutional users, AiYOOS enforces strict data isolation:

  • Data isolation: Enterprise user data is not commingled with public user data or data from other organizations, subject to technical and operational requirements of service delivery.
  • Dedicated instances: Enterprise deployments can request dedicated infrastructure to ensure complete separation from shared systems.
  • Contractual guarantees: Enterprise agreements include explicit data isolation, retention, and deletion commitments tailored to organizational requirements.

7. Data Retention

AiYOOS follows a principle of minimal data retention. We retain data only as long as necessary to provide the Service, comply with legal obligations, or fulfill the purposes described in this Privacy Policy.

7.1 User-Controlled Data

  • Search history and interaction logs: Retained based on your settings. You can configure automatic deletion (24 hours, 7 days, 30 days, or custom), disable history entirely, or manually delete at any time.
  • Account information: Retained as long as your account is active. When you delete your account, all associated data is permanently removed within 30 days.

7.2 Anonymized System Data

AiYOOS may retain anonymized, aggregated usage data for system improvement and research purposes. This data:

  • Cannot be linked back to individual users.
  • Is used solely to improve search quality, reliability, and performance.
  • Is retained for the minimum period necessary—typically no longer than 12 months unless legally required.

7.3 Legal and Security Retention

In certain cases, we may be required to retain data to comply with legal obligations, resolve disputes, or enforce our Terms of Service. However, such retention is limited to the minimum legally required period and does not override your right to delete your account and personal data.

8. Data Security

AiYOOS implements industry-standard security measures to protect your data from unauthorized access, disclosure, alteration, or destruction.

8.1 Technical Safeguards

  • Encryption in transit: All data transmitted between your device and AiYOOS servers is encrypted using TLS (Transport Layer Security) protocols.
  • Encryption at rest: Data stored on AiYOOS servers is encrypted using AES-256 encryption or equivalent standards.
  • Strict access controls: Access to user data is limited to authorized personnel on a need-to-know basis and is subject to role-based access controls and audit logging.
  • Regular security reviews and audits: AiYOOS undergoes regular security assessments, penetration testing, and third-party audits to identify and address vulnerabilities.

8.2 Data Breach Response

In the event of a data breach that affects your personal information, AiYOOS will:

  1. Promptly investigate the incident to determine the scope, cause, and impact of the breach.
  2. Notify affected users within the timeframes required by applicable law (e.g., 72 hours under GDPR).
  3. Take immediate remedial action to prevent recurrence and mitigate harm.
  4. Report to relevant authorities as required by GDPR, CCPA, or other applicable regulations.

Note: While we implement robust security measures, no system is completely immune to attack. We encourage users to practice good security hygiene, including using strong, unique passwords and enabling two-factor authentication where available.

9. Third-Party Vendors & Data Sharing

AiYOOS does not sell, rent, or share your personal data with third parties for their commercial purposes. However, we may share limited data with trusted third-party vendors strictly to provide and improve the Service.

9.1 Payment Processing (Stripe)

As described in Section 4.3, all payment processing is handled by Stripe, Inc.

  • What Stripe receives: Your payment information (credit card, billing address) is transmitted directly to Stripe. AiYOOS does not store or process payment credentials.
  • What AiYOOS receives from Stripe: A tokenized confirmation of payment success and subscription status.
  • For details, review Stripe's Privacy Policy at https://stripe.com/privacy.

9.2 AI Model Provider (Google Gemini)

As described in Section 5.4, AiYOOS currently uses Google Gemini 2.5 Flash to process search queries.

  • What Google receives: Your search queries and retrieved source content for semantic analysis and synthesis.
  • Privacy safeguard: Under our enterprise agreement with Google, your queries are contractually restricted from being used to train or improve Google's AI models. Google processes queries solely to generate responses. Limited retention may occur as required for security, abuse prevention, or legal compliance.
  • Future roadmap: AiYOOS is developing a proprietary LLM to eliminate third-party AI dependencies entirely.

9.3 Legal Authorities

AiYOOS may disclose your data if required to do so by law or in response to valid legal processes, such as:

  • Court orders, subpoenas, or government requests.
  • Compliance with legal obligations under GDPR, CCPA, or other applicable laws.
  • Protection of AiYOOS's rights, property, or safety, or the rights and safety of our users.

Note: AiYOOS will challenge overly broad or unjustified requests and will notify affected users unless legally prohibited from doing so.

9.4 International Data Transfers

AiYOOS operates globally and may transfer data across international borders to provide the Service. However, we do not transfer data internationally without appropriate legal safeguards.

  • For EU users: Data transfers outside the European Economic Area (EEA) are protected by Standard Contractual Clauses (SCCs) or other mechanisms approved under GDPR.
  • For California users: Data transfers comply with CCPA/CPRA requirements, including user notification and opt-out rights where applicable.

10. User Rights & Controls

AiYOOS recognizes and respects your rights under GDPR, CCPA/CPRA, and other applicable privacy laws. This section explains your rights and how to exercise them.

10.1 Right to Access

You have the right to request access to the personal data AiYOOS holds about you.

  • What you can access: Your account information, search history, interaction logs, and any other personal data we have collected.
  • How to access: Log in to your AiYOOS account and navigate to your data dashboard, or contact us at aiyoos.privacy@gmail.com.

10.2 Right to Correction

You have the right to correct inaccurate or incomplete personal data.

  • How to correct: Update your account information directly through your account settings, or contact us for assistance.

10.3 Right to Deletion

You have the right to request deletion of your personal data.

  • Deleting search history: You can delete all search history or selectively delete specific queries at any time through your account settings. Deletion is immediate and permanent.
  • Deleting your account: You can permanently delete your AiYOOS account and all associated data. Once deleted, your data is removed from our systems within 30 days and cannot be recovered.
  • How to delete: Navigate to your account settings and select "Delete Account," or contact us at aiyoos.privacy@gmail.com.

10.4 Right to Export (Data Portability)

You have the right to export your personal data in a structured, machine-readable format.

  • What you can export: Your account information, search history, and interaction logs.
  • How to export: Navigate to your account settings and select "Export Data," or contact us at aiyoos.privacy@gmail.com.

10.5 Right to Opt-Out (CCPA/CPRA)

California residents have the right to opt out of the "sale" or "sharing" of personal data as defined by CCPA/CPRA.

  • AiYOOS does not sell or share personal data. Therefore, there is no opt-out mechanism required. However, if our practices change in the future, we will update this Privacy Policy and provide clear opt-out controls.

10.6 How to Exercise Your Rights

To exercise any of the rights described above, you can:

  • Use the self-service controls in your AiYOOS account settings.
  • Contact us at aiyoos.privacy@gmail.com with the subject line "Privacy Request."

We will respond to your request within 30 days (or as required by applicable law) and will verify your identity before processing requests that involve access to or deletion of personal data.

11. Data Minimization & Purpose Limitation

AiYOOS adheres to the principles of data minimization and purpose limitation as required by GDPR and best practices in privacy-conscious design.

11.1 Data Minimization

We collect only the data strictly necessary to provide the Service:

  • We do not collect IP addresses, cookies, tracking identifiers, voice recordings, image metadata, biometric data, or behavioral profiles (see Section 4.4).
  • We do not request unnecessary personal information during account registration or use of the Service.

11.2 Purpose Limitation

Data collected for one purpose is not repurposed for unrelated uses without explicit user consent:

  • Search queries are used solely to answer your questions—not for advertising, profiling, or third-party data sales.
  • Account information is used solely for authentication and service delivery—not for marketing, cross-selling, or unrelated communications.
  • Anonymized usage data is used solely for search quality improvement—not for behavioral analysis or user profiling.

12. Children's Privacy

AiYOOS is intended for users age 18 and older as a matter of product policy. We comply with the Children's Online Privacy Protection Act (COPPA) and do not knowingly collect personal information from children under 13.

  • Users under 13: We do not knowingly collect personal data from children under 13 years of age. If we become aware that we have collected personal data from a child under 13, we will take immediate steps to delete that data.
  • Users 13-17: While COPPA permits collection from users 13-17 with appropriate safeguards, AiYOOS's Terms of Service require users to be 18 or older. We do not actively market to or target minors.

If you are a parent or guardian and believe your child under 18 has provided personal information to AiYOOS, please contact us at aiyoos.privacy@gmail.com so we can address the matter promptly.

13. Changes to This Privacy Policy

AiYOOS may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or Service features.

How We Notify You of Changes

  • Material changes: If we make significant changes that affect your rights or how we handle your data, we will notify you via email and/or display a prominent notice on our website at least 30 days before the changes take effect.
  • Non-material changes: For minor updates (e.g., clarifications, formatting changes), we will update the "Effective Date" at the top of this Privacy Policy.

Your Right to Withdraw Consent: If you do not agree with the updated Privacy Policy, you have the right to delete your account and discontinue use of the Service before the changes take effect.

14. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or AiYOOS's data practices, please contact us at:

AiYOOS Technology Inc.
Email: aiyoos.privacy@gmail.com
Website: https://aiyoos.com

We will respond to your inquiry within 30 days (or as required by applicable law).

Our Privacy Commitment

"At AiYOOS, your questions are your business. We don't track you, profile you, or sell your attention. We exist to answer your questions—not to monetize your curiosity."