MyTrustworthy AI is a conversational AI platform built on four pillars: Mind, Body, Soul, and Creativity. We operate as a privacy-first platform where user conversations are processed on-premises by default. Our mission is to provide safe, ethical, and productive AI that serves everyone.
| Service | Purpose | Data Shared |
|---|---|---|
| Tavily | Web search (when enabled by you) | Your search query only — the same information you would send to a search engine. No account details, conversation history, or personal information are included. |
| ElevenLabs | Voice synthesis (read-aloud of AI responses) | The AI's response text — not your input. ElevenLabs only receives what the AI said so it can read it aloud to you. Your messages are never sent to ElevenLabs. |
| AccuWeather | Weather information | City-level location only (e.g. "Chicago, IL"). No precise location, no personal information. |
| Cloudflare | CDN, DDoS protection, and secure tunnel | Encrypted HTTP traffic. Cloudflare terminates TLS at the edge; no message content is stored by Cloudflare. |
| Cloudflare Workers AI | Translation (text), Image Analysis (images), Image Generation — Plus/Pro tier | Translation: the text you submit for translation (not stored per Cloudflare DPA zero-retention). Image Analysis: image bytes you upload (not retained after inference completes per Cloudflare DPA). Image Generation (Plus/Pro): your text prompt only. User consent required for Translation and Image Analysis. Covered by our Cloudflare Data Processing Agreement with GDPR SCCs. |
| Google SMTP / Resend | Authentication emails (magic links) | Your email address only, used to deliver your sign-in link. |
| Stripe | Payment processing (coming soon) | Only what is required by law to securely process a transaction. Card data is handled entirely by Stripe and never touches our servers. |
Your conversations are processed by AI models running on private hardware. No conversation data is sent to cloud AI providers by default. Cloud inference backends are disabled unless explicitly enabled by the platform operator.
We retain your data only as long as needed for the purposes described in this policy. Below are our retention periods by data category:
| Data Category | Retention Period | What Happens After |
|---|---|---|
| Account & profile | Lifetime (until you delete) | Permanently deleted on account deletion |
| Conversations | 2 years from last activity | Archived, then permanently deleted after 30 days |
| Memories / facts | Until you remove them | Use “Forget” command or delete account |
| Notes | Lifetime | Deleted with account |
| Session tokens | 24 hours | Automatically expired |
| Web search cache | 1 hour – 7 days by category | Automatically purged |
| Security logs | 365 days | Automatically purged |
| Consent records | 5 years after withdrawal | Retained for legal compliance |
| Database backups | 30 days | Automatically deleted (encrypted) |
| Reminders / scheduled actions | Until cancelled or completed; cancelled actions purged after 90 days | Automatically purged |
| Action audit log | 3 years | Encrypted at rest; automatically purged |
| Push subscriptions | Until unsubscribed; stale subscriptions auto-cleaned | Automatically removed |
| Usage metering (token counts) | 3 years | Automatically purged; used for billing and plan enforcement |
You can delete individual conversations from the app at any time. Account deletion removes all associated data permanently.
MyTrustworthy AI does not sell or share your personal information with third parties for monetary or other valuable consideration. We have never sold user data and have no plans to do so. Because we do not sell or share personal information, there is no need to opt out — but we provide this notice as required by the California Consumer Privacy Act (CCPA/CPRA).
MyTrustworthy AI does not use sensitive personal information for purposes beyond providing the services you request. The following categories of sensitive personal information (SPI) may be processed based on your voluntary interactions:
All sensitive content is processed only to generate AI responses, encrypted at rest using AES-256 (pgcrypto), encrypted in transit using TLS (all connections between your browser and our platform use HTTPS; session data in Redis uses TLS-only connections; all calls to third-party services such as Tavily and ElevenLabs are made over HTTPS), and never used to infer characteristics about you or for advertising purposes. You can manage which features process your data through the Privacy & Data Controls in the Settings menu of the main application.
MyTrustworthy AI recognizes the Global Privacy Control (GPC) signal sent by your browser. When GPC is detected, we treat it as a request to limit the sharing of your personal information. Since we do not sell or share personal information with third parties for advertising, GPC does not change our default behavior — but we display a confirmation in your Privacy & Data Controls to acknowledge your preference.
You can manage granular privacy preferences at any time through the Privacy & Data Controls section in Settings. Available consent options include:
Withdrawing consent takes effect immediately. Previously processed data is retained per our data retention schedule unless you request deletion.
The Document Analysis feature lets you paste a URL or document text and receive a plain-English risk summary produced by our Legal AI agent.
MyTrustworthy AI offers two image-related features that send data outside our local infrastructure. Both require your explicit consent and apply our content safety classifier before any processing.
All images submitted for analysis pass through an automated NSFW classifier before any AI processing. Explicit or inappropriate images are refused at the API layer. Only event metadata (timestamp, user ID, endpoint) is logged — no image content is retained in any log.
MyTrustworthy AI uses an automated routing system to direct your conversations to the most relevant specialist companion (e.g., routing a science question to the STEM Companion). We want you to understand how this works:
What we do NOT do with automated decisions:
The platform also detects action intent (e.g., “remind me”) in your messages using keyword matching and presents a confirmation card before taking any action. You must explicitly approve every action before it is scheduled.
If you use companions that process special category data (religious, health, or political topics), you will be asked for explicit consent before processing begins. See the Consent Management section above for details.
If you are a California resident, you have the following rights:
If you are located in the European Economic Area (EEA) and believe your data protection rights have been violated, you have the right to lodge a complaint with your local supervisory authority. A list of EU/EEA data protection authorities and their contact details is available from the European Data Protection Board (EDPB).
Use the "Export My Data" option in Settings to download your data. Use "Delete My Account" in Settings to permanently delete all your data. Contact us at the email below for other requests.
MyTrustworthy AI is not directed at users under the age of 13 and complies with the Children's Online Privacy Protection Act (COPPA). The platform is also not directed at users under the age of 16, in accordance with the General Data Protection Regulation (GDPR) requirements for processing children's data.
We do not knowingly collect, use, or disclose personal information from children under 13. If we learn that we have inadvertently collected personal information from a child under 13, we will take steps to delete that information promptly.
A parent or guardian who believes their child has provided personal information to MyTrustworthy AI may contact us at [email protected] to request review and deletion of the child's data.
We may update this policy. The version number and effective date at the top will reflect the latest revision. This policy is reviewed at least annually. Continued use of the platform constitutes acceptance of the updated policy.
For privacy questions, contact us at [email protected].