Privacy Policy

Effective Date: March 3, 2026

1. Overview

IGNIO is committed to protecting your privacy. We process your data (messages, receipts, events, financial transactions) strictly for delivering the personal assistant experience, improving extraction accuracy, and maintaining system reliability.

This policy follows:

• LGPD (Brazil's General Data Protection Law)
• GDPR (EU General Data Protection Regulation)
• CCPA/CPRA (US state privacy laws)
• Privacy by Design principles

2. Data We Collect

2.1 User-provided data

• Text messages sent via WhatsApp or Telegram
• Audio notes
• Receipt images and documents
• Calendar-related inputs
• Queries and commands
• Optional user preferences and categories

2.2 Authentication data

• Phone number (via WhatsApp or Telegram)
• Email address (dashboard login)
• Google OAuth authentication data (for Google Calendar integration)

2.3 Profile data

• Name
• Username
• Timezone
• Preferred currency

2.4 Subscription and payment data

• Subscription plan (Free, Plus, or Pro)
• Billing history and invoices
• Payment data processed by Stripe (IGNIO does not store full card numbers)

2.5 Automatically-collected metadata

• Timestamps
• Webhook metadata (message ID, sender ID)
• Delivery receipts
• System logs (minimal PII)

2.6 Generated data (AI pipeline)

• Parsed structured items (transactions, events, notes)
• Vendor aliases and mappings
• Confidence scores
• Categorization metadata

Important: We do not use user data to train external LLMs (Mistral/Google policies already forbid this for API usage).

3. AI and LLM Processing

IGNIO uses external artificial intelligence providers to process and classify your data:

• Mistral AI: transaction classification, natural language processing, and audio transcription
• Google Cloud: document OCR, natural language processing, and calendar integration

Ephemeral processing: Data sent to these providers is processed in real time and is not retained by them for model training. All calls are made via API, and these providers' policies prohibit using API data for training.

4. Payment Processing via Stripe

IGNIO uses Stripe as its payment processor to manage subscriptions and billing.

• Stripe processes all payment data directly:IGNIO does not store full credit card numbers
• PCI DSS compliance is handled by Stripe
• We only store Stripe customer references (IDs), active plan, subscription status, and invoice history
• Billing data is retained while the account is active or as required by tax and legal obligations

5. Subscription Data

IGNIO offers three subscription tiers:

• Free:basic features at no cost
• Plus:additional features with expanded limits
• Pro:full access to all features

We store information about your current plan, start and renewal dates, and plan change history to manage your access to features and for customer support purposes.

6. Legal Bases for Processing

LGPD (Brazil)

• Consent (Art. 7, I) for processing messages, receipts, and personal financial data
• Execution of contract (Art. 7, V) to operate the assistant

GDPR (EU)

• Consent (Art. 6.1.a):explicit opt-in for data processing
• Legitimate Interest (Art. 6.1.f):for service analytics & security
• Contractual necessity (Art. 6.1.b):to deliver the requested features

7. Data Retention Policy

IGNIO stores data only for the period necessary to provide the service.

7.1 Messages and webhook payloads

Retained for: 30-90 days

Used for debugging, reprocessing, and audit trails. Automatically deleted after retention period.

7.2 Attachments (images, audio, PDFs)

Retained until: user deletes, except audio which is automatically deleted after 7 days

Images and PDFs are kept until the user deletes them. Audio files are automatically deleted after 7 days.

7.3 Structured items (expenses, income, events, notes)

Retained until: user deletes account or specific items

These are the core value of the assistant.

7.4 Logs and metrics

Retained for: 7-30 days

Logs are anonymized when possible.

7.5 Billing data

Retained while the account is active, or as required by tax and legal obligations after account closure.

8. Your Rights

You can request:

• Access:see all data stored in IGNIO
• Correction:fix incorrectly parsed items
• Deletion:wipe account and all data
• Portability:export data as CSV/JSON
• Consent withdrawal:stop processing at any time

IGNIO will respond within:

• 15 days (LGPD - Brazil)
• 30 days (GDPR - EU)
• 45 days (CCPA - US)

8.1 Data export (GDPR/LGPD)

You can request a full export of your data through the dashboard:

• Data is exported in CSV format, including associated attachments
• Download links are signed with tokens valid for 24 hours
• Limit of 1 export per 24 hours

8.2 Account deletion

• When you request deletion, there is a 30-day grace period before permanent deletion
• During this period, you can cancel the request or simply log in to reactivate your account
• After confirmation, all data is permanently removed

9. Data Locations & Transfers

IGNIO may process data in:

• Brazil
• US (cloud services)
• EU (future hosting expansion)

Protection measures:

• All data in transit → TLS 1.2+
• All data at rest → AES-256 encryption
• User tokens and OAuth credentials → encrypted using secret management
• Processor agreements (DPAs) with cloud providers

10. Security Measures

• HTTPS everywhere
• Sensitive tokens stored in encrypted secrets
• Media files stored with presigned URLs (limited time)
• Role-based access controls
• Daily backups + restoration tests
• API rate limits to prevent abuse
• PCI DSS compliance via Stripe for payment data

11. Data Deletion Policy

When you delete your account:

• User profile deleted
• All items (transactions, events, notes) deleted
• All attachments deleted
• Subscription data and Stripe references removed
• Cache entries/Redis jobs cleaned
• Within ~7 days, old backups age out automatically

12. Data Sharing

IGNIO does not:

• Sell data
• Share data with advertisers
• Train external AI models using user data

IGNIO may share data only with:

• Stripe: payment processing and subscription management
• Mistral AI: AI data processing via API
• Google Cloud: AI data processing, document OCR, and calendar integration via API
• PostHog: anonymized dashboard analytics
• Cloud infrastructure providers

13. Children's Data

IGNIO is not intended for users under 16 and does not knowingly process minors' data.

14. Cookies and Analytics

The IGNIO website and dashboard use the following cookies and third-party services:

• PostHog:dashboard analytics to understand how users interact with the product. Data is anonymized when possible
• Stripe.js:cookies required for secure payment processing and fraud prevention
• Cloudflare Turnstile:bot protection, without invasive tracking cookies

We do not use cookies for advertising or cross-site tracking. You can manage your cookie preferences at any time.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by email or through the app.

16. Contact Us

If you have questions about this Privacy Policy or your data, please contact us at contact@ignio.app.