Soft white clouds on a light background, decorative visual for website design
EarlyBird logo — minimal white bird icon on transparent background.

Privacy Policy

ALIGNED AI PRIVACY POLICY


Effective Date: Oct 18, 2025

GetAligned AI LLC ("Aligned AI," "we," "us," or "our") is committed to protecting your privacy and the privacy of your family. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use our website, mobile applications, and AI services at TryAligned.AI ("Services").

This Privacy Policy applies when Aligned AI acts as a data controller—for example, when you use Aligned AI for personal or family use. It does not apply when we act as a data processor on behalf of organizations (such as schools or churches who provide you access through group accounts).

Key Points:

  • We are a general audience service designed for adults and families

  • Parents create accounts and may add family members ages 13 and up

  • We comply with COPPA when we add support for children under 13 (coming soon)

  • We never sell your data or use it for advertising

  • Parents have full control over family member data

If you have questions, contact us at privacy@tryaligned.ai



1. Information We Collect

A. Information You Provide Directly

Account Information

  • Name, email address, and phone number when you create an account

  • Payment information when you subscribe (processed by Stripe)

  • Family member names and age ranges when you add them to your account

  • Faith tradition and values preferences you choose

Conversation Data

  • Your prompts and questions to our AI ("Inputs")

  • AI-generated responses ("Outputs")

  • Conversation history, bookmarks, and saved content

Settings and Preferences

  • Content filtering levels (Standard or Family Mode)

  • Notification preferences

  • Account settings and customizations

Communications

  • Messages you send to our support team

  • Feedback you provide about AI responses

  • Safety alert acknowledgments

B. Information We Collect Automatically

Technical Information When you use our Services, we automatically collect:

Device and Connection Information

  • Device type, operating system, and browser information

  • IP address and general location (city/state level derived from IP)

  • Internet service provider

  • Time zone settings

Usage Information

  • Dates and times you access the Services

  • Features you use and pages you view

  • Session duration and interaction patterns

  • Error logs and performance data

Cookies and Similar Technologies We use cookies and similar technologies for:

  • Session management (keeping you logged in)

  • Remembering your preferences

  • Understanding how you use our Services

You can control cookies through your browser settings. Disabling cookies may affect some Service functionality.

For more details, see our Cookie Policy below.

C. Information We Collect from Third Parties

Authentication Services If you sign in using Firebase authentication, we receive your email address and basic profile information.

Payment Processors Stripe processes your payment information. We receive transaction confirmations but do not store your full credit card details.

AI Model Providers We use OpenAI's GPT models and Groq infrastructure to power our AI. These providers process your conversation data to generate responses but do not retain your data after processing (per their terms).



2. How We Use Your Information

We use your information for the following purposes:

Service Delivery

  • Provide AI conversation services to you and your family members

  • Apply content filtering based on your preferences

  • Generate values-aligned responses based on your faith tradition settings

  • Sync your settings and conversations across devices

  • Process payments and manage subscriptions

Safety and Protection

  • Monitor conversations for safety concerns based on our tiered alert system

  • Send safety alerts to parents when concerning content is detected

  • Automatically restrict access when Tier 1 safety triggers are detected

  • Investigate and prevent misuse, fraud, or violations of our Terms of Service

  • Protect the security of our Services and users

Communication

  • Send important service notifications and updates

  • Respond to your support requests

  • Send safety alerts about family member activity

  • Provide account and billing information

Product Improvement

  • Improve AI response quality and accuracy

  • Enhance safety detection systems

  • Debug errors and optimize performance

  • Develop new features based on usage patterns

  • Conduct internal research and analysis

Important: We do not use your conversations to train our AI models. We only train our base model using sources we directly provide. We do use safety-flagged content to improve our sensitive topic detection systems.

Legal Compliance

  • Comply with legal obligations and law enforcement requests

  • Enforce our Terms of Service and Acceptable Use Policy

  • Protect our rights and the rights of others

  • Respond to legal processes



3. How We Share Your Information

We Do Not Sell Your Data

Aligned AI never sells or shares your personal information or conversation data with advertisers, data brokers, or other third parties for their commercial purposes.

Service Providers

We share information with trusted service providers who help us operate our Services:

Infrastructure and Hosting

  • Google Cloud (data storage in US-West region)

  • Vercel (web hosting)

  • Groq (AI infrastructure)

Communication Services

  • SendGrid (email delivery)

  • Twilio (SMS alerts)

Analytics and Monitoring

  • Google Analytics (usage analytics)

  • Mixpanel (product analytics)

  • Vercel Logs (error tracking)

Authentication and Payments

  • Firebase (authentication services)

  • Stripe (payment processing)

AI Services

  • OpenAI (AI model provider)

These providers are contractually required to protect your data and use it only for specified purposes. They may not use your data for their own purposes.

Legal Requirements

We may disclose information when required by law or to protect safety:

  • In response to valid legal processes (subpoenas, court orders, warrants)

  • To protect the safety of our users or the public

  • To investigate fraud, security issues, or violations of our Terms

  • To enforce our legal rights

Emergency Situations

In cases of imminent danger (Tier 1 safety alerts), we may:

  • Notify parents/guardians immediately

  • Contact emergency services if we believe there is immediate risk of serious harm

  • Preserve relevant data for law enforcement

Business Transfers

If Aligned AI is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you and ensure continued protection of your data.

With Your Consent

We will share your information with third parties when you direct us to do so, such as when you enable future integrations with Google Drive or other services.



4. Children's Privacy

Current Age Requirements

During our Alpha and Beta testing phases, family members added to accounts must be at least 13 years old. By adding a family member, you certify that they meet this age requirement.

Future Support for Children Under 13

We plan to add support for children under 13 in the future. When we do, we will fully comply with the Children's Online Privacy Protection Act (COPPA), including:

Verifiable Parental Consent

  • We will obtain clear, affirmative consent from parents before collecting any information from children under 13

  • Parents will review what information we collect and how we use it

  • Consent will be documented and verifiable

Limited Collection

  • We will collect only information necessary to provide our Services

  • We will not condition a child's participation on providing more information than necessary

Parental Rights Parents will be able to:

  • Review all information we have collected from their child

  • Request deletion of their child's information at any time

  • Refuse further collection or use of their child's information

  • Export their child's data

No Marketing to Children

  • We will never use children's information for behavioral advertising

  • We will never market directly to children

  • Children's information will never be sold or shared with advertisers

Enhanced Protections

  • Stricter data security measures for children's information

  • Additional safety monitoring and alerts

  • More restrictive content filtering options

Safe Harbor Certification

After our initial testing period, we plan to obtain certification from FTC-approved COPPA Safe Harbor programs (such as kidSAFE or PRIVO) to demonstrate our compliance and commitment to children's privacy.



5. Your Privacy Rights and Choices

Access and Control

You have the right to:

View Your Information

  • Access all personal information we have about you

  • View your complete conversation history

  • See all family member profiles and settings

Correct Your Information

  • Update inaccurate account information

  • Correct family member details

  • Modify your preferences and settings

Delete Your Information

  • Delete individual conversations (removed immediately)

  • Delete family member profiles

  • Delete your entire account

Export Your Information

  • Download your data in JSON format

  • Receive a copy of all conversations and settings

  • Port your data to another service

How to Exercise These Rights:

  • Log in to your account settings

  • Email us at privacy@tryaligned.ai

  • We will respond within 30 days (or as required by applicable law)

Communication Preferences

You can control what notifications you receive:

Safety Alerts (Cannot be disabled for parent accounts)

  • Critical safety notifications about family members

  • Tier 1 and Tier 2 alerts are always sent

Service Communications

  • Account and billing notifications

  • Important service updates

  • Security alerts

Marketing Communications (If we add these in the future)

  • Unsubscribe using the link in any email

  • Opt out in your account settings

Content Filtering

You control the content filtering level for each family member:

  • Standard: Normal content filtering

  • Family Mode: Enhanced filtering for family-friendly content

You can change these settings at any time in your account dashboard.

Account Deletion

To delete your account:

  1. Cancel your subscription (if applicable)

  2. Go to Account Settings → Delete Account

  3. Confirm deletion

What happens when you delete:

  • Immediate: Account access disabled, data removed from active systems

  • Within 7 days: Data removed from backups

  • Within 30 days: Complete data purge, confirmation email sent



6. Data Security

Security Measures

We implement industry-standard security measures to protect your information:

Encryption

  • End-to-end encryption for data transmission (TLS/SSL)

  • Encryption at rest for all stored data

  • Secure password hashing

Access Controls

  • Limited employee access (3 employees: 2 backend developers + technical lead)

  • Database access logging (tracks who accesses what data and when)

  • Background checks for all employees with data access

  • Multi-factor authentication for administrative access

Monitoring and Response

  • Continuous security monitoring

  • Automated threat detection

  • Regular security updates

  • Incident response procedures

Infrastructure Security

  • Secure cloud hosting with Google Cloud and Vercel

  • Regular security audits

  • Penetration testing (planned)

Data Breach Notification

If we experience a data breach that affects your personal information, we will:

  • Notify you within 72 hours (or as required by applicable law)

  • Explain what information was affected

  • Describe steps we're taking to address the breach

  • Provide guidance on protecting yourself

No Absolute Security

While we implement strong security measures, no system is completely secure. We cannot guarantee absolute security against all threats. You acknowledge this risk by using our Services.



7. Data Retention

How Long We Keep Your Information

Account Data

  • Retained while your account is active

  • Deleted within 30 days of account closure

Conversation Data

  • Active conversations: Until you delete them

  • Deleted conversations: Purged immediately from active systems

  • Backups: Removed within 7 days of deletion

Safety Alert Data

  • Flagged conversations: Retained for up to 12 months for safety improvement

  • After 12 months: Permanently deleted

  • Note: When access is automatically revoked, only the alert notification (not full conversation) is retained

Logs and Technical Data

  • Error logs: 30 days

  • Access logs: 30 days

  • Usage analytics: Aggregated indefinitely (anonymized)

Payment Data

  • Transaction records: 7 years (for tax and legal compliance)

  • Credit card information: Never stored (Stripe handles this)

Legal Hold If we receive a legal hold notice or believe data is needed for legal proceedings, we may retain data longer than specified above.



8. International Data Transfers

U.S.-Based Service

Aligned AI is based in the United States, and our servers are located in the United States (Google Cloud US-West region). If you access our Services from outside the U.S., your information will be transferred to and processed in the United States.

For International Users

Data Protection Standards

  • U.S. data protection laws may differ from those in your country

  • We implement appropriate safeguards regardless of location

  • We comply with applicable international data protection regulations

Legal Basis for Transfers For users in regions with data transfer restrictions (such as the EU/UK), we rely on:

  • Standard Contractual Clauses (when available and applicable)

  • Your consent to transfer data for Service operation

  • Necessity for contract performance

Third-Party Processors Our service providers (OpenAI, Google Cloud, etc.) may process data in the United States and other approved jurisdictions. These transfers are necessary for Service operation.

Future International Expansion

We currently serve U.S. users. If we expand internationally, we will:

  • Update this Privacy Policy with region-specific information

  • Implement additional safeguards as required by local law

  • Obtain necessary certifications or approvals



9. State-Specific Privacy Rights

California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

Right to Know

  • What personal information we collect

  • Categories of sources

  • Business purposes for collection

  • Categories of third parties we share with

Right to Delete Request deletion of your personal information (subject to certain exceptions)

Right to Correct Request correction of inaccurate personal information

Right to Opt-Out

  • We do not "sell" personal information as defined by CCPA

  • We do not "share" personal information for cross-context behavioral advertising

Right to Non-Discrimination We will not discriminate against you for exercising your privacy rights

Authorized Agents You may designate an authorized agent to make requests on your behalf

How to Exercise California Rights: Email privacy@tryaligned.ai or use the contact information at the end of this policy

Verification: We may request information to verify your identity before processing requests

Response Time: We will respond within 45 days (may extend by 45 days if needed)

Other State Privacy Laws

Residents of Virginia, Colorado, Connecticut, Utah, Montana, Oregon, Texas, and other states with comprehensive privacy laws have similar rights as described above. Contact privacy@tryaligned.ai to exercise these rights.

Children's Data Under State Laws

For minors, privacy rights are exercisable by parents or legal guardians. We provide enhanced protections for children's data beyond state law requirements.



10. Changes to This Privacy Policy

Updates

We may update this Privacy Policy from time to time to reflect:

  • Changes to our Services or features

  • Changes in privacy laws or regulations

  • Improvements to our privacy practices

  • User feedback

Notification

When we make material changes:

  • We will update the "Effective Date" at the top of this policy

  • We will notify you via email

  • We may display a notice in your account

  • For significant changes, we may require you to review and accept the updated policy

Your Acceptance

Your continued use of our Services after changes take effect constitutes acceptance of the updated Privacy Policy. If you do not agree with changes, you may delete your account.

Version History

You can view previous versions of our Privacy Policy by contacting privacy@tryaligned.ai



11. Contact Information

Questions or Concerns

If you have questions about this Privacy Policy or want to exercise your privacy rights:

Email: privacy@tryaligned.ai

Mail: GetAligned AI LLC 5 Sunwood Sandy, UT 84092 United States

Support: support@tryaligned.ai

Response Time

We will respond to privacy inquiries within:

  • 30 days (standard)

  • 45 days (for complex requests, with notice)

  • As required by applicable law in your jurisdiction

Supervisory Authorities

Depending on your location, you may have the right to lodge a complaint with a data protection authority:

United States: Federal Trade Commission (FTC.gov)

California: California Attorney General and California Privacy Protection Agency

EU/UK: Contact information for EU supervisory authorities available at edpb.europa.eu



APPENDIX A: COOKIE POLICY

What Are Cookies?

Cookies are small text files stored on your device that help us provide and improve our Services.

Cookies We Use

Essential Cookies (Required)

  • Purpose: Session management, authentication, security

  • Duration: Session or persistent (up to 1 year)

  • Can be disabled? No (Services won't work without them)

Analytics Cookies (Optional)

  • Purpose: Understanding how you use our Services

  • Services: Google Analytics, Mixpanel

  • Duration: Up to 2 years

  • Can be disabled? Yes (through browser settings or our cookie preferences)

Third-Party Cookies

Google Analytics

  • Tracks page views, session duration, user flows

  • Privacy Policy: policies.google.com/privacy

  • Opt-out: tools.google.com/dlpage/gaoptout

Mixpanel

  • Tracks feature usage and product interactions

  • Privacy Policy: mixpanel.com/legal/privacy-policy

  • Opt-out: mixpanel.com/optout

Your Cookie Choices

Browser Settings Most browsers allow you to:

  • Block all cookies

  • Block third-party cookies only

  • Delete cookies after each session

  • Receive alerts before cookies are stored

Our Cookie Settings You can manage cookie preferences in your account settings (feature coming soon).

Do Not Track We honor Global Privacy Control (GPC) signals and similar browser-based privacy preferences.

Effect of Disabling Cookies

If you disable cookies:

  • Essential cookies: You cannot use our Services

  • Analytics cookies: Your experience is unaffected, but we can't improve based on your usage patterns



APPENDIX B: SAFETY MONITORING NOTICE

How Safety Monitoring Works

Aligned AI uses automated systems to monitor conversations for safety concerns. This monitoring is designed to protect family members and alert parents to potential issues.

What We Monitor

Our AI systems scan conversations for indicators of:

Tier 1 - Immediate Alert (within minutes)

  • Self-harm or suicide statements

  • Physical or sexual abuse

  • Immediate physical danger

Tier 2 - Urgent Alert (within 4 hours)

  • Severe bullying or harassment

  • Serious emotional distress

  • Substance use or exposure

  • Inappropriate sexual content

Tier 3 - Daily Alert (within 24 hours)

  • Academic or school problems

  • Social relationship difficulties

  • Family stress

  • Risk-taking behaviors

Tier 4 - Weekly Summary

  • Identity and development questions

  • Normal developmental challenges

  • Mild behavioral concerns

Automated Actions

When Tier 1 alerts are triggered:

  • Family member's access is automatically restricted

  • Parent receives immediate notification via SMS and email

  • Conversation is flagged for review

  • Access can be restored by parent after review

For other tiers:

  • Parent receives alert notification

  • No automatic access restriction

  • Parent decides appropriate action

Important Limitations

Our safety monitoring is NOT:

  • A guarantee of detection (systems may miss concerning content)

  • A substitute for parental supervision

  • Emergency monitoring or crisis intervention

  • Intended to replace professional mental health care

We do NOT:

  • Monitor every message in real-time (scanning happens on a delay)

  • Guarantee detection of all safety concerns

  • Have a duty to contact authorities (though we may in emergencies)

  • Provide professional counseling or crisis services

False Positives and Negatives

Our automated systems may:

  • Flag innocent conversations incorrectly (false positives)

  • Miss concerning content (false negatives)

  • Misinterpret context or meaning

Parents remain solely responsible for supervising their family members' use of our Services.

Privacy and Safety

When conversations are flagged:

  • Parents see the concerning content and surrounding context

  • We retain flagged content for up to 12 months to improve detection

  • Content is not shared with third parties except as required by law

  • Only the subject of the alert (not full conversations) is retained long-term

Emergency Resources

If you or someone you know is in crisis:

  • Call 911 for immediate emergencies

  • Call 988 for Suicide & Crisis Lifeline (24/7)

  • Text "HELLO" to 741741 for Crisis Text Line

Our Services are not designed for emergency detection and should never be relied upon for crisis intervention.



APPENDIX C: AI MODEL AND TRAINING NOTICE

AI Models We Use

Aligned AI uses third-party AI models to power our Services:

  • OpenAI GPT models (specifically GPT-OSS-120B)

  • Groq infrastructure for model serving

These providers process your conversation data to generate responses but do not retain your data after processing (per their terms and policies).

How We Train Our AI

We do NOT use your conversations to train our AI models.

Our approach to model training:

  • We train our base model only with sources we directly provide

  • We do not use family conversations for general model training

  • We do not sell or share conversation data with AI training companies

Safety System Training

We DO use safety-flagged content to improve our detection systems:

  • When conversations trigger safety alerts, we analyze them

  • This helps improve our ability to detect concerning content

  • Flagged content is anonymized before use in safety system training

  • We cannot identify individual users from training data

Optional Feedback

If you provide explicit feedback (such as rating AI responses), we may use that feedback to improve our Services. This is always optional.

Third-Party AI Provider Policies

Our AI providers have their own data practices:

  • OpenAI: See openai.com/policies/privacy-policy

  • We have agreements with providers that prohibit them from using your data for their own model training

AI Limitations

AI systems may:

  • Produce inaccurate or biased responses

  • Misunderstand context or intent

  • Generate inappropriate content despite safeguards

  • Make factual errors

  • Reflect biases in training data

You should not rely on AI outputs for important decisions and should always verify information from authoritative sources.