Privacy Notice for JillAI

JillAI ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy outlines how we collect, use, store, and protect your personal data when you use our services, including through our website (https://www.jillai.tech), the JillAI platform, and any associated services.

Disclaimer: JillAI is a student-led project created for educational purposes and is not a registered legal entity. This Privacy Policy is designed to outline how we handle your data for the purposes of this academic project.

Table of Contents

• 1. Data We Collect
• 2. How We Use Your Information
• 3. How We Store Your Data
• 4. Third-Party Access to Your Data
• 5. User Rights (GDPR Compliance)
• 6. Data Security
• 7. Changes to this Privacy Policy
• 8. Contact Us

1. Data We Collect

We collect the following personal data to provide you with the best possible experience:

User Profile Information:

• Names (First and Last) — Purpose: Identity verification and personalization.
• Date of Birth (DOB) — Purpose: Personalization and identity verification.
• Gender — Purpose: Identity verification and to tailor AI assistant interactions.
• Zip Code — Purpose: To provide localized weather data via the OpenWeather API.
• Email Address — Purpose: Used for authentication and communication regarding your account.

Authentication and Security:

• Username and Password — Purpose: Authentication and account security.
• Security: Passwords are stored with 256-bit encryption.

OAuth Data (Google API Integration):

• Google TokenID, RefreshID, and GoogleID — Purpose: To enable JillAI to access and manage your Google Calendar on your behalf, including creating, modifying, and deleting calendar events.

User Preferences:

• Persona and UI Mode — Purpose: Personalize the user interface and AI persona selection.

Chat History:

• Messages and Conversations — Purpose: Stored for your convenience to review past interactions.
• Security: Chat history will be encrypted at rest.

Payment Information (Stripe Integration):

• Billing Information — Purpose: Process payments for JillAI's premium services.
• Security: Payment data is handled securely by Stripe and is not stored on our servers.

2. How We Use Your Information

• Provide and improve our services: Including managing your profile, delivering personalized AI responses, and accessing your Google Calendar on your behalf.
• Authentication and Security: Ensuring secure access to your account.
• Communication: Sending account-related notifications and updates.
• Weather Data: Using your Zip Code to provide localized weather information.
• Payment Processing: For subscription and billing through Stripe (if applicable).
• Improve User Experience: By saving chat history for review and providing continuity in AI conversations.

3. How We Store Your Data

Your data is stored securely using appropriate industry-standard encryption and security measures to protect it from unauthorized access, disclosure, or alteration.

• User Profile Data: Stored securely for account management.
• Chat History: Stored in an encrypted format for your convenience.
• Payment Information: Managed by Stripe, a third-party payment provider, which handles your payment data in compliance with industry standards.

4. Third-Party Access to Your Data

We do not share your personal data with third parties, except when strictly necessary for our service to function (e.g., Google API for Calendar management or Stripe for payment processing). Your chat data is stored locally on our servers and is not shared with any third parties, including OpenAI, which powers some of the AI functionality. All memory and storage remain under our control.

5. User Rights (GDPR Compliance)

If you are a resident of the European Union (EU) or the European Economic Area (EEA), you have the following rights regarding your personal data:

• Right to Access: You can request access to the personal data we hold about you.
• Right to Rectification: You can request corrections to any inaccurate data.
• Right to Erasure (Right to be Forgotten): You can request that we delete your data, subject to any legal obligations we may have.
• Right to Data Portability: You can request a copy of your personal data in a structured, commonly used, and machine-readable format.
• Right to Restrict Processing: You can request that we limit the processing of your personal data in certain circumstances.
• Right to Object: You can object to the processing of your data based on our legitimate interests.

To exercise these rights, please contact us at privacy@jillai.tech.

6. Data Security

We implement appropriate security measures, including encryption, to ensure your personal data is protected. This includes:

• Encrypted Storage: Chat history and sensitive user information are encrypted at rest.
• OAuth Compliance: We adhere to OAuth standards for secure Google authentication.
• Payment Security: Stripe handles all payment data in compliance with PCI-DSS regulations.

7. Changes to this Privacy Policy

We may update this Privacy Policy from time to time in order to reflect changes to our practices or for other operational, legal, or regulatory reasons. The updated Privacy Policy will be posted on our website with the "Last Updated" date at the top.

8. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at privacy@jillai.tech.