CONSCIOUSS AI, INC.
PRIVACY POLICY
Last Updated: July 15, 2026
A. Introduction
The Consciouss AI Platform is an artificial intelligence software product that acts as a digital coworker to help you complete tasks on your devices and on the internet. The Platform is available on desktop computers and mobile devices, and the information it accesses and collects varies by device and by which features you choose to enable. On desktop, it works across your existing computer applications and web browsers. On mobile, it operates primarily through the Platform's own app, which includes a built-in web browser, a voice conversation mode, and optional companion features such as SOL (SMS). The Platform remains under your control at all times. The desktop Platform also includes an optional feature called Ambient Mode, which, when manually enabled by you, quietly observes activity on your computer in the background using macOS system APIs in order to provide more contextually relevant assistance. This Privacy Policy describes how we handle the information the Platform accesses and collects — including through Ambient Mode, the mobile app's ambient context collection, and other device-specific features — with your permission to provide this assistance. The specific features, devices, and companion services available to you depend on your platform, plan, and location, and some features described here may not be available in every jurisdiction where the Platform is offered.
By using the Platform, you acknowledge and agree to the data practices described in this Privacy Policy. We process your information as necessary to perform our contract with you (i.e., to provide the Platform), for our legitimate business interests (such as improving the Platform and ensuring its security), and, where required by applicable law, with your consent. If you do not agree with this Privacy Policy, please do not use the Platform.
B. Information We Collect
1. Information You Provide to Us
When you create an account, we collect:
-
Your full name
-
Email address
-
Personality questions
If you use Google or Apple Single Sign-On to create your account, we collect your account information from that provider (such as your name and email address) in accordance with that provider's authorization protocols.
If you subscribe to a paid plan, we collect payment information such as credit card details, which are processed through secure third-party payment processors.
During onboarding, we also ask you to answer a set of seven (7) personality and preference questions to help the Platform tailor its assistance to you. Your responses to these onboarding questions are stored on our servers and associated with your account, and are used to personalize your experience as described in Section C.
2. Information Collected Through Your Use of the Platform
On desktop, as the Platform assists you across your computer applications and web browsers, acting as your digital coworker, you may provide or grant the Platform access to:
-
Schedules and calendars
-
To-do lists and assignments
-
Gmail account information (if you choose to connect your Gmail)
-
Personal information including phone numbers, addresses, and other data you input or that appears on your screen
-
Potentially confidential information such as credit card information, social security numbers, or driver's license information that may be visible during Platform operation. The Platform does not intentionally collect or retain this information; however, it may be inadvertently captured and transmitted to third-party AI providers as part of the screen viewing functionality. We recommend disabling screen viewing before accessing financial accounts or documents containing sensitive identifiers.
The desktop Platform, with your permission, can view your screen — similar to sharing your screen with a remote assistant — and access information visible on your screen. It analyzes your inputs and interactions to understand your personality and preferences, enabling it to provide personalized recommendations and assistance. You remain in control and may disable screen viewing at any time.
On mobile, the Platform's own app collects information from your activity within the app, including your chat messages, information from the app's built-in browser, and, if you grant the relevant permissions, information from your device's microphone, calendar, and contacts. Section 3c through Section 6 below describe mobile-specific collection in more detail.
3a. Information Collected Through Ambient Mode (Desktop — macOS)
Ambient Mode is an optional feature that is OFF by default and must be manually enabled by you. When enabled, it collects activity data from your computer using macOS system APIs (not screen capture, video, microphone, or camera). It requires you to grant Accessibility and Automation permissions.
Data Collected When Ambient Mode Is Active: At regular intervals, the Platform collects the following data points:
-
The name and internal bundle identifier of the active foreground application
-
The window title of the active application (which may include document names, email subjects, or meeting names)
-
The full URL of the active browser tab (Safari and Chrome only)
-
A classification of your current activity level (focused, browsing, stuck, or idle) based on keyboard and mouse inactivity
-
A hash and byte size of clipboard content (raw clipboard text is not saved to disk unless a separate setting is enabled)
-
Device power state (AC or battery) and whether the screen is locked
-
If a call application (Zoom, WhatsApp, FaceTime, Teams, Slack, or Discord) is in use, the window title — which may include the name of the other call participant
Built-In Filters: Before any Ambient Mode data is saved, automated filters that cannot be disabled by the user are applied. These filters are set in the application's source code and are not user-configurable. Certain applications (password managers including 1Password, Bitwarden, and Keychain Access; Tor Browser; and the ConscioussAI application itself) are always ignored — meaning the application name and bundle ID are excluded from collection entirely and are not stored in any form. Certain URLs (including Google account sign-in pages (accounts.google.com) and URLs containing patterns such as login., /login, /signin, bank, chase.com, and stripe.com/dashboard) are automatically redacted — the URL and window title are replaced with the word "(redacted)" — before storage.
Local Storage: Ambient Mode data is stored locally on your device in two ways: (i) a temporary in-memory ring buffer (maximum 2,000 events; overwritten when full; never written to disk); and (ii) a persistent SQLite database file on your device (userData/ambient.db) that stores structured activity episodes summarizing which application was open, for how long, and at what focus level. Each episode record may include: application name, bundle ID, window title, URL, domain, duration (seconds), idle percentage, activity level, clipboard count, and clipboard repeat count.
User Controls Over Local Data: You may delete local Ambient Mode data using: (a) automatic deletion of data older than 30 days (runs on startup and every 6 hours); (b) "Forget Last 15 Minutes," which erases in-memory and database entries from the last 15 minutes; and (c) "Forget All," which wipes the entire in-memory buffer and local database.
Important: The "Forget All" control also deletes any long-term memories generated from your ambient data through the desktop memory consolidation feature described in Section 3b below, which are stored locally on your device. These controls do not, however, delete any data that has already been transmitted to and stored on our servers (such as account-level data or chat history), and cannot recall ambient data that has already been transmitted to third-party AI providers for processing, such as ambient context included with past chat messages. See Section G (Data Retention) for details These controls cannot, however, recall ambient data that has already been transmitted to third-party AI providers for processing, such as ambient context included with past chat messages. See Section G (Data Retention) for details. These controls cannot, however, recall ambient data that has already been transmitted to third-party AI providers for processing, such as ambient context included with past chat messages. See Section G (Data Retention) for details.
Important: Third-Party AI Processing — At launch, the Platform uses third-party artificial intelligence providers, including large language model (LLM) providers, to power its AI capabilities. This means that the information listed above, including potentially sensitive information visible on your screen, may be transmitted to and processed by these third-party AI providers. These third parties process your information solely to enable the Platform's AI functionality; as described in Section E below, we do not use your information to train AI models and do not authorize our providers to use it to train theirs. We select third-party providers with appropriate data protection commitments, but we cannot fully control how these providers handle data once it is shared with them.
3b. Ambient Mode — Data Transmitted to External Servers (Desktop)
When Ambient Mode is enabled, ambient activity data is transmitted to third-party AI servers through three mechanisms:
- Chat Message Context Transmission — Each time you send a message using the Platform's chat interface, approximately 20 minutes of your most recent ambient activity data is automatically included as
background context in the request sent to your selected third-party AI provider. This context may include clock times, application names, window titles (which may contain document names, meeting subjects, or contact names), URL host and path information, duration, activity level, and idle percentage for each episode, information about the currently open application, and the name of any call participant currently detected. This data is sent to whichever AI provider you have selected in your settings (e.g., OpenAI, Anthropic, Google, MoonShot AI, etc.).
-
Activity Trigger Transmissions — A background monitoring process continuously analyzes your activity. When your activity is classified as falling into certain categories — including spreadsheet work, presentations, research, homework, music, streaming, coding, reading, or appearing stuck — a summary of your recent ambient activity is automatically transmitted to Google Gemini 2.5 Flash (routed via OpenRouter). This transmission occurs automatically and silently based on a pattern match whenever Ambient Mode is enabled, and you are not notified at the time the transmission occurs. If the AI generates a suggestion based on this analysis, you may receive a notification presenting that suggestion, which you can use to start a chat or dismiss. The only way to stop activity trigger transmissions is to disable Ambient Mode. The data transmitted may include application name, URL host and path, window title (truncated), session duration, activity level, idle percentage, clipboard counts, and a short history of prior episodes (specifically when the "stuck" classification is detected).
-
Periodic Memory Consolidation (off by default) — The desktop Platform includes a memory consolidation feature that is disabled by default and is not currently exposed as a setting within the app. If enabled, the Platform periodically batches recent ambient activity data by application and transmits these batches to a third-party AI model identified on our Subprocessors page (currently Google Gemini 2.5 Flash, routed via OpenRouter), which generates summary facts. These summary facts are stored as long-term memories locally on your device in JSON files — they are not stored on our servers — and are deleted by the "Forget All" control described in Section 3a.
Third-Party Names Captured via Call Detection: The call detection feature may capture the names of third parties (individuals who are not users of the Platform and who have not consented to capture) from call application window titles — for example, a window title such as "Sarah Johnson – WhatsApp voice call" would expose the name "Sarah Johnson" to the Platform. Those names may be transmitted to external AI providers through the mechanisms described above and, if the desktop memory consolidation feature is enabled, may be incorporated into long-term memories stored locally on your device. Important: You should inform call participants that the Platform may capture their names from call window titles, or disable Ambient Mode during calls where participants have not consented, particularly in jurisdictions (such as California) that require all-party consent to record or monitor communications.
California and Other All-Party-Consent Jurisdictions: California is an "all-party consent" jurisdiction. Under the California Invasion of Privacy Act (Penal Code section 632), it is unlawful to intentionally eavesdrop on or record a confidential communication without the consent of all parties, and violations can expose the responsible party to statutory damages. Because the Ambient Mode call-detection feature may capture the names of other call participants who have not consented, you are responsible for obtaining any consent required in your jurisdiction. We strongly recommend that you disable Ambient Mode during calls — or obtain all participants' consent before enabling it — particularly in California and other states that require the consent of all parties to record or monitor a communication.
3c. Ambient Context (Mobile)
The mobile app does not observe other applications on your device; mobile operating systems do not permit this. Instead, the mobile app collects a more limited set of ambient context from your activity within the app itself, which may include:
-
Your chat messages with the Platform
-
URLs and page titles of sites you visit in the app's built-in browser
-
Content you paste into the app from your clipboard (a short preview)
-
Snapshots of your device calendar events and reminders, if you grant calendar access
This mobile ambient data is stored locally on your device in a capped store (a maximum of 2,000 events; oldest entries are overwritten). The mobile app may periodically process this data in the background to generate proactive suggestions, which may be delivered as notifications on your device; you may disable proactive notifications in the app's settings or through your device's notification settings. In addition, after you exchange messages with the Platform on mobile, your recent chat messages may be transmitted to a third-party AI model to extract facts and preferences ("memories") used to personalize your experience, and, after each message you send, your latest message together with a summary of your profile may be transmitted to our servers so the Platform can decide whether to offer a proactive check-in or suggestion. A "forget recent activity" function lets you erase locally stored ambient events from a recent time window; older entries are automatically discarded as the capped store fills. The mobile app does not include the desktop memory consolidation feature and does not generate long-term memories from mobile ambient data. As with all ambient data, the local control cannot recall data already transmitted to third-party AI providers as context with past chat messages.
3d. Screen Viewing and Screen Sharing (Mobile)
The mobile app includes a built-in web browser and a live screen-sharing feature. When you start a live session, the Platform captures images of the built-in browser — or, if you start a screen broadcast, of your entire device screen — at regular intervals (approximately every 3 seconds) and transmits those images to third-party AI providers to generate responses. When you use assisted browsing features, the Platform may also operate the built-in browser on your behalf (for example, navigating pages or filling forms), and you may pause or take over at any time. Screen capture occurs only during a live session that you start and ends when you end the session. Screen broadcast of your entire device screen requires your device's system-level screen-recording permission, and a persistent notification is displayed for the duration of the broadcast. No screen images are captured or stored outside of an active session.
3e. Voice Mode (Microphone)
The Platform offers an optional voice conversation mode. When you activate voice mode, the Platform captures audio from your device's microphone and streams it in real time to Google (Gemini Live), which performs speech recognition and generates the spoken replies you hear using Gemini's native audio voices. Voice audio may also be transcribed using Whisper speech-recognition models hosted by Groq. During hands-free voice sessions on desktop, the Platform may also capture periodic screenshots of your screen and send them to Google along with your audio so the assistant can respond to what is on your screen; these screenshots are captured only for the duration of the voice session.
Wake Word (Android, optional): The Android app offers an optional wake-word feature. When you enable it, the app keeps your device's microphone active in the background and listens continuously for the wake phrase so that a voice session can be started hands-free. While this feature is enabled, the microphone is active even when no voice session is running, until you disable the feature or revoke microphone permission in your device settings. During passive listening, audio is processed locally on your device solely to detect the wake phrase; no audio is transmitted to any server or third party unless and until the wake phrase is detected and a voice session begins. No audio from passive listening is stored or buffered beyond what is needed for real-time wake-phrase detection.
Apart from the optional wake-word feature, the microphone is active only while a voice session you started is running; you may mute the microphone or end the session at any time. Ambient Mode and the mobile app's ambient context collection described above do not use the microphone — outside of voice mode and the wake-word feature, the Platform does not access your microphone.
3f. Location Information
IP-Based Approximate Location (All Platforms): To localize features such as shopping, food delivery, and local recommendations, the Platform determines your approximate location (country, region, city, approximate coordinates, time zone, and local currency) using IP-based geolocation. Approximate location information may be included as context in requests sent to third-party AI providers.
Device Location (Android): The Android app may request access to your device's location — using GPS and fused location services — including when you first launch the app. If you grant this permission, the app uses your device location to provide location-dependent features you request, such as setting a pickup point when booking a ride through the app's built-in browser. When used for such tasks, your device location may be shared with the third-party service you are transacting with and may be included as context in requests to the AI providers assisting with the task. Granting location permission is optional, and you may revoke it at any time in your device settings; some location-dependent features may not function without it.
3g. Contacts and SOL (Mobile)
Contacts: If you grant the mobile app access to your device contacts, the Platform reads contact names and phone numbers solely to help you address messages to people you specify (for example, "text Mom"). Contact information is matched on your device for this purpose. You may revoke contacts access at any time in your device settings.
SOL (SMS Assistant): SOL is an optional feature, currently available in the Android app, that, once you pair your phone number by sending an activation text, allows the Platform to communicate with you by SMS text message. Pairing collects your phone number. By pairing your number and sending the activation text, you provide your prior express consent to receive SMS messages from SOL at that number in response to your requests; SOL messages are transactional responses to you and are not marketing messages, message frequency varies, and standard carrier message and data rates may apply. SOL messages are routed through a gateway service hosted on Cloudflare infrastructure, which receives — in addition to your message content — your session token, your selected AI model, and a summary of your profile in order to generate replies. Messages you exchange with SOL are collected and processed by the Platform and its third-party AI providers like any other chat message. You may revoke your consent and unpair at any time in the app's settings or by replying STOP, QUIT, END, CANCEL, or UNSUBSCRIBE (or any other reasonable expression of your intent to stop) to any SOL message, after which SOL will stop texting you and we will stop collecting data through that channel.
4. Automatically Collected Information
We use cookies and similar tracking technologies to collect information about your use of the Platform. This may include:
-
Device information (operating system, browser type, device identifiers)
-
Usage data (features used, time spent, interaction patterns)
-
Technical data (IP address, error logs, system performance data)
-
Crash and error reports — If the desktop Platform encounters an error, a crash report may be sent to our error-monitoring provider, Sentry. Crash reports may include your user ID, email address, and name alongside technical data. In addition, Sentry's session replay feature, which we may enable for diagnostic purposes, captures a replay of your recent interactions with the Platform's interface (including UI clicks and navigation, but not the underlying content of documents, emails, or other materials you may be viewing). Session replay is used solely for debugging and is subject to Sentry's data retention policies.
5. Third-Party Information Inadvertently Captured
Because the Platform can view your screen when you enable this feature, the Platform may inadvertently capture personal information belonging to third parties that appears on your screen. This could include:
-
Information about friends, family, classmates, or colleagues visible in emails, messages, or social media
-
Confidential business information belonging to your employer or clients
-
Personal information visible in documents, spreadsheets, or other files
-
Any other third-party data displayed on your screen during Platform operation
You Are Responsible for Third-Party Data: You are solely responsible for ensuring that you have appropriate authorization to expose third-party information to the Platform. We recommend disabling both the screen viewing feature and Ambient Mode before accessing any information belonging to others. In particular, you should disable Ambient Mode before or during calls where participants have not consented to having their names captured and processed by the Platform.
If You Expose Third-Party Data Without Authorization: If you believe you have inadvertently exposed someone else's personal information to the Platform, you should immediately disable the screen viewing feature and contact us at support@consciouss.co so we can work with you to address the situation. However, you remain responsible for any violations of third-party rights that result from such exposure.
C. How We Use Your Information
We use the information we collect to:
-
Provide, operate, and maintain the Platform
-
Create and manage your account
-
Process your subscription and payments
-
Personalize your experience by learning your preferences and personality to provide tailored recommendations and outputs
-
Communicate with you about the Platform, including updates and support
-
Respond to your inquiries and requests
-
Monitor and analyze usage patterns and trends
-
Detect, prevent, and address technical issues, security threats, fraud, and violations of these Terms
-
Share your information with third-party AI and language model providers to enable the Platform's AI capabilities
We do not currently use your information to train AI models, and we do not currently authorize our third-party providers to use your information to train theirs. See Section E (No Use of Your Data to Train AI Models) below and Section G.9 of the Terms and Conditions.
Data Storage and Third-Party Processing
Cloud Storage: All personal data collected by the Platform is stored on cloud-based servers (currently Amazon Web Services). Your data is encrypted in transit and at rest using industry-standard security measures.
Third-Party AI Processing: We use third-party artificial intelligence providers to power the Platform's functionality. Your personal information and User Content — including data obtained through Google integrations — are transmitted to and processed by the following third-party providers:
-
Amazon Web Services (AWS) — Our cloud hosting infrastructure, where your data is stored and processed.
-
OpenRouter — An AI model routing service through which your data is transmitted to the chat model you select. OpenRouter works with underlying infrastructure providers that may include Baseten, Fireworks, SambaNova, AtlasCloud, Venice, Azure, OpenAI, Google Vertex, Google AI Studio, xAI, Anthropic, and Amazon Bedrock.
-
The Chat Model Selected by You — When you use the Platform, your data is processed by the specific AI model you have chosen, which may be provided by Anthropic, OpenAI, Google, Alibaba Cloud, Moonshot AI, DeepSeek, NVIDIA, or another provider we add over time.
-
Google (Gemini Live) and Groq — If you use voice mode, your microphone audio is sent to Google, which performs speech recognition and generates the spoken replies you hear using Gemini's native audio voices. Voice audio may also be transcribed using Whisper speech-recognition models hosted by Groq. This occurs regardless of which chat model you have selected for text conversations.
Because the specific models we offer change as the field develops, we maintain the current, authoritative list of available chat models and their providers on our Subprocessors page at https://www.conscioussai.com/subprocessors rather than in this Privacy Policy. Material changes to the Subprocessors page will be treated as updates to this Privacy Policy and subject to the notice provisions in Section M. Unless you select a different model, your data is processed by our current default model, which is also identified on that page. Visit our Subprocessors page or contact us at support@consciouss.co for the current list. Each provider has its own privacy policy governing how they collect, use, and retain data.
What This Means for You: When you use the Platform, your data — including potentially sensitive information visible on your screen — is sent to these third-party providers over the internet and processed on their systems. While we select providers with strong security practices and contractual data protection commitments, we do not have direct control over these third-party systems.
Future Plans: We plan to develop our own proprietary language models in the future, which will reduce our reliance on third-party AI providers. However, at launch, third-party processing is necessary for the Platform to function. We will update this Privacy Policy when we transition to our own models.
Important: Because your data is stored in the cloud and processed by third-party AI providers, the security of your data depends on both our security practices and those of our service providers. While we implement strong security measures and select reputable providers, cloud storage and third-party processing inherently involve transmitting your data over the internet and storing it on systems we do not directly control. No method of internet transmission or cloud storage is 100% secure.
D. How We Share Your Information
We share information with third-party service providers who perform services on our behalf. Most significantly, we use third-party artificial intelligence and large language model (LLM) providers to power the Platform's core AI functionality. Your User Content, interactions, and personal information - including information obtained through Google integrations such as Google SSO and Gmail - are transmitted to and processed by the following third-party providers: (1) Amazon Web Services (AWS) for cloud hosting and data storage; (2) OpenRouter, an AI routing service that routes your data to the chat model you select; (3) the specific chat model selected by you, or our current default model as identified on our Subprocessors page; (4) Google Gemini 2.5 Flash (via OpenRouter), which receives ambient activity data through automatic activity trigger transmissions when desktop Ambient Mode is enabled, regardless of which chat model you have selected for text conversations, and, if the desktop memory consolidation feature is enabled, an additional transmission to Google Gemini 2.5 Flash (via OpenRouter) that receives batched ambient data to generate summaries stored locally on your device; and (5) Google (Gemini Live), which processes microphone audio and generates spoken responses when you use voice mode, and Groq, which may transcribe voice audio using Whisper speech-recognition models - both regardless of which chat model you have selected. Please see Section D1 (Our Third-Party AI Providers) below and our Subprocessors page for the current list of providers and models.
Third-Party AI Providers Include:
-
Large language model providers (such as OpenAI, Anthropic, Google, Alibaba Cloud, Moonshot AI, DeepSeek, NVIDIA, or similar providers)
-
Voice recognition and speech synthesis providers (such as Google and Groq)
-
AI infrastructure providers
-
Cloud hosting providers (Amazon Web Services)
-
Edge and gateway infrastructure providers (Cloudflare, which hosts the gateway for the SOL SMS feature on Android)
-
Crash and error reporting providers (Sentry, on desktop)
-
Payment processors
-
Analytics providers
What These Providers Do With Your Data:
-
Process your content to provide AI responses and recommendations
-
Are not authorized by us to use your content to train their AI models
-
Store your data on their systems according to their retention policies
-
Are contractually obligated to protect your data, though we cannot fully control their practices
Important Limitation: While we select third-party providers with strong data protection practices and require them to commit to protecting user data, we cannot guarantee how these providers handle, store, or use your data once it is shared with them. We recommend reviewing the privacy policies of our third-party AI providers (listed on our website) to understand their data practices.
Single Sign-On
If you use Google Single Sign-On, your authentication is processed through Google in accordance with their privacy policies. If you use Apple Sign-In, your authentication is processed through Apple in accordance with Apple's privacy policies. Apple shares only limited account information with us, and at sign-in you may choose whether to share your name and whether to share your real email address or use Apple's Hide My Email feature. If you choose Hide My Email, Apple provides us with a private, Apple-generated relay email address (ending in @privaterelay.appleid.com) instead of your personal email address; we use that relay address to communicate with you, and Apple forwards those messages to your real email address. We do not attempt to identify, derive, or obtain your underlying email address, and you may disable email forwarding or revoke the Platform's access to Apple Sign-In at any time through your Apple ID settings. Information obtained through Google SSO or Apple Sign-In may be shared with our third-party service providers, including AWS, OpenRouter, and the AI model you select, as described in Sections D and D1 of this Privacy Policy, solely to the extent necessary to provide or improve the Platform's functionality for you.
Restricted Use of Google User Data: Notwithstanding any other provision of this Privacy Policy, information obtained through Google APIs — including through Google SSO and Gmail integrations ("Google User Data") — will be used only for the purpose of providing or improving the Platform's features and functionality directly to you. The Platform's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Google User Data will NOT be: (a) used to train AI models, whether operated by us or by any third-party provider; (b) sold, licensed, or transferred to third parties for their independent commercial purposes; or (c) used for any purpose unrelated to the direct operation and improvement of the Platform for you.
Retention and Deletion of Google User Data: Google User Data is retained only for as long as is necessary to provide you with the Platform's services or as required by applicable law. Upon deletion of your account, we will delete Google User Data from our active systems promptly, and in any event within thirty (30) days, subject to applicable legal retention obligations. We will also request that our third-party service providers (AWS, OpenRouter, and the AI model provider you selected) promptly delete your Google User Data in accordance with our data processing agreements with those providers. Because Google User Data is not used for AI model training, it will not persist in any AI models following account deletion. You may revoke our access to your Google account at any time through your Google Account settings at myaccount.google.com.
Legal Compliance
We may disclose information if required by law, court order, or governmental regulation, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
Business Transfers
If we are involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you by email and/or prominent notice on the Platform before your personal information is transferred and becomes subject to a different privacy policy, and you will have the opportunity to delete your account before such transfer.
With Your Consent
We may share information for any other purpose with your explicit consent.
D1. Our Third-Party AI Providers
At launch, the Platform relies on third-party artificial intelligence providers to function. We want to be transparent about this relationship. Your data — including data obtained through Google integrations — is shared with the following specific providers.
Why We Use Third-Party Providers
-
Developing proprietary AI models requires significant time and resources
-
Third-party providers offer mature, powerful AI capabilities
-
This allows us to launch the Platform and serve users while developing our own technology
Specific Providers and Models We Use
-
Amazon Web Services (AWS) — Cloud hosting and data storage provider. All data processed by the Platform is stored on AWS infrastructure.
-
OpenRouter — An AI model routing service that transmits your data to the chat model you select. OpenRouter routes your requests through one or more of the following underlying infrastructure providers, depending on the model selected: Baseten, Fireworks, SambaNova, AtlasCloud, Venice, Azure, OpenAI, Google Vertex, Google AI Studio, xAI, Anthropic, and Amazon Bedrock.
-
Chat Models Available to Users — When you use the Platform, your data is processed by the chat model you select. Our current model lineup draws on providers including Anthropic, OpenAI, Google, Alibaba Cloud, Moonshot AI, DeepSeek, and NVIDIA, among others.
-
Google (Gemini Live) and Groq — Used for voice mode, regardless of which chat model you have selected. Google performs speech recognition and generates the spoken audio you hear using Gemini's native audio voices; Groq may transcribe voice audio using Whisper speech-recognition models.
-
Sentry — Crash and error monitoring for the desktop Platform. Crash reports may include your user ID, email address, and name alongside technical data and, where session replay is enabled, replays of your recent interactions with the Platform's interface.
-
Cloudflare — Hosts the gateway service for the SOL SMS feature (Android). When you use SOL, this gateway receives your message content, session token, selected AI model, and a summary of your profile.
Because our chat model lineup changes as providers release new models, we maintain the current, specific list of available models, their providers, and our default model on our Subprocessors page rather than in this Privacy Policy. That page is the authoritative source — please visit our Subprocessors page or contact us at support@consciouss.co for the current list.
We currently use or may use the following categories of third-party AI providers:
-
Large language model providers (e.g., OpenAI, Anthropic, Google, Alibaba Cloud, Moonshot AI, DeepSeek, NVIDIA, or similar)
-
Voice recognition and speech synthesis providers (e.g., Google, Groq)
-
AI infrastructure platforms
-
Machine learning service providers
For a current list of our specific third-party AI providers, please visit our Subprocessors page or contact us at support@consciouss.co.
What Data Is Shared
When you use the Platform, the following data may be shared with the third-party providers listed above (AWS, OpenRouter, the chat model selected by you, and, if you use voice mode, Google and Groq):
-
All User Content you upload or create
-
Information captured through screen viewing
-
Your interaction patterns and usage data
-
Personal information necessary to provide personalized AI responses
-
Any other data described in Section B of this Privacy Policy
Third-Party Privacy Policies
Each third-party AI provider has its own privacy policy governing how they collect, use, and retain data. We encourage you to review these policies. Links to each provider's privacy policy are available on our Subprocessors page.
Our Contractual Protections
We require our third-party AI providers to:
-
Implement appropriate security measures
-
Use your data only for purposes of providing services to us
-
Comply with applicable data protection laws
-
Delete data upon our request where technically feasible
However, we acknowledge that we have limited direct control over these third-party systems once data is shared. We maintain data processing agreements with each provider, conduct periodic reviews of their security practices, and require contractual commitments to data protection. Notwithstanding these measures, no third-party relationship is without risk.
Your Choices
If you are uncomfortable with your data being processed by third-party AI providers, your options are:
-
Do not use the Platform
-
Wait until we launch our proprietary AI models (timeline to be announced)
-
Contact us to discuss your concerns
Future Plans
We are actively developing our own proprietary language models. When these are ready, we plan to:
-
Transition away from third-party AI providers
-
Give users more control over whether their data is shared with third parties
-
Provide clearer options for data retention and deletion
We will update this Privacy Policy and notify users when we transition to our proprietary models.
E. No Use of Your Data to Train AI Models
At launch, we use third-party artificial intelligence providers, including large language model providers, to enable the Platform's AI capabilities. When you use the Platform, your content and interactions are shared with these third-party providers for one purpose: to provide AI functionality to you. Third-party AI models process your inputs to generate responses, recommendations, and personalized experiences in real time.
We do not use your User Content, interactions, or behavioral patterns to train our own AI models or any third-party provider's models, and we do not authorize our third-party providers to use your data for training. This is consistent with Section G.9 (No Use of Your Content to Train AI Models) of our Terms and Conditions. We do not ask you to make an AI training choice during account creation or otherwise, because your data is not used for that purpose.
What Gets Shared (for processing, not training):
-
Your schedules, tasks, communications, preferences, and personality information
-
Content visible on your screen when screen viewing is enabled
-
Your interaction patterns and behavioral data
-
Any other User Content you provide or that the Platform captures
Important Limitations:
Third-Party Handling: Once your data is shared with third-party AI providers for processing, we cannot fully control how they store or retain it under their own policies. Our contracts with these providers require them to protect user data and prohibit using it to train their models. We have confirmed opt-out of any model-training programs offered by our providers and maintain data processing agreements reflecting these restrictions, but we have limited ability to independently verify ongoing compliance.
Google User Data: Information obtained through Google APIs — including through Google SSO and Gmail integrations — will not be used to train any AI models, whether operated by us or by any third-party provider, under any circumstances, and is subject to the additional restrictions described in Section D (Single Sign-On).
Future Transition: We plan to develop our own proprietary language models, which will give us greater control over data use and retention. If our practices regarding AI training ever change, we will update this Privacy Policy and the Terms and Conditions, provide notice before any such use begins, and, where required by applicable law, obtain your prior consent.
F. Cookies and Tracking Technologies
We use cookies and similar technologies to operate the Platform and enhance your experience. Cookies are small data files stored on your device. The mobile app does not use cookies but may use similar local storage mechanisms. The Platform does not track you across other companies' apps and websites for advertising purposes, and we do not participate in advertising identifier-based tracking as defined by mobile platform providers.
Types of cookies we use:
-
Essential cookies — Necessary for the Platform to function
-
Preference cookies — Remember your settings and preferences
-
Analytics cookies — Help us understand how users interact with the Platform
-
Performance cookies — Monitor Platform performance and identify technical issues
You can control cookies through your browser settings. However, disabling certain cookies may limit your ability to use some Platform features.
G. Data Retention
We retain your account information for as long as your account is active or as needed to provide you with the Platform.
Cloud Storage: Your personal data is stored on cloud-based servers. When you confirm deletion of your account, we immediately begin deleting your account and associated data from our primary systems; we do not currently maintain a delayed retention period after a user-requested deletion. Residual copies may persist in encrypted backup systems for a limited period before being overwritten, subject to legal retention obligations. For verified deletion requests under applicable privacy laws, we will comply within the timeframes required by those laws. Certain categories of data are subject to specific deletion commitments stated elsewhere in this Privacy Policy — in particular, Google User Data, which we delete from our active systems promptly and in any event within thirty (30) days, as described in Section D (Single Sign-On) and in the Google User Data — Special Retention Rule below.
Third-Party Retention: Because we use third-party AI providers, your data may be retained by those providers according to their own retention policies, even after you delete your account. We cannot control third-party retention practices, though our contracts require them to delete data upon our request where technically feasible.
Ambient Data and Long-Term Memories (Local): Ambient activity data, and any long-term memories generated from it through the desktop memory consolidation feature, are stored locally on your device - not on our servers. On desktop, local ambient activity data older than 30 days is deleted automatically; long-term memories persist on your device until you use the "Forget All" control or delete the application's local data. On mobile, ambient events are discarded automatically as the capped store fills, and no long-term memories are generated. Deleting your account does not by itself remove this locally stored data from your device - use the local controls or remove the application to delete it. Ambient data that was transmitted to third-party AI providers as chat context or through activity trigger transmissions is subject to those providers' retention practices, as described above. — not on our servers. On desktop, local ambient activity data older than 30 days is deleted automatically; long-term memories persist on your device until you use the "Forget All" control or delete the application's local data. On mobile, ambient events are discarded automatically as the capped store fills, and no long-term memories are
generated. Deleting your account does not by itself remove this locally stored data from your device — use the local controls or remove the application to delete it. Ambient data that was transmitted to third-party AI providers as chat context or through activity trigger transmissions is subject to those providers' retention practices, as described above.
Onboarding Personality Data: Your responses to the onboarding personality and preference questions are stored on our servers and retained for as long as your account is active. Upon account deletion, these responses are deleted in accordance with the cloud-storage deletion timeframes described above.
Google User Data — Special Retention Rule: Consistent with Section D (Single Sign-On), we delete Google User Data (information obtained through Google SSO and Gmail integrations) from our active systems promptly, and in any event within thirty (30) days of account deletion, subject to applicable legal retention obligations. Google User Data is not used for AI model training and therefore will not be retained by third-party providers for AI training purposes. Upon account deletion, we will also instruct all third-party service providers that have received Google User Data (including AWS, OpenRouter, and any AI model provider you selected) to delete such data promptly and in accordance with our data processing agreements. We will not share Google User Data with any third party in a manner that would result in its retention beyond what is strictly necessary to provide the Platform's functionality to you.
Apple Sign-In Data: Information obtained through Apple Sign-In (including any Apple-generated private relay email address) is retained only for as long as necessary to provide the Platform to you and, upon account deletion, is deleted in accordance with the retention and deletion timeframes described above. We do not attempt to derive or store your underlying email address where you have elected Apple's Hide My Email feature. You may revoke the Platform's access to Apple Sign-In, or disable email forwarding, at any time through your Apple ID settings; if you do so, we may be unable to continue communicating with you at your relay address.
AI Model Persistence: Because we do not use your data to train AI models and do not authorize our third-party providers to do so, your data should not be incorporated into AI models and should not persist in any AI model after you delete your account. However, as noted above, we cannot independently verify that our third-party providers have fully complied with this restriction.
If you have concerns about data retention by third-party AI providers, please contact us and we will work with you to address your concerns to the extent possible within the constraints of our third-party relationships.
H. Your Privacy Rights
Depending on your location, you may have certain rights regarding your personal information:
-
Access — You may request access to the personal information we hold about you.
-
Correction — You may request that we correct inaccurate or incomplete information.
-
Deletion — You may request deletion of your personal information, subject to certain exceptions.
-
Opt-Out — You may opt out of receiving promotional communications from us by following the unsubscribe instructions in those messages.
-
Do Not Track / Global Privacy Control - We do not currently respond to legacy "Do Not Track" browser signals. Although we do not sell or share your personal information as those terms are defined under the CCPA, if your browser or device transmits a Global Privacy Control (GPC) signal, we will treat it as a valid
request to opt out of any sale or sharing of your personal information. A GPC signal applies to the specific browser or device from which it is sent; if you use multiple browsers or devices, you should enable it on each.
To exercise these rights, please contact us using the information provided in Section N below.
I. Children's Privacy
The Platform is intended for users aged 18 and older only. We do not knowingly collect personal information from individuals under 18 years of age.
If we become aware that we have collected information from a person under 18, we will take steps to delete that information immediately.
If you believe someone under 18 has created an account or provided personal information to us, please contact us immediately using the information in Section N below, and we will take steps to remove that information and terminate the account.
J. Third-Party Information and User Responsibilities
The Platform's screen viewing feature, Ambient Mode, and the mobile app's screen sharing, voice mode, and ambient context features may capture information belonging to third parties that appears on your screen, is spoken near your device, or is collected through system APIs, including the names of third parties who are participants in calls detected through the Ambient Mode call detection feature. You are solely responsible for:
1. Obtaining Necessary Consents
Ensuring you have appropriate authorization from third parties before exposing their personal information to the Platform.
2. Compliance with Laws
Ensuring your use of the Platform complies with all privacy laws and regulations, including:
-
Health Insurance Portability and Accountability Act (HIPAA) for protected health information
-
Family Educational Rights and Privacy Act (FERPA) for educational records
-
Gramm-Leach-Bliley Act (GLBA) for financial information
-
State privacy laws (CCPA, Virginia CDPA, etc.)
-
Any other applicable privacy or confidentiality laws
3. Contractual Obligations
Ensuring your use of the Platform does not violate any confidentiality agreements, non-disclosure agreements, employment agreements, or other contractual obligations you owe to third parties.
4. Disabling Features When Appropriate
Disabling the Platform's screen viewing feature before accessing third-party information, including:
-
Work emails or confidential business information
-
Healthcare portals or medical information
-
Financial accounts or statements
-
Legal documents or attorney communications
-
Educational records or student information
-
Private communications belonging to others
-
Before enabling the Platform if you are concerned about third-party AI providers accessing your data
We Recommend:
-
Disable screen viewing when accessing any confidential or sensitive information
-
Create separate user profiles on your device for work vs. personal use
-
Only enable screen viewing when you are certain no third-party confidential information will appear
Our Limitations: We do not have the ability to determine whether information captured by the Platform belongs to you or to third parties. We do not actively filter or screen for third-party data. Therefore, you bear sole responsibility for ensuring your use of the Platform does not violate third-party rights or applicable laws.
Third-Party Claims: If a third party makes a claim against us based on your exposure of their information to the Platform, you agree to indemnify us as described in Section L of our Terms and Conditions.
K. Third-Party Services
We are not responsible for the privacy practices of third-party websites, services, or applications.
When you connect third-party services (such as Google SSO, Gmail, or Apple Sign-In), those services' privacy policies govern their collection and use of your information. We encourage you to review the privacy policies of any third-party services you connect to the Platform.
L. International Data Transfers
The Platform is operated from the United States and is currently available to users located in the United States (with an initial focus on California) and, where we have launched it, to users located in India. Your information is transferred to, stored, and processed in the United States and, in connection with operating the Platform, in other jurisdictions, where data protection laws may differ from those of your country. Where required by applicable law, we rely on appropriate safeguards for international transfers, such as Standard Contractual Clauses. If you are located in India, please also see Section P (Additional Information for Users in India), which governs in the event of a conflict for Data Principals in India.
We do not currently offer the Platform to users located outside the United States and India, including users in the European Economic Area and the United Kingdom. We may expand availability to additional jurisdictions in the future. If and when we do, we will provide any additional disclosures and rights required by the applicable jurisdiction's data-protection framework (for example, GDPR-specific disclosures for EEA/UK users) before or as we begin serving users there.
Not all Platform features, devices, or companion features described in this Privacy Policy (for example, the mobile app, SOL SMS, voice mode, or device-location features) may be available in India at launch or at all. This section,
and the feature-specific disclosures elsewhere in this Privacy Policy, apply only to the features and platforms we actually make available to you in India.
M. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated Privacy Policy on the Platform and updating the "Last Updated" date at the top of this policy.
If we make material changes, we will notify you by email or through a prominent notice on the Platform at least thirty (30) days before the changes take effect. For material changes that expand how we use or share your personal information, we will seek your affirmative consent where required by applicable law. Your continued use of the Platform after the effective date of non-material updates constitutes acceptance of those updates.
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
N. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:
Consciouss AI, Inc.
440 Wolfe Rd., Unit WL 154 Sunnyvale, CA 94085 support@consciouss.co
For privacy-specific inquiries, including requests to exercise your privacy rights under applicable law, you may email us at privacy@consciouss.co. We will respond to your inquiry within a reasonable timeframe and, for verified consumer rights requests, within the timelines required by applicable law.
O. California Privacy Rights
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA):
-
Right to Know — You have the right to request information about the categories and specific pieces of personal information we have collected about you, the categories of sources from which we collected it, the business purpose for collecting it, and the categories of third parties with whom we share it.
-
Right to Delete — You have the right to request deletion of your personal information, subject to certain exceptions.
-
Right to Correct — You have the right to request that we correct inaccurate personal information we maintain about you, subject to certain exceptions.
-
Right to Limit Use of Sensitive Personal Information - To the extent we ever use or disclose your sensitive personal information for purposes beyond those permitted under the CCPA, you have the right to request that we limit such use and disclosure. As explained in the "Sensitive Personal Information" discussion
below, we currently use sensitive personal information only for purposes permitted under the CCPA, so this right is not currently triggered.
-
Right to Opt-Out of Sale and Sharing — We do not sell your personal information, and we do not share your personal information for cross-context behavioral advertising, as those terms are defined under the CCPA. Because we do not sell or share personal information, we are not required to, and do not, provide a "Do Not Sell or Share My Personal Information" link. Data shared with third-party AI providers is transmitted solely to provide the Platform's functionality to you, not for advertising or cross-context behavioral advertising purposes.
-
Right to Non-Discrimination — We will not discriminate against you for exercising any of your CCPA rights.
Sensitive Personal Information: Certain information the Platform collects may constitute "sensitive personal information" under the CCPA, including: precise geolocation data (if you grant location access on Android); the contents of your messages (including chat messages and SOL SMS messages); and information derived from voice audio. We use and disclose sensitive personal information only for the purposes permitted under Civil Code section 1798.121 and its implementing regulations - including to perform the services you request and to provide and maintain the Platform's functionality for you - and not for purposes that would trigger a right to limit. Because we do not use or disclose sensitive personal information beyond these permitted purposes, we are not required to, and do not, provide a separate "Limit the Use of My Sensitive Personal Information" mechanism.
Categories of Personal Information We Collect: In the preceding twelve (12) months, we have collected the following categories of personal information as defined by the CCPA: identifiers (such as your name, email address, and IP address); customer records and financial information (such as payment information); commercial information (such as subscription and transaction records); internet or other electronic network activity information (such as usage data and interaction patterns); geolocation data (approximate location on all platforms and, on Android, precise device location if you grant permission); audio information (voice audio when you use voice mode); the contents of your communications (including chat messages and SOL SMS messages); professional or employment-related information and other personal information you provide or that the Platform captures; and inferences drawn from the above to reflect your preferences and characteristics. Certain of this information constitutes sensitive personal information, as described above. We collect this information directly from you, automatically through your use of the Platform, and — with your permission — from connected services and device features. Additional detail appears in Section B (Information We Collect).
Business Purposes and Categories of Recipients: We collect and use each category of personal information for the business and commercial purposes described in Section C (How We Use Your Information). We disclose personal information only to the categories of third parties described in Sections D and D1 — including cloud hosting providers, AI model routing and infrastructure providers, the AI model providers you use, voice and speech-recognition providers, gateway and error-monitoring providers, and payment processors — solely to provide the Platform's functionality to you. We do not sell or share personal information.
How to Exercise Your California Rights: You may submit a request to know, delete, or correct, or a request to limit the use and disclosure of your sensitive personal information, by emailing us at privacy@consciouss.co or through the Platform's settings. To protect your information, we will verify your identity before responding by matching the information in your request against the information associated with your account, and we may request additional information where necessary to verify your identity. You may use an authorized agent to submit a request on your behalf; the agent must provide proof that you authorized them to act for you, and we may require
you to verify your own identity directly with us or to confirm the agent's authority. We will not discriminate against you for exercising any of these rights.
P. Additional Information for Users in India
This section applies to the processing of personal data of Data Principals in India and supplements the rest of this Privacy Policy in accordance with India's Digital Personal Data Protection Act, 2023 (the "DPDP Act"). For purposes of the DPDP Act, Consciouss AI, Inc. is the "Data Fiduciary" that determines the purposes and means of processing your personal data, and you are the "Data Principal." In the event of a conflict between this section and another provision of this Privacy Policy, this section governs for Data Principals in India.
Notice and Consent. Where we rely on your consent to process your personal data, our request for consent will be accompanied or preceded by a notice describing the personal data we seek to process and the purpose of processing, the manner in which you may exercise your rights (including the right to withdraw consent and the right of grievance redressal), and the manner in which you may make a complaint to the Data Protection Board of India. The request will be presented in clear and plain language, and you may access it in English or in any language specified in the Eighth Schedule to the Constitution of India. Your consent will be free, specific, informed, unconditional, and unambiguous, given through a clear affirmative action, and limited to the personal data necessary for the specified purpose.
Withdrawal of Consent. Where consent is the basis for processing, you may withdraw it at any time, and we will make withdrawal as easy as it was to give consent. Withdrawal will not affect the lawfulness of processing carried out before withdrawal, and the consequences of withdrawal will be borne by you. Following withdrawal, we will, within a reasonable time, cease — and cause our data processors to cease — processing your personal data unless continued processing is required or authorised under applicable law. You may give, manage, review, or withdraw your consent directly or, where available, through a Consent Manager registered with the Data Protection Board of India.
Legitimate Uses. In addition to consent, we may process your personal data for certain legitimate uses permitted under the DPDP Act, such as where you voluntarily provide your personal data for a specified purpose and have not indicated that you object to its use for that purpose.
Your Rights Under the DPDP Act. As a Data Principal, you have the right to: (a) obtain a summary of the personal data we process and the processing activities we undertake; (b) obtain the identities of other Data Fiduciaries and Data Processors with whom we have shared your personal data, along with a description of the data shared; (c) correct, complete, update, and erase your personal data; (d) readily available means of grievance redressal; and (e) nominate another individual to exercise your rights in the event of your death or incapacity. To exercise these rights, contact us at privacy@consciouss.co.
Children's Data. The Platform is intended for users aged 18 and older, and we do not knowingly process the personal data of children. Consistent with the DPDP Act, we do not undertake processing likely to cause a detrimental effect on the well-being of a child, and we do not carry out tracking, behavioural monitoring, or targeted advertising directed at children. Where we are required to process the personal data of a child, or of a person with a disability who has a lawful guardian, we will first obtain verifiable consent of the parent or lawful guardian.
Grievance Redressal and Contact. We have established a mechanism to address grievances regarding our processing of your personal data. You may contact our data protection contact at support@consciouss.co, and we
will respond within the period prescribed under the DPDP Act. You should seek to resolve your grievance through this mechanism before approaching the Data Protection Board of India.
Transfers Outside India. As described elsewhere in this Privacy Policy, your personal data is transferred to, stored, and processed in the United States and by our third-party providers. We may transfer personal data outside India except to any country or territory that the Central Government of India restricts by notification.