Privacy Policy

Last Updated: November 9, 2025

Welcome to Ivern AI ("we", "our", "us"). We value your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, store, and share information when you use our application, website, or related services (collectively, the "Service").

1. Information We Collect

We collect the following types of information:

1.1 Information You Provide to Us

  • Account information: email address, display name, and authentication tokens (if you sign in via Google / Apple / other providers).
  • User inputs: text, questions, investment notes, or other data you enter into the chat interface.
  • Feedback and support requests.

1.2 Information Collected Automatically

  • Usage data: interactions with the Service, including timestamps, features used, and logs.
  • Device data: IP address, browser type, operating system, app version, and approximate location.
  • Analytics: we use analytics tools (e.g., PostHog, Google Analytics, Supabase logs) to understand how the Service is used and to improve performance.

1.3 Information from Third Parties

  • We may receive limited metadata from connected services (e.g., broker APIs or AI providers) if you choose to link them.
  • We do not collect financial account numbers, passwords, or direct bank access data.

2. How We Use Your Information

We use the collected data to:

  • Provide and maintain the Service.
  • Improve performance, reliability, and user experience.
  • Analyze aggregated usage patterns to guide future features.
  • Ensure security and prevent fraud or abuse.
  • Communicate with you (e.g., product updates, support messages).
  • Comply with legal and regulatory obligations.

We may use aggregated and anonymized data for research and analytics; such data cannot be used to identify you personally.

3. Where Your Data Is Stored

  • We host data primarily on cloud providers located in the United States, with some services based in the European Union.
  • We take reasonable technical and organizational measures to protect data (e.g., encryption in transit and at rest, restricted access controls).
  • Because our infrastructure is distributed, your data may be processed in multiple jurisdictions for performance and resilience.

4. Data Retention

We retain user data only as long as necessary to:

  • Provide the Service to you,
  • Fulfill legal requirements, and
  • Resolve disputes or enforce agreements.

You may request deletion of your account and associated data at any time (see Section 7).

5. Data Sharing & Disclosure

We do not sell your personal data.

We only share information in the following cases:

  • Service providers: cloud hosts, analytics, email delivery, or AI inference providers (e.g., AWS Bedrock, OpenAI).
  • Legal requirements: if required by law, court order, or regulation.
  • Business transfers: in case of a merger or acquisition, user data may be transferred to the successor entity under similar protections.

All third parties with whom we share data are required to use it solely for the purpose of providing their services to us and to maintain reasonable security measures.

6. Cookies & Tracking Technologies

We use cookies and similar technologies to:

  • Keep you logged in,
  • Remember preferences, and
  • Measure usage and performance.

You can disable cookies in your browser or device settings, though some features may not function properly without them.

7. Your Rights

Depending on your jurisdiction (US / EU / UK / Israel / others), you may have the right to:

  • Access, correct, or delete your personal data,
  • Request a copy of your data (portability),
  • Withdraw consent for processing, and
  • Lodge a complaint with a data protection authority if you believe your rights were violated.

To make a request, email us at: daniel@ivern.ai

8. Children's Privacy

The Service is not intended for users under 18 years old. We do not knowingly collect data from minors.

If we learn that we have collected personal data from a minor, we will delete it promptly.

9. Security Measures

We implement reasonable security measures to protect your information, including:

  • Encryption of data in transit (HTTPS) and at rest.
  • Role-based access control for databases and servers.
  • Periodic review of access logs and security configurations.

No system is 100% secure, and we cannot guarantee absolute protection against unauthorized access or data breach.

10. International Data Transfers

Because we operate globally, your information may be transferred to and processed in countries outside your own.

We take steps to ensure adequate protection, such as using standard contractual clauses or equivalent safeguards approved under GDPR.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements.

We will notify you of material changes (e.g., by email or notice in the app).

The "Last Updated" date above indicates the latest revision.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

📧 daniel@ivern.ai

This privacy policy is subject to change. We will notify you of any material changes by posting the new policy on this page.