Table of Contents

Privacy Policy

Version: 1.1
Effective date: October 5, 2025
Previous update: July 30, 2025

Welcome to AIVAX. This Privacy Policy describes how AIVAX collects, uses, stores, shares, and protects information in its AI inference services. Our commitment is to transparency, security, and compliance with the General Data Protection Law (LGPD) and the Internet Civil Framework.

By using AIVAX services, the Account Manager acknowledges and agrees to the terms of this policy. This policy does not constitute legal advice; we recommend review by the Account Manager’s legal department.

1. Definitions

  • AIVAX: Company providing the platform and AI model orchestration services.
  • AIVAX Account Manager ("Account Manager"): Natural or legal person who creates and administers the account and integrates the API.
  • End User: Individual who interacts with the Account Manager’s application that consumes the AIVAX API.
  • Account Data: Registration and administrative data (e.g., name, email, company, role, internal identifiers, preferences, API key settings).
  • Billing Data: Data required for invoicing and receipts (e.g., CNPJ/CPF, corporate name, address, payment methods through a third‑party processor).
  • Inference Data: Inputs (prompts, text, instructions, metadata) sent to the models and the resulting outputs/inferences. (Equivalent to the terms “Input Content” + “Generated Content” defined in the Terms of Use.)
  • Conversations: Structured set of inference interactions (input + response + context metadata).
  • Technical Metadata: Request logs, IP, timestamp, latency, session identifiers, token usage, response codes, security signatures.
  • Processor: AIVAX when it processes data according to the Account Manager’s instructions (inference data/conversations).
  • Controller: AIVAX when it defines purposes for account, billing, security, and compliance data.
  • Subprocessor: Third party contracted by AIVAX to support processing (infrastructure, monitoring, billing, email, model providers, etc.).

2. Processing Roles

Data Type AIVAX Role Account Manager Role
Account Data Controller Data Subject/Controller of its own internal relationship
Billing Data Controller (legal and contractual compliance) Provides/Verifies
Inference Data / Conversations Processor Controller (defines content and purpose)
Technical Metadata Controller (security / improvement) and Processor (technical execution) Controller (origin)

When acting as Processor, AIVAX will strictly follow the Account Manager’s instructions, as defined by API calls and dashboard settings.

For contractual consistency, in case of terminological divergence between this policy and the Terms of Use, the equivalence will prevail: Inference Data = Input Content + Generated Content.

3. Categories of Collected Data

  1. Provided directly by the Account Manager: Account Data, credentials (hashes or tokens), preferences, usage settings, organization, generated API keys.
  2. Generated by use: Technical metadata (logs, aggregated statistics, token counts, latencies, model usage).
  3. Inference Data and Conversations: Textual content and other formats sent to the models and the returns.
  4. Support and Communication: Ticket messages, emails sent to support or contact channels.
  5. Billing: Fiscal and payment data (partially processed by specialized third parties).
  6. Aggregated/Anonymized Data: Derived metrics that do not identify the Account Manager or end users.

We do not deliberately collect special categories of sensitive personal data (art. 5º, II, LGPD) unless the Account Manager chooses to send them in Inference Data. In that case, the Account Manager declares having an appropriate legal basis and consent when required.

Category Primary Purpose Legal Basis (LGPD) Indicative Retention Period*
Account Data Account creation, management, authentication, operational communications Contract execution (art. 7º, V) While the account is active + up to 6 months after termination (audit)
Billing Data Billing, tax invoicing, fraud prevention (includes credit rules, expiration, refunds – see Terms of Use) Legal obligations (art. 7º, II) / Contract execution 5 to 10 years (tax requirements)
Technical Metadata Security, abuse prevention, performance monitoring Legitimate interest (art. 7º, IX) + Contract execution 180 days (main logs) / up to 1 year (extended security)
Inference Data Execution of the requested inference Contract execution Operational time (standard: up to 30 days)
Conversations History for monitoring, technical audit, debugging Legitimate interest (balanced) + Contract execution Up to 30 days (standard) or less if configured; exportable and deletable
Support Resolve questions, incidents, compliance Contract execution / Legitimate interest Up to 12 months after resolution
Aggregated/Anonymized Data Capacity metrics, reliability improvement Outside LGPD scope (anonymized data) Indeterminate (as long as irreversibly anonymized)

*Periods may be shortened upon request, except where legal obligation or rights defense requires longer retention. Encrypted backups may retain data for up to an additional 90 days until full rotation; purged data does not return to production after restoration, with deletion re‑processing applied.

5. No Use for Own Training

AIVAX does not use Inference Data or Conversations to train proprietary models, create individualized usage profiles, or monetize data. Use is restricted to providing the contracted service.

6. Storage and Deletion of Conversations

The Account Manager may: (i) adjust retention (when the feature exists), (ii) delete conversations individually or in bulk, (iii) request total purge. Deletion is final and irreversible in production; records may temporarily persist in backups until the technical retention window expires.

7. Data Subject Rights (Art. 18, LGPD)

When AIVAX acts as Controller (e.g., account data), data subjects may exercise: confirmation of processing; access; correction; anonymization, blocking or deletion; portability; information about sharing; revocation of consent (if applicable); opposition to processing based on legitimate interest; review of automated decisions.
Channel: **[email protected]** or **[email protected]** (Data Protection Officer). Standard response time: up to 15 days. We may request identity verification. For data where we act as Processor, we will direct the data subject to the Controller Account Manager.

8. Data Protection Officer (DPO)

Data Protection Officer (Art. 41): (Anonymized identity) – Contact: **[email protected]**.
Functions: communication channel with data subjects and the ANPD, internal compliance guidance, support for impact assessments.

9. Subprocessors

We use subprocessors for: cloud infrastructure, load balancing, performance monitoring, transactional email, billing, model providers, abuse detection.
We will (or have already) publish an updated list on a dedicated page: (link to be added). Material changes will be notified before taking effect whenever contractually required; continued use after a reasonable objection period constitutes acceptance.

10. Third‑Party Model Providers

When selecting a specific model, the Account Manager also agrees to the respective provider’s policies. Some providers may use inference data for improvement or training. The Account Manager must validate suitability before sending personal or sensitive data. AIVAX does not control third‑party policies and recommends prior review.

11. International Data Transfers

Data may be processed or stored in data centers outside Brazil (e.g., US, EU), using providers that adopt security standards aligned with leading international practices. We apply: (i) contracts with protection clauses; (ii) encryption; (iii) minimization; (iv) logical segregation. If a transfer falls under the specific hypotheses of art. 33, we will adopt appropriate contractual and technical safeguards.

12. Information Security (Layers)

Key measures (without disclosing operational secrets):

  • Encryption in transit (TLS 1.2+ / 1.3) and at rest (AES‑256 or equivalent).
  • Role‑based access control and principle of least privilege.
  • Environment segregation (development, staging, production) and pipeline with reviews.
  • Audit logs for administrative actions and access to sensitive data.
  • Integrity monitoring, anomaly alerts, and automatic rate limiting.
  • Periodic vulnerability testing and prioritized remediation.
  • Infrastructure hardening and secure credential rotation.
  • Pseudonymization or truncation of sensitive fields in technical logs.

No security measure is absolute; we maintain a continuous improvement program.

13. Incident Management

Relevant security incidents will be assessed based on impact, data nature, and risk to data subjects. When required, we will notify affected Account Managers and the ANPD with: (i) event description; (ii) possibly involved data; (iii) actions already taken and planned mitigation; (iv) guidance to the Account Manager. Our response plan is reviewed periodically.

14. Automated Decisions

We employ automations for abuse detection, request throttling, and fraud prevention. These automations may temporarily restrict access or keys. We do not make solely automated decisions that produce legal or significant effects on individuals. The Account Manager may request human review via support.

15. Cookies and Tracking Technologies

In the dashboard interface we may use strictly necessary cookies (session/authentication) and possibly functional cookies for preferences. We do not use behavioral advertising cookies. If we later employ third‑party analytics, we will update this section and provide a consent mechanism when applicable. The Account Manager can manage cookies via browser settings; disabling strictly necessary cookies may limit functionality.

16. Children, Adolescents, and Emancipated Minors

The services are not intended for persons under 18, except legally emancipated minors aged 16 or older under Brazilian law. We do not intentionally collect personal data of non‑emancipated minors. If we identify improper processing, we will take swift removal measures and notify the Account Manager. The Account Manager is responsible for implementing checks when usage may involve a potentially minor audience.

17. Sensitive Data

We do not require the submission of sensitive data. The Account Manager should avoid sending health, biometric, genetic, religious belief, political opinion, or other special category data unless they have an appropriate legal basis and clearly inform the data subjects. AIVAX may apply filters or blocks for high‑risk content types.

18. Use Limitations and Prohibited Content

It is prohibited to use the platform to store or process illegal content, rights‑infringing material, malware, defamatory material, or anything that infringes third‑party rights. We may suspend or block keys upon reasonable suspicion of violation, preserving logs necessary for investigation. Suspension and termination measures also follow the Terms of Use (Sections 2.1 and 5).

19. Anonymization and Aggregated Data

We may generate aggregated statistics (e.g., token volume, error rate, model distribution) without direct identification of individuals or specific conversation content. Such data does not revert to an identifiable form.

20. Export and Portability

We provide (or will provide) mechanisms to export conversation history and metrics in structured formats (JSON), limited by retention windows and security. For data retained while we act as Processor, data subject requests must be forwarded to the Controller Account Manager.

21. Backups and Disaster Recovery

Encrypted backups are performed on periodic windows and retained for up to 90 days for operational continuity. After requested deletions, we mark records for logical purge and prevent re‑introduction after restoration by re‑processing the deletion queue.

22. Changes to This Policy

Material changes will be notified by email to the Account Manager or highlighted in the dashboard with reasonable advance (preferably 15 days), unless legal or urgent security requirements apply. Continued use after the effective date constitutes acceptance.

23. Contact Channel and Complaints

Questions, rights requests, or complaints: **[email protected]** / **[email protected]**.
If unsatisfied, the data subject may appeal to the ANPD (National Data Protection Authority).

24. Revision History

Version Effective Date Major Changes
1.0 07/30/2025 Initial version published
1.1 10/05/2025 Added legal bases, rights, detailed retention, subprocessors, transfers, expanded security, incidents, automated decisions, cookies, sensitive data, versioning

25. General Contact

Legal / Privacy: **[email protected]** – Data Protection Officer: **[email protected]**.
Always use official channels to avoid social engineering.

26. Final Provisions

If any clause of this policy is deemed invalid, the remaining provisions remain in full force. In case of conflict between this policy and specific product terms, the more protective provision for data subjects will prevail, unless a different legal obligation applies.

If any point of this policy remains unclear, please get in touch. We remain committed to continuous improvement of privacy and security.

Note: This policy may be complemented by a specific Data Processing Agreement (DPA) between AIVAX and the Account Manager, when applicable.

Edit this page