xeviora

Privacy Policy

Effective date: May 11, 2025

1. Overview

xeviora (“we”, “our”, or “the platform”) respects your privacy. This Privacy Policy explains how we collect, use, store, and share information when you visit xeviora.com and use our AI tools, and what rights you have over your data.

By using xeviora, you agree to the information practices described in this policy. If you do not agree, please discontinue use of the platform.

2. Information we collect

2.1 Information you provide

  • Account information: the email address, username, and password (stored hashed) you supply at signup.
  • OAuth information: when you sign in with Google or GitHub, we receive the public profile data those providers share (email, avatar, display name).
  • Payment information: subscription payments are handled directly by Paddle. We store only your subscription status, plan, and billing records — never your card details.
  • Submitted content: the text or documents you upload or paste into our AI tools. We use this content solely to deliver the service you requested and do not retain it long-term after processing.

2.2 Information collected automatically

  • Log data: IP address, browser type, operating system, access time, and request paths.
  • Usage data: which tools you use, credit consumption, and task status.
  • Cookies and local storage: used to keep you signed in, remember preferences such as dark mode, and support analytics (see Section 5).

3. How we use information

  • Provide, maintain, and improve the AI tools.
  • Handle credit consumption, subscription management, and billing.
  • Send service-related notifications such as password resets and billing confirmations.
  • Detect and prevent fraud and abuse.
  • Analyze usage trends to improve the product experience.
  • Comply with applicable laws and regulations.

We do not use your personal information for unrelated marketing emails unless you explicitly opt in.

4. Information sharing

We do not sell your personal information. We may share necessary information with third parties in the following cases:

4.1 Service providers

  • Paddle (payments): processes subscriptions and billing under its own privacy policy.
  • Cloudflare (CDN and R2 storage): hosts and accelerates our services and stores large AI outputs.
  • OpenAI / Anthropic / DeepSeek and others (AI model providers): perform inference on the content you submit. These providers operate under their own privacy policies and data-handling rules.
  • Google Analytics (website analytics): collects anonymized visitor statistics, enabled only after you consent to analytics cookies.

4.2 Legal requirements

We may disclose information when required by law or when reasonably necessary to protect the rights, property, and safety of xeviora, our users, or the public.

5. Cookie policy

xeviora uses the following types of cookies and local storage:

TypePurposeRequired
Strictly necessaryMaintains your sign-in session (Better Auth) and CSRF protectionRequired
PreferencesRemembers UI preferences such as light/dark modeOptional
AnalyticsGoogle Analytics anonymized visit statisticsOptional
Local storageStores your cookie consent choice and UI stateOptional

On your first visit we display a cookie consent banner. You can accept or reject non-essential cookies and may manage or delete cookies through your browser settings at any time, though doing so may affect some features.

6. Storage and security

  • Account data is stored in a secured PostgreSQL database with passwords hashed via bcrypt.
  • Large AI outputs are temporarily stored in Cloudflare R2 with automatic expiration (7 days for free users, 30 days for paid users).
  • We use HTTPS, access controls, and other industry-standard security practices.
  • That said, no internet transmission is ever fully secure and we cannot guarantee absolute security.

7. Data retention

  • Account information: kept for the lifetime of your account and deleted within 30 days after closure.
  • Credit transactions: retained for two years to resolve billing disputes.
  • AI task outputs: automatically deleted after 7 days for free users and 30 days for paid users.
  • Access logs: retained for no more than 90 days.

8. Your rights

Subject to applicable law, you have the following rights regarding your personal information:

  • Access: review the personal information we hold about you.
  • Correction: correct inaccurate information (most fields can be edited in your account settings).
  • Deletion: request deletion of your account and associated data.
  • Withdraw consent: withdraw consent for non-essential cookies at any time.
  • Complaint: lodge a complaint with a relevant data-protection authority.

To exercise these rights, email us at support@xeviora.com. We aim to respond within 30 business days.

9. Children's privacy

xeviora is not intended for individuals under 16 years of age. If we discover that we have collected personal information from a minor, we will delete it promptly. Please contact us if you believe a minor has provided us with personal information.

10. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be announced on the platform or via email. Continued use of xeviora after changes take effect constitutes acceptance of the updated policy.

11. Contact us

If you have questions or complaints about this Privacy Policy, please contact us:

Email: support@xeviora.com

For our platform usage rules, see theTerms of Service.