Privacy Policy
Gleon Cloud ("we", "our", or "us") operates Gleon OS at gleon.cloud. This Privacy Policy explains how we collect, use, share, and safeguard your information when you use our platform. It is intended to describe our practices accurately; it is not a guarantee of any particular outcome.
1. Information We Collect
We collect information you provide directly:
- Phone number and email for account creation
- Name and profile information
- Chat messages and AI interactions
- Memory nodes you create
- Payment information (processed by our payment provider, Cashfree)
We also automatically collect limited technical data — such as IP address, device/browser information, and request logs — for security, abuse-prevention, and reliability purposes.
2. How We Use Your Information
- To provide, operate, and improve Gleon OS services
- To process payments and manage subscriptions
- To send service notifications and updates
- To enforce our Terms of Service
- To detect, prevent, and investigate fraud and abuse
3. AI Data Processing
To generate responses, your prompts, conversation content, and related context are sent to and processed by third-party AI providers (currently Anthropic and OpenAI), and embeddings may be generated for memory and search. This processing is subject to those providers' terms and privacy policies. We do not sell your conversation data, and we do not use it to serve advertising.
4. Data Storage & Security
Your data is stored using managed infrastructure providers — Supabase (PostgreSQL) for primary data, Upstash Redis for session/caching, and Qdrant for vector memory. Data at rest is encrypted (AES-256) by these providers, and connections are encrypted in transit using modern TLS (1.2+ / 1.3). We apply reasonable technical and organizational security measures; however, no method of transmission or storage is 100% secure.
5. Subprocessors
We rely on the following categories of subprocessors to operate the service. This list may change as our infrastructure evolves:
- AI processing: Anthropic, OpenAI
- Database & storage: Supabase
- Session & caching: Upstash Redis
- Vector memory: Qdrant
- Payments: Cashfree
- Hosting & delivery: Vercel, Railway
6. International Data Transfers
Some of our providers operate outside your country of residence, so your information may be processed in other jurisdictions. Where applicable, we rely on appropriate safeguards offered by these providers for such transfers.
7. Data Retention
- Active account data: retained while your account is active
- Deleted account data: deleted or anonymized within approximately 30 days of account deletion, except where longer retention is required (see below)
- Payment records: retained as required by law (typically up to 7 years)
- Security, fraud, and abuse logs: retained for a limited period as needed
- Backups: residual copies may persist in encrypted backups for a limited period before rotation
8. Your Rights
Depending on your jurisdiction and where applicable, you may:
- Access or export your data via Settings → Export
- Request deletion of your account; we will delete or anonymize your data, subject to the retention exceptions above
- Request data portability
- Opt out of marketing communications
To exercise these rights, contact privacy@gleon.cloud. We may need to verify your identity before acting on a request.
9. Cookies & Sessions
We use essential cookies and browser storage for authentication, session management, and security (such as CSRF protection). We do not use tracking cookies for advertising purposes.
10. Children's Privacy
Gleon OS is not directed to children, and we do not knowingly collect personal information from anyone under the age required to consent in their jurisdiction. If you believe a minor has provided us information, contact us and we will take appropriate steps to remove it.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be reflected by updating the "Last updated" date above, and where appropriate we may provide additional notice.
12. Contact Us
For privacy-related queries: privacy@gleon.cloud or hello@gleon.cloud