Privacy Policy

Last Updated: December 1, 2024
Your privacy and intellectual property protection are the foundation of our platform. We've engineered our entire system around a zero-persistence model that ensures your data remains exclusively yours.

Our Privacy Promise

TheSSS AI is built on the principle that your intellectual property belongs to you alone. Our zero-persistence architecture ensures that your code, requirements, and project data never become part of our systems.

Memory-Only Processing

All operations occur in volatile memory

No Data Mining

We never analyze your code for training

Immediate Deletion

Data wiped upon delivery completion

Zero-Persistence Architecture

Our entire platform is designed around the principle that your intellectual property should never persist on our systems.

Input Security

Requirements encrypted in transit (TLS 1.3)
Processed in isolated memory containers
No logging or temporary file creation
Automatic memory sanitization

Processing Security

AI models run in sandboxed environments
Generated code exists only in volatile memory
No cross-contamination between projects
Real-time memory monitoring and protection

Delivery Security

Direct encrypted transfer to your repository
No intermediate storage or caching
Immediate memory wiping post-delivery
Cryptographic proof of deletion

1. Information We Collect

Account Information

To provide our service, we collect basic account information:

Identity: Name, email address, company name (optional)
Authentication: Secure password hash, OAuth tokens where applicable
Billing: Payment information processed by third-party providers (Stripe)
Communication: Support tickets, correspondence history

Storage Location: Account data is stored in encrypted databases with industry-standard security measures.

Project Requirements (Zero Persistence)

What We Process:

Project specifications and requirements
Technology stack preferences
Architecture guidelines
Feature descriptions and user stories

What We DON'T Store:

✗ Project requirements text
✗ Generated code or documentation
✗ Temporary files or logs
✗ Processing metadata or analytics

Usage Analytics (Privacy-Preserving)

We collect minimal, anonymized usage data to improve our service:

Feature usage patterns (anonymized)
Performance metrics and error rates
Platform and browser information
Geographic region (country-level only)

No Code Analysis: We never analyze your project content for usage analytics.

2. How We Use Your Information

Service Delivery

Process your project requirements
Generate custom code foundations
Deliver results to your repository
Provide customer support
Process billing and payments

Platform Improvement

Monitor system performance
Identify and fix technical issues
Enhance user experience
Develop new features
Ensure security and compliance

What We Never Do With Your Data

Train AI models with your code

Sell or share project data

Store or cache your requirements

Analyze content for marketing

Create backups of generated code

Share with third parties without consent

3. Data Security & Protection

Technical Safeguards

Encryption

TLS 1.3 for all data in transit
AES-256 encryption for stored data
End-to-end encryption for sensitive operations
Regular key rotation and management

Infrastructure

SOC 2 Type II compliant cloud providers
Multi-layer firewalls and intrusion detection
Regular security audits and penetration testing
24/7 security monitoring and response

Access Controls

Role-Based Access

Principle of least privilege

Multi-Factor Auth

Required for all staff

Audit Trails

Complete access logging

4. Your Privacy Rights

Data Subject Rights (GDPR/CCPA)

Access: Request copies of your personal data
Rectification: Correct inaccurate information
Erasure: Delete your account and data
Portability: Export your data in standard formats
Restriction: Limit processing of your data
Objection: Opt out of certain data uses

Exercise Your Rights

[email protected] Submit Privacy Request

We respond within 30 days to all requests

5. Third-Party Services

We use carefully selected third-party services to provide our platform:

Payment Processing

Stripe: Secure payment processing
PCI DSS Level 1 certified
No storage of payment data on our servers

Analytics

Google Analytics: Anonymized usage metrics
IP addresses masked
No personal data shared

Infrastructure

Cloud Providers: AWS, Google Cloud
SOC 2 Type II compliance
Data residency controls

Important: Third parties never have access to your project requirements or generated code.

6. Cookies & Tracking

Essential Cookies

Authentication and session management
Security and fraud prevention
Platform functionality and preferences
Load balancing and performance

These cannot be disabled without affecting functionality

Optional Cookies

Anonymous usage analytics
Performance monitoring
Feature usage optimization
Error tracking and debugging

You can opt out of these in your account settings

7. International Data Transfers

As a global platform, we may process data across different jurisdictions:

Safeguards

Standard Contractual Clauses (SCCs)
Adequacy decisions where applicable
Additional technical and organizational measures
Regular compliance assessments

Data Residency

Account data stored in secure data centers
Enterprise customers can specify regions
Project data never leaves processing memory
Compliance with local data protection laws

8. Policy Updates & Contact Information

Privacy Policy Updates

We may update this Privacy Policy to reflect changes in our practices or for legal reasons:

Material changes: 30-day advance notice via email
Minor updates: Posted on this page with updated date
Emergency changes: Immediate notification for security updates

We encourage you to review this policy periodically.

Privacy Questions or Concerns?

Our Data Protection Officer and privacy team are here to help with any questions about your data rights or our privacy practices.

Contact Privacy Team

Submit Data Request

Security Team

[email protected]

Response Time

30 days maximum