Insieme.AI
    Privacy by Design

    Your Privacy
    Is Our Priority

    Security, transparency, and regulatory compliance. Every technical decision is made to protect your data.

    Bandiera dell'Unione Europea - Conformità GDPRGDPR
    AI Act
    EU Servers
    Our values

    Our Principles

    Three fundamental pillars guide every decision we make about data management.

    Your Data Never Used for Training

    Your conversations are NEVER used to train AI models. We use third-party APIs that guarantee the same commitment.

    Real Deletion

    When you ask to delete your data, we really delete it. No tricks, no hidden backups, no secret retention.

    You're in Control

    Export all your data at any time. Clear companion memory. Delete your account. Control is always yours.

    Multi-layer protection

    Technical Security

    Concrete implementations to protect your data at every level.

    TLS/HTTPS Encryption

    All data in transit is protected with TLS encryption. Insecure connections are automatically redirected.

    Secure Passwords

    Passwords are always encrypted. We never store passwords in plain text, not even in logs.

    JWT Authentication

    Secure session tokens with automatic expiration. Google OAuth support for even more secure access.

    Servers in Europe

    Your data is stored on servers in Europe. No unnecessary transfers to non-EU countries.

    Row Level Security

    Every database query is filtered at the row level. It's technically impossible to access other users' data.

    Secure OAuth Tokens

    Tokens for Outlook and Calendar are encrypted at rest. Automatic refresh ensures always valid sessions.

    100% Compliant

    Regulatory Compliance

    Full compliance with European data protection and artificial intelligence regulations.

    Bandiera dell'Unione Europea - Conformità GDPR

    GDPR

    Regolamento UE 2016/679

    • Right to access your data (Art. 15)
    • Right to rectification (Art. 16)
    • Right to erasure (Art. 17)
    • Right to portability (Art. 20)
    • Documented legal basis for each processing
    • DPA with all sub-processors

    AI Act

    Regolamento UE 2024/1689

    • Clear disclosure: companions are AI, not humans
    • No emotional or behavioral manipulation
    • System classified as low risk
    • Transparency about models used
    • No social scoring or surveillance
    • Complete technical documentation
    Our commitments

    What We DON'T Do

    Explicit commitments about practices we will never adopt.

    We don't sell your data to third parties
    We don't show ads in the service
    We don't use your data to train AI
    We don't track your external browsing
    We don't share data with data brokers
    We don't create profiles for third-party marketing
    We don't retain data after requested deletion
    We don't access your email content without explicit OAuth
    Responsible use

    What Insieme.AI Cannot Do

    Transparency about our service limitations to help you use it consciously.

    Does not provide medical diagnoses or health advice
    Does not replace professional psychological therapy
    Does not make financial or legal decisions for you
    Does not access your accounts without explicit OAuth permission
    Cannot handle medical or safety emergencies
    Cannot replace real human relationships

    ⚠️ In case of emergency, always contact emergency services (112/911) or a qualified professional.

    Full transparency

    Data Handling

    What we collect, why, and for how long.

    Data typePurposeRetention
    Email and nameIdentification and communicationsUntil account deletion
    ConversationsChat history and AI contextUntil account deletion
    Uploaded documentsRAG system for responsesUntil user deletion
    Notes and remindersPersonal organizationUntil user deletion
    MemoriesAI response personalizationUntil user deletion
    OAuth tokensEmail/calendar accessUntil disconnection
    Usage statisticsLimits and monitoringDaily reset
    AI usage logsCost monitoring and plan limits12 months
    Proactive message logsDeduplication and quality12 months
    Transcribed audioVoice commandsNot retained

    We use cookies to improve your experience. You can choose which ones to accept. Learn more