PRIVACY POLICY

Privacy Protocol

How Aegin collects, uses, and protects your data. Radical transparency is our protocol.

Effective: March 1, 2026
Aegin Intelligence Corp.

00. PREAMBLE

Aegin is a behavioral enforcement tool. To do its job, it must observe your behavior. This document details exactly what we collect, where it goes, who sees it, and what we will never do with it. We believe radical transparency is the only antidote to digital mistrust.

We monitor your digital footprint to enforce discipline. You agreed to this before using the app. This document makes that explicit.

01. WHAT WE COLLECT

1.1 Account Information

When you create an account, we collect your email address, a hashed password (stored securely via Supabase Auth), and a unique user identifier. We do not collect your real name unless you voluntarily provide it.

1.2 Device Information

We collect a persistent device identifier — either the Android ID (on Android devices) or a randomly generated UUID stored in iOS Secure Enclave (on iOS devices). This identifier is used exclusively to enforce the single-device-per-account restriction. It is not shared with advertisers or third parties.

We store one (1) active_device_id per account. If a second device authenticates, access from the first is immediately terminated.

1.3 Screen Time & App Usage Data

On Android, we collect per-app foreground usage statistics via the UsageStatsManager API. This includes package names, time-in-foreground, and last-used timestamps. On iOS, app selection is performed via Apple's FamilyActivity framework; we receive opaque tokens representing selected apps, not bundle IDs or app names readable by us.

This data is stored locally on your device and transmitted to our servers only as part of AI judgment evaluations (see § 1.5).

1.4 Biometric & Health Data

On supported devices and with explicit user permission, Aegin reads sleep duration, resting heart rate, and heart rate variability (HRV) from Apple HealthKit (iOS) or Google Health Connect (Android). This data is used locally and transmitted to our AI judgment engine to provide contextual evaluations of your plea requests.

YOUR BIOMETRIC DATA IS NEVER SOLD. It is not shared with advertisers, data brokers, or any third party outside of the AI processing pipeline described in § 1.5.

1.5 Plea Content & AI Processing

When you submit an emergency plea for temporary app access, the following data is transmitted to our AI judgment engine hosted via OpenAI's API:

  • Your plea text (what you typed)
  • Your current crucible duration and remaining lock time
  • Your biometric context (sleep & HRV, if available)
  • Your historical plea record and approval rate

This data is sent to OpenAI via an encrypted HTTPS API call. OpenAI processes the request and returns a judgment. OpenAI does not use your plea content or personal data to train its models.

We do not train any model on your pleas. Your weakness is not a dataset.

1.6 Purchase & Transaction Data

Web-based subscriptions are processed by Paddle (global) and Razorpay (India). In-app PAC purchases are processed by Apple App Store or Google Play. We do not collect or store payment card numbers. Transaction records (amounts, dates, user IDs, tier granted) are stored in our secured database. The 14-day statutory reversal right applies to Paddle-processed subscriptions — see Refund Policy.

02. HOW WE USE YOUR DATA

AUTHENTICATIONEmail + hashed password for login
DEVICE ENFORCEMENTactive_device_id to prevent multi-device use
APP BLOCKINGApp tokens / package names to enforce crucible locks
AI JUDGMENTPlea text + biometrics → OpenAI → approve/reject outcome
ANALYTICSAggregate, anonymized usage patterns for product improvement
SUPPORTEmail correspondence with support@aegin.live

03. DATA RETENTION

Account data is retained until you explicitly delete your account. Plea content transmitted to OpenAI is not retained by OpenAI beyond the active API session. Screen time logs older than 90 days are automatically purged from our servers. Health data is not persisted server-side beyond the judgment request.

To delete your account and all associated data, email support@aegin.live with the subject line "DELETE MY DATA." We will process deletion within 30 days.

04. SHARING & DISCLOSURE

We do not sell your data. Full stop. We share data in the following limited circumstances:

  • OpenAI — receives plea + biometric context for AI judgment. No training. No storage.
  • Supabase — hosts our database and auth layer. Data is encrypted at rest and in transit.
  • Paddle / Razorpay — processes web-based subscriptions. Never sees your in-app payment data.
  • Law enforcement — only when legally required by a valid court order or subpoena.

Squad members (users in your Syndicate) can see your username, plea text (when you submit a plea), and your approval/rejection history. This is the designed social accountability mechanism.

05. SYSTEM PERMISSIONS & ENTITLEMENTS

iOS Entitlements

Aegin for iOS requests the com.apple.developer.family-controls entitlement to access FamilyControls, ManagedSettings, and DeviceActivity frameworks. These are used exclusively to enforce app blocking (shielding) on your device.

Android Permissions

Aegin for Android requests: PACKAGE_USAGE_STATS, SYSTEM_ALERT_WINDOW, and BIND_ACCESSIBILITY_SERVICE. These are used exclusively for the app blocking enforcement mechanism.

Health Permissions

Apple HealthKit and Google Health Connect access is requested only if you opt into biometric data on the profile screen. You may revoke this permission at any time from your device settings.

06. SECURITY

All network communication between the Aegin app and our servers uses TLS 1.3. Database records are encrypted at rest by Supabase (AES-256). Device identifiers are stored in iOS Secure Enclave and Android Keystore. We conduct no logging of plain-text passwords.

Despite best efforts, no system is impenetrable. In the event of a breach, we will notify affected users within 72 hours to the email on file.

07. AGE REQUIREMENTS

Aegin is not directed at individuals under 17 years of age. We do not knowingly collect data from minors. If you believe a minor has created an account, contact support@aegin.live immediately.

08. CHANGES TO THIS PROTOCOL

We reserve the right to update this Privacy Protocol. Material changes will be communicated via an in-app notification and a 30-day notice period. Continued use of Aegin after the effective date constitutes acceptance of the updated terms.

09. CONTACT

Questions, erasure requests, or security concerns: support@aegin.live

LEGAL DOCUMENTS
Terms of ServicePrivacy PolicyRefund Policy