Privacy Policy

Account and Contact Information: When you sign up for a Barie.AI account, we collect information such as your name, email address, username, password, and any profile details you choose to provide. If you contact us for support or feedback, we collect the content of your communications (emails, chat messages, etc.) and your contact details.

User Content and Chat Logs: Our AI platform involves user interactions (e.g., chats, prompts, files uploaded). We collect and store the content you input into the system – including chat logs, prompts, documents, or other materials – as well as the AI-generated outputs ("User Content"). This data is used to operate the service (for example, to generate accurate responses and to maintain your conversation history) and to improve our AI models and features over time, in accordance with this Policy. We do not claim ownership of your User Content; however, by using our service, you grant Barie.AI a license to use your content for the purposes of providing and enhancing the services (as further described in the Terms of Service).

Payment and Transaction Data: Barie.AI operates on a credit-based model. If you choose to purchase credits or paid features, we (through our third-party payment processor) collect payment information. Payments are processed by Stripe, Inc. ("Stripe"), so you will provide payment card details (credit/debit card number, billing address, etc.) directly to Stripe. Stripe may collect and process your payment information (such as card number, billing address, email, and transaction amount) to facilitate the transaction. We do not store your full credit card numbers on our servers. We only receive limited information from Stripe such as a payment confirmation, your name, and the last four digits of your card or other tokenized identifiers. All such payment data is handled in accordance with Stripe's own privacy policy (see Third-Party Services below for links).

Usage Data and Analytics: When you use Barie.AI, we automatically collect certain information about your device and how you interact with our platform. This may include:

Log and Device Data: IP address, browser type and version, operating system, device identifiers, time stamps of access, and pages or features you accessed.

Usage Analytics: We use analytics tools (such as Google Analytics) to gather data on user interactions, feature usage, session duration, and other usage metrics. Google Analytics uses first-party cookies and similar identifiers to collect information about how visitors use our site. This information helps us understand user engagement and improve our services (for example, by identifying popular features or troubleshooting technical issues). Google Analytics may collect data such as your IP address, geolocation (general region), device information, and on-site actions. We have configured Google Analytics to anonymize IP addresses where required. (See Cookies and Tracking below and our Cookies Policy for more details.)

Cookies and Similar Technologies: We use cookies, web beacons, and related tracking technologies to provide and personalize our services, keep you logged in, remember your preferences, and analyze usage. For instance, when you log in, we place a session cookie on your browser so you don't have to re-enter your credentials on every page. Our Cookies Policy (see below or on our website) provides more information on the types of cookies we use and your choices.

Profile and Preference Information: You may have the option to create a user profile (e.g., add a profile picture or bio) or set preferences (such as language or notification settings). This information is stored to personalize your experience.

Communications: If you subscribe to newsletters, opt in to marketing emails, or participate in surveys or promotions, we will collect the information you provide (such as your email address and survey responses). You can opt out of marketing communications at any time by using the unsubscribe link in emails or contacting us.

To Provide and Maintain the Service: We process your account data and User Content to authenticate you, allow you to log in, and enable you to use the Barie.AI platform and its AI-powered tools. For example, we use your prompts and inputs to generate AI responses and to carry out tasks via our AI agents. We use chat logs and usage data to ensure continuity in your sessions and provide relevant results.

Service Improvement and AI Training: We are continually improving Barie.AI's capabilities. To do so, we may analyze User Content (e.g. chat interactions and usage patterns) to debug issues, develop new features, and train or refine our AI models. Where feasible, we will aggregate or pseudonymize data used for improvement so it does not directly identify individuals. If you prefer that your personal data (including chat content) not be used for model training or improvement purposes, please contact us (or use any in-app privacy settings, if available) to opt out. We respect user choices and will comply with applicable laws regarding the processing of your data for improvement of our services.

Billing and Account Administration: If you make purchases, we use your information to process transactions (via Stripe) and maintain proper business records. We may send you invoices, receipts, account balance notifications, or alerts when your credit balance is low. We also use usage data to calculate charges (for example, if certain features consume credits per use).

Customer Support and Communication: When you contact us with questions, feedback, or issues, we use your contact and communications data to respond and help resolve any problems. We may also send service-related announcements or important notices, such as changes to terms or privacy policy, security alerts, or updates about our platform. These transactional communications are necessary for the operation of the service and are sent even if you opt out of marketing messages.

Analytics and User Experience: We use data (especially aggregated analytics data) to understand how our platform is used, which features are popular, how users navigate the interface, etc. This helps us optimize workflows, fix performance issues, and make informed decisions about product enhancements. For instance, usage data might inform us that a new feature is underused, indicating we need to improve its design or provide guidance.

Security and Fraud Prevention: We are dedicated to keeping Barie.AI secure. We may process data (including IP addresses, device info, and usage patterns) to monitor for suspicious or fraudulent activity, detect malicious use of the AI (such as attempts to generate disallowed content or scrape data), enforce our Terms of Service, and protect the integrity of our platform. If necessary, we will use data to investigate violations and to prevent harm to users, Barie.AI, or the public.

Legal Compliance: We may use or disclose your information as required to comply with applicable laws, regulations, legal processes, or governmental requests. For example, we may retain and produce records as necessary to comply with tax laws, law enforcement requests (under proper legal process), or to exercise or defend legal claims.

Marketing and Promotional Purposes: Only with your consent, we might use your contact information to send you newsletters, updates about new features, special offers, or events related to Barie.AI. You have control over receiving these communications, and we will honor opt-out/unsubscribe requests promptly. We do not spam, and we will never sell your personal data to third-party advertisers.

Performance of a Contract: Much of our data processing is to provide you with the Barie.AI services you request under our Terms of Service – for example, using your inputs to generate AI results, or processing payment information to complete a purchase. We cannot provide the service without this processing.

Legitimate Interests: We process certain data as necessary for our legitimate business interests, provided those are not overridden by your data-protection rights. For example, improving and personalizing our services, ensuring security, and analyzing usage are activities performed in our legitimate interests. We consider and balance any potential impact on your rights when relying on this basis.

Consent: We will obtain your consent where required – for instance, before sending marketing emails or when collecting certain analytics or cookies data in jurisdictions that mandate consent. If we rely on consent, you have the right to withdraw it at any time (for example, by adjusting cookie preferences or unsubscribing from emails), which will not affect the lawfulness of processing before withdrawal.

Legal Obligation: In some cases, we need to process or retain data to comply with a legal obligation, such as maintaining transaction records for financial regulations or responding to valid legal requests from authorities.

Public Interest or Vital Interests: Generally not applicable to our standard services, but if ever we needed to process data to protect someone's vital interests (e.g., in case of an imminent threat) or for a task in the public interest, we would do so in accordance with the law.

Essential Cookies: These are necessary for our site to function. For example, authentication cookies keep you logged in as you navigate our platform, and security cookies help prevent fraudulent use of your account. Without these cookies, certain services or features (like maintaining your session or processing a credit purchase) would not work properly.

Analytics Cookies: We use Google Analytics and similar tools to collect information about how users interact with our site. Google Analytics sets cookies (such as _ga and others) to gather data on site usage and performance. This helps us analyze aggregate trends and improve the user experience. The information generated by Google Analytics cookies will be transmitted to and stored by Google on servers in the United States (or other countries where Google operates data centers). Google Analytics data is subject to Google's privacy policies. We have enabled settings to respect Do-Not-Track or Global Privacy Control signals for California users where feasible, and we honor any consent requirements for EU users (the analytics cookies will not be set unless you have given consent via our cookie banner, when applicable).

Preference Cookies: These cookies remember your preferences and settings to provide a more personalized experience (for example, your chosen language, or whether you've dismissed a particular in-app tutorial).

Third-Party and Social Media Cookies: Currently, Barie.AI does not integrate social media login or plugins that set their own cookies. However, if in the future we do (for instance, allowing login via Google or using a support chat widget), those third-party tools may set cookies subject to their own privacy policies. We will update our Cookies Policy accordingly and inform you.

Advertising Cookies: Barie.AI does not display third-party ads nor use advertising cookies at this time. We do not allow third-party advertisers to collect data about you for targeted advertising through our site. If this ever changes, we will update our policies and obtain necessary consents.

Service Providers ("Processors"): We use trusted third-party companies to perform services on our behalf, and they may process personal data as needed for those services. These include:

Payment Processor – Stripe: As noted, we use Stripe to handle credit card payments and billing. Stripe will process your payment transactions and related data. We share with Stripe the information needed to charge your card or payment method (such as your name, email, and purchase amount), and Stripe collects your payment card details directly via secure iFrames or redirects. Stripe may also use cookies or device identifiers to detect fraud and ensure secure transactions. Stripe is contractually bound to protect your data and only use it for payment processing and compliance. For more information, see the Stripe Privacy Policy.

Analytics Provider – Google Analytics: We use Google Analytics (a service provided by Google LLC) to understand how users engage with our site. Google acts as our data processor for analytics data. Google Analytics may receive certain usage data (as described above in "Usage Data and Analytics"), which it processes to compile reports for us. We have a data processing agreement with Google to ensure GDPR compliance. You can learn more about how Google handles data by reading Google's Privacy Policy. We do not send Google any directly identifying personal information (such as your name or email); Google Analytics is configured to use randomized or truncated identifiers.

Cloud Hosting and Infrastructure: Barie.AI is hosted on secure cloud servers. We use reputable cloud service providers (such as Amazon Web Services (AWS), Google Cloud Platform, or similar) to store and process data. These providers may have access to personal data for storage, backup, and computing purposes. They are not allowed to use or disclose your data except as instructed by us and as necessary to provide their services. We employ encryption and other safeguards within our cloud infrastructure to protect your data.

Email and Communication Tools: If we send emails or support communications, we may use a third-party email service provider or CRM (e.g., SendGrid, MailChimp, Zendesk). These providers would process your contact information and message content on our behalf solely for the purpose of sending communications or managing support tickets.

Other Service Providers: We might use additional vendors for things like error monitoring (e.g., Sentry), user support chat, or other functionality. We will update this policy if we introduce new significant providers processing personal data. All our service providers are subject to data protection obligations and will only process personal data as necessary and in line with this Privacy Policy.

Business Partners: In the future, Barie.AI may partner with universities, researchers, or other companies to jointly develop features or conduct research on AI. We will only share data in such collaborations after anonymizing or aggregating it, unless we have your consent or another legal basis to share identifiable data. If any co-branded features or events involve sharing your information in a way not covered by this policy, we will provide details at the point of collection or via a separate agreement.

Affiliates and Corporate Transactions: We may share data with our parent company, subsidiaries, or other companies under common ownership (our "affiliates") for purposes consistent with this Policy (such as internal administration, platform improvement, or to offer new services). If Barie.AI is involved in a merger, acquisition, sale of assets, bankruptcy, or other corporate change, your information may be transferred to the successor or partner entity as part of that transaction. In such cases, we will ensure the new entity is bound to protect your data in line with this Privacy Policy and applicable law, and we will notify you of any change in ownership or data handling.

Legal Compliance and Protection: We may disclose your information if required to do so by law or pursuant to a valid legal process (e.g., a subpoena, court order, or search warrant). We may also disclose data when we believe in good faith that it is necessary to: enforce our Terms of Service; investigate or protect against harmful activities, fraud, or security issues; protect our rights, property, and safety, or those of our users or the public. This may include exchanging information with law enforcement or other companies and organizations for fraud prevention, spam/malware protection, or similar purposes. We will endeavor to notify you of legal demands for your data when appropriate, unless prohibited by law or court order.

With Your Consent: In situations where you explicitly consent to or request data sharing, we will share your information accordingly. For example, if you authorize us to share your testimonial on our website, or integrate Barie.AI with a third-party service at your request, we will transfer data as needed with your permission.

Account information and profile data are kept as long as your account is active. If you delete your account or request deletion, we will erase or anonymize this data (except to the extent we need to retain some information for legal obligations or resolving disputes).

Chat logs and user content are stored to provide you with your conversation history and for service improvement. If you delete specific conversations (if our interface allows), we will remove those logs from active use. Even if not visible to you, residual copies may remain in our backups for a short period, but we will purge them in accordance with our backup retention schedule.

Payment and transaction records are retained to comply with financial regulations and auditing requirements (typically at least 7 years in the U.S.). However, your sensitive payment details (card numbers) are stored by Stripe, not us.

Analytics data is retained as long as needed for analysis – Google Analytics data, for instance, may be kept for a set period (e.g., 14 months) unless we configure otherwise. We have configured our analytics to not retain user-level data indefinitely.

If you communicate with us (support emails, etc.), we may retain those communications for a period to track our service performance and any recurring issues.

Encryption: All communication between your browser/app and Barie.AI is encrypted using HTTPS/TLS. Sensitive data (such as passwords and API keys) is encrypted at rest. We also ensure that data stored with third-party providers (Stripe, cloud servers) is encrypted in transit and at rest as provided by those services.

Access Controls: Personal data is accessible only to authorized personnel who need it to perform their job (for example, customer support or engineers investigating an issue). We enforce the principle of least privilege and regularly review access permissions. Multi-factor authentication is used for administrative access to systems with sensitive data.

Monitoring and Testing: Our systems are monitored for security events, and we employ tools to detect anomalies or potential intrusions. We conduct periodic security assessments, vulnerability scans, and code reviews. We also stay updated on security best practices for AI systems to mitigate unique risks (such as prompt injection or data poisoning).

Training and Policies: We train our team on data protection best practices and have internal policies in place to handle user data safely and lawfully.

Incident Response: In the event of a data breach or security incident affecting your personal data, we have a response plan to contain the incident and mitigate harm. Where required by law, we will notify you and relevant authorities of any breach involving your personal data.

Right of Access: You have the right to request confirmation of whether we are processing your personal data, and if so, to receive a copy of that data along with information about how it's used, who we share it with, and relevant details.

Right to Rectification: You have the right to have inaccurate personal data corrected and incomplete data completed. If any of your information held by Barie.AI is outdated or incorrect (e.g., you changed your email), please let us know and we will update it.

Right to Erasure (Right to be Forgotten): You can request that we delete your personal data when it's no longer needed for the purposes for which it was collected, or if you withdraw consent (where applicable) or object to processing and we have no overriding legitimate grounds. Upon valid request, we will erase your data (subject to certain exceptions like legal obligations that require retention).

Right to Restrict Processing: You have the right to ask us to restrict (pause) processing of your data if you contest its accuracy, or if the processing is unlawful but you oppose erasure, or if you need us to retain data for establishing or defending legal claims, or if you have objected to processing and verification of our grounds is pending.

Right to Data Portability: You can request a copy of personal data you provided to us in a structured, commonly used, machine-readable format, and you have the right to transmit that data to another controller (for example, another service) where technically feasible. This applies to data processed by us by automated means, based on your consent or in performance of a contract.

Right to Object: You have the right to object to our processing of your personal data in certain circumstances. In particular, you can object at any time to processing of your data for direct marketing purposes, or to any processing based on our legitimate interests (if you believe it impacts your rights). If you object, we will cease the processing unless we have compelling legitimate grounds that override your interests, or if needed for legal claims.

Right to Withdraw Consent: If we rely on your consent to process any personal data (for example, for sending marketing emails or certain analytics cookies), you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing done before the withdrawal.

Right not to be Subject to Automated Decisions: Barie.AI does not make any legal or similarly significant decisions about you solely by automated means without human involvement. If that changes, you would have the right to request human review of any decision made purely by an algorithm that significantly affects you.

Right to Lodge a Complaint: If you have concerns about our data practices, you have the right to lodge a complaint with a supervisory data protection authority, particularly in the country where you live or work, or where an alleged infringement occurred. We welcome you to contact us first so we can address your concerns directly, but you are free to contact an authority at any time. For example, EU users can reach out to their local Data Protection Authority; UK users can contact the Information Commissioner's Office (ICO); and users in Switzerland can contact the FDPIC. We can provide contact details for these authorities upon request, or you may refer to resources such as the European Data Protection Board list of authorities.

Right to Know: You have the right to know what personal information we collect, use, disclose, and sell (if applicable) about you. This includes the categories of personal information, the categories of sources, the business or commercial purposes for collection, the categories of third parties with whom we share personal info, and the specific pieces of personal information we hold about you. We provide much of this information in this Privacy Policy. You also have the right to request that we provide you with additional details or a copy of your personal data that we have collected in the past 12 months.

Right to Delete: You can request that we delete personal information we have collected from you (and direct our service providers to do the same), subject to certain exceptions. For example, we may retain information needed to complete transactions you requested, detect security incidents, comply with legal obligations, or other reasons permitted by CCPA. If you request deletion, we will explain any information we cannot delete due to an exception.

Right to Opt-Out of Sale or Sharing: The CCPA gives you the right to opt out of the "sale" or "sharing" of your personal information. Sale is defined broadly in CCPA, and while Barie.AI does not sell personal data for money, some sharing of data for advertising or analytics could be considered a "sale" under CCPA's definitions. However, we do not share data with third parties for cross-context behavioral advertising except with your consent (and currently we do not engage in targeted advertising). If in the future we consider using personal data for advertising that falls under "sale" or "sharing," we will implement a "Do Not Sell or Share My Personal Information" link or similar mechanism to allow you to opt out. We also recognize Global Privacy Control (GPC) signals; if we detect a GPC signal from your browser, we will treat it as a valid opt-out request for sale/sharing of personal info.

Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. This means we will not deny you services, charge you a different price, or provide a different level of quality because you exercised your privacy rights. (However, please note that if deletion of your data prevents us from providing the service, we may need to disable your account – for example, if you request deletion of all data we need to keep your account active, that's a consequence of your request, not discrimination.)

Right to Correct: Under the CPRA amendments, you have the right to request correction of inaccurate personal information that we maintain about you. If you become aware that any of your information is incorrect, please contact us and we will rectify it (taking into account the nature of the personal info and the purposes of processing).

Right to Limit Use of Sensitive Personal Information: The CPRA also gives consumers the right to limit our use or disclosure of sensitive personal information (SPI) if we use it for purposes beyond certain exempted purposes. Barie.AI does not collect or use SPI for purposes that would trigger this right (as we do not engage in profiling or marketing using sensitive data). In the event we ever do handle sensitive data in a way that grants this right, we will provide a clear method for you to exercise it (such as a "Limit Use of My Sensitive Info" link).

Standard Contractual Clauses: For EU/EEA, UK, or Swiss users, we rely on the European Commission's Standard Contractual Clauses (SCCs) or equivalent mechanisms as a legal basis for data transfers to the U.S. and other countries. Our agreements with service providers (like our cloud hosts and processors) include SCCs where required, committing them to protect EU personal data to EU standards.

Additional Safeguards: We assess on a case-by-case basis whether additional technical or organizational measures are needed for specific transfers. For example, we utilize strong encryption for data in transit and at rest, which helps protect data if accessed by foreign authorities. We also carefully select vendors with strong privacy and security practices.

Binding Corporate Rules / Certifications: Although Barie.AI is a single-company platform (not a large multinational with different branches), we adhere to internal policies aligning with GDPR principles. If in the future we expand internationally, we may implement Binding Corporate Rules or certify under frameworks like the EU-U.S. Data Privacy Framework (if applicable and approved). We will update this section accordingly.