Skip to main content
ACE3 LogoACE3
Public BetaWe're in Public Beta. Things may break. Please report issues via the Support tab.
Back to Home

Privacy Policy

Last updated: January 2025

1. Introduction

ACE3 Ltd ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal data when you use the ACE3 service ("the Service").

2. Data Controller

ACE3 Ltd is the data controller for personal data collected through the Service. Contact: legal@ace3-ai.com

3. Information We Collect

Account Information

  • Email address
  • Name
  • Password (hashed, never stored in plain text)
  • Organization name (optional)

Usage Data

  • API usage statistics
  • Feature usage patterns
  • Error logs
  • IP addresses

Payment Information

Payment processing is handled by Stripe. We do not store your full credit card details. We receive only transaction confirmations and last four digits.

Your Memory Data

Data you store in ACE3 (memories, decisions, issues, etc.) is stored in your designated database. We process this data only to provide the Service.

4. How We Use Your Data

We use your data to:

  • Provide and maintain the Service
  • Process payments and manage subscriptions
  • Send service-related communications
  • Provide customer support
  • Monitor and improve the Service
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

5. Legal Basis for Processing (GDPR)

We process your data based on:

  • Contract: To provide the Service you've signed up for
  • Legitimate interests: To improve and secure the Service
  • Consent: For optional marketing communications
  • Legal obligation: To comply with applicable laws

6. Data Sharing

We share data only with:

  • Stripe: Payment processing
  • Resend: Email delivery
  • Google Cloud Platform: Infrastructure hosting
  • Neon: Database hosting (auth database)

We do not sell your personal data to third parties.

7. Data Retention

We retain your account data while your account is active. After account deletion:

  • Account data is deleted within 30 days
  • Memory data is deleted immediately or per your configuration
  • Billing records are retained as required by law (typically 7 years)
  • Anonymized usage data may be retained for analytics

8. Data Security

We protect your data using:

  • TLS/SSL encryption in transit
  • Encryption at rest for sensitive data
  • Regular security audits
  • Access controls and authentication
  • Infrastructure security via GCP

9. Your Rights (GDPR/UK GDPR)

You have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion of your data
  • Portability: Export your data in a machine-readable format
  • Objection: Object to certain processing
  • Restriction: Request limited processing

To exercise these rights, contact legal@ace3-ai.com or use the dashboard settings.

10. International Transfers

Your data may be processed in the UK, EU, and US. We ensure appropriate safeguards are in place, including Standard Contractual Clauses where applicable.

11. Cookies

We use essential cookies for authentication and session management. We do not use tracking or advertising cookies. Analytics are privacy-respecting and aggregated.

12. Children's Privacy

The Service is not intended for children under 16. We do not knowingly collect data from children. If you believe a child has provided us with data, please contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email or through the Service. Continued use after changes constitutes acceptance.

14. Contact Us

For privacy-related inquiries:

Email: legal@ace3-ai.com
Website: https://ace3-ai.com

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.