Legal
Privacy Policy
Effective date: June 8, 2026
This Privacy Policy explains how ALLWEONE collects, uses, discloses, and protects information when you use our websites, landing pages, applications, AI workspace, collaboration tools, shared links, and related services.
ALLWEONE is operated from San Francisco, California. This policy is drafted for a California startup and includes California privacy disclosures, including the rights that may apply to California residents under the CCPA as amended by the CPRA.
This is a product policy for the public site and application. It should be reviewed by counsel before production launch, especially if the company legal entity, billing model, enterprise contracts, model-training practices, or advertising setup changes.
1. Scope
This policy applies to ALLWEONE, including DBI, AI chat, documents, presentations, designs, mind maps, ChatPDF workflows, notes, projects, file uploads, public and private sharing, integrations, and support channels.
This policy does not apply to websites, products, models, or services owned by third parties, even if they are linked from or integrated with ALLWEONE. Their own policies apply to their processing of information.
2. Notice at collection
The table below describes the categories of personal information we may collect, the main purposes for collection, the sources, and the categories of recipients. We do not sell personal information for money. We also do not knowingly sell or share personal information of users under 16.
| Category | Examples | Sources | Use and disclosure |
|---|---|---|---|
| Identifiers | Name, email address, profile image, account ID, OAuth account data, support contact information. | You, your identity provider, team administrators, and invited collaborators. | Account creation, login, authentication, support, collaboration, notifications, fraud prevention, and service providers that support those functions. |
| Account and workspace information | Profile settings, preferences, roles, teams, spaces, projects, folders, tags, invitations, permissions, public and private share settings. | You, your workspace members, and product interactions. | Operating the workspace, saving settings, managing access, showing activity, enforcing permissions, support, security, and analytics. |
| User content | Prompts, chats, files, PDFs, notes, documents, presentations, generated artifacts, designs, mind maps, comments, project data, uploads, images, audio, video, and other content you provide or generate. | You, collaborators, uploads, imports, connected services, and AI workflows you initiate. | Providing requested features, generating AI outputs, saving work, enabling sharing, indexing files for retrieval, troubleshooting, abuse prevention, and service providers such as AI model, storage, search, vector database, and media-processing providers. |
| Integration information | Google or GitHub login data, calendar connection data, external search results, image or media provider results, and information you choose to import from third-party tools. | Connected services and integrations you enable. | Authenticating you, connecting calendars, importing or searching content, generating media, processing files, and maintaining integration security. |
| Usage, device, and analytics information | IP address, browser type, device information, pages viewed, feature usage, errors, diagnostics, performance events, cookies, and session analytics. Product analytics may use masked session recordings where enabled. | Your browser, device, cookies, logs, and analytics tools. | Security, debugging, performance, analytics, product improvement, fraud prevention, and service providers that help us host, monitor, and improve ALLWEONE. |
| Sensitive personal information | Account credentials, precise location if you provide it, contents of private messages or uploaded files, and optional image, audio, or video recordings used for features such as replicas or media workflows. | You, connected services you authorize, and product features you choose to use. | Providing the feature you requested, securing accounts, preventing abuse, and complying with law. We do not use sensitive personal information to infer protected characteristics. |
| Commercial and billing information | Plan selections, order details, billing contact information, tax information, and payment status if paid services are offered. | You, enterprise customers, administrators, and payment processors. | Providing paid services, processing payments, invoices, taxes, account administration, support, fraud prevention, and legal compliance. Payment card details should be handled by payment processors, not stored directly by ALLWEONE. |
| Communications and feedback | Support requests, survey responses, bug reports, product feedback, attachments, and messages to us. | You and people who contact us on your behalf. | Responding to requests, improving the product, fixing bugs, training support workflows, protecting users, and keeping business records. |
3. How we use information
- Provide, operate, personalize, and maintain ALLWEONE.
- Create and edit AI-generated chats, documents, presentations, designs, mind maps, notes, project plans, and other artifacts at your request.
- Store your workspace, uploads, generated artifacts, history, preferences, and sharing settings.
- Authenticate users, manage accounts, enforce permissions, and support collaboration.
- Process files, extract document content, index files for retrieval, and connect user-enabled integrations.
- Monitor performance, debug errors, maintain security, prevent abuse, and enforce our Terms.
- Analyze aggregate usage and improve product quality, reliability, safety, and user experience.
- Communicate with you about the service, support, security, updates, and administrative notices.
- Comply with legal obligations, resolve disputes, and protect the rights, safety, and property of ALLWEONE, users, and others.
4. AI processing
ALLWEONE uses first-party logic and third-party AI providers to provide generative AI, search, retrieval, media, and document-processing features. When you ask the service to generate, summarize, analyze, transform, or search content, we may send the relevant prompt, files, context, settings, and output metadata to those providers so they can perform the requested work.
If you use AI tokens or credits provided for free by ALLWEONE, the prompts, inputs, files, outputs, and related usage data processed through those free tokens may be shared with OpenAI and may be used to train or improve OpenAI models, subject to OpenAI's policies.
We do not sell your private workspace content. We do not intentionally use private workspace content to train a public, general-purpose ALLWEONE model unless we provide a separate notice or obtain your consent. We may use de-identified, aggregated, or diagnostic information to improve safety, reliability, and product quality.
Third-party AI providers may process inputs and outputs under their own contracts and policies. You should avoid submitting highly sensitive information unless it is necessary for your use of the service.
7. Public and private sharing
ALLWEONE includes sharing features for chats, documents, designs, presentations, projects, and other artifacts. If you create a public link, anyone with that link may be able to access the shared content according to the permissions you set. If you create a private share, invited recipients may see the information needed to access the shared item.
You are responsible for checking content before sharing it and for disabling links or revoking access when sharing is no longer intended.
8. Retention
We keep personal information for as long as reasonably necessary to provide the service, maintain your account and workspace, comply with legal obligations, resolve disputes, enforce agreements, protect security, and maintain business records.
Workspace content is generally retained until you delete it, your account is closed, or the workspace administrator removes it, subject to backups, legal obligations, security logs, and operational retention. Some deleted information may remain in backups or logs for a limited period before it is overwritten or deleted.
| Information | Typical retention approach |
|---|---|
| Account and profile information | For the life of the account and a reasonable period afterward for legal, security, and business records. |
| Workspace content, uploads, chats, and generated artifacts | Until deleted by you or an authorized administrator, or until the account or workspace is closed, subject to backups and legal requirements. |
| Public and private sharing records | While the share is active and for a reasonable period afterward for security, audit, and abuse-prevention purposes. |
| Security, diagnostics, analytics, and usage logs | For a limited operational period unless needed for security, fraud prevention, legal compliance, or dispute resolution. |
| Support, feedback, and business communications | As long as needed to respond, improve the product, keep business records, and satisfy legal obligations. |
9. Privacy rights
Depending on where you live and whether ALLWEONE is subject to a particular privacy law, you may have rights to request access to personal information, deletion, correction, portability, restriction or objection, opt out of certain sharing or targeted advertising, limit certain uses of sensitive personal information, and appeal a denied request.
California residents may have rights under the CCPA, including the rights to know, delete, correct, opt out of sale or sharing, limit certain use and disclosure of sensitive personal information, and be free from discrimination for exercising privacy rights. Submit requests by emailing support@allweone.com.
We may need to verify your identity before responding. Authorized agents may submit requests where permitted by law, but we may require proof of authorization and verification from the consumer.
10. Security
We use reasonable technical, administrative, and organizational safeguards designed to protect personal information. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.
You are responsible for maintaining the confidentiality of your account credentials and for using strong authentication practices. If you believe your account or content has been compromised, contact us promptly.
11. Children
ALLWEONE is not intended for children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided personal information to us, contact us and we will take appropriate steps.
If you use ALLWEONE on behalf of a school, organization, or minors, you are responsible for obtaining any required permissions and using the service in compliance with applicable law.
12. International transfers
ALLWEONE is operated from the United States. If you use the service from outside the United States, your information may be processed in the United States and other countries where we or our providers operate. Those countries may have data protection laws different from those in your location.
13. Changes and contact
We may update this Privacy Policy from time to time. If we make material changes, we will update the effective date and provide additional notice where required by law.
For privacy questions or requests, contact ALLWEONE at support@allweone.com.