← Alfred
Terms of ServiceAI PolicySign up free

Privacy Policy

Last updated: February 25, 2026

Introduction

Welcome to Alfred ("we," "our," or "us"). We are committed to protecting your privacy and being transparent about how we handle your data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI assistant service.

By using Alfred, you agree to the collection and use of information in accordance with this policy.

Beta Service Notice

Alfred is currently in beta testing. During this phase:

  • Additional logging: We may collect enhanced diagnostic and debugging data to improve service quality and identify issues.
  • Evolving policies: Our data retention and processing practices may change as we refine the service. We will notify users of significant changes.
  • Active development: Features and functionality are subject to change based on testing results and user feedback.
  • Google Workspace integration: Currently in beta and available to selected users. We may collect additional diagnostic data to improve the integration quality.

1. Information We Collect

1.1 Information You Provide

Account Information:

  • Email address (required)
  • First and last name (required)
  • Payment information (processed securely through Stripe - we do not store credit card details)

Usage Data:

  • Conversations and queries you submit to Alfred
  • Files, images, and documents you upload
  • Feedback and ratings you provide
  • Support requests and communications

1.2 Automatically Collected Information

Technical Data:

  • IP address (used for rate limiting and abuse prevention)
  • Browser type and version
  • Device information and operating system
  • Usage patterns and request metadata (retained in server logs)
  • Session duration and frequency

We use device fingerprinting for trial abuse prevention. Browser and device signals are used solely to detect multiple free trial accounts — not for advertising or persistent tracking.

Cookies:

  • We use cookies to maintain your authenticated session
  • We do not use advertising or third-party tracking cookies

2. How We Use Your Information

2.1 Primary Uses

We use your information to:

  • Provide AI Services: Process your queries through our AI models
  • Improve Service Quality: Analyze usage patterns to enhance our AI routing and responses
  • Account Management: Manage your subscription, billing, and account settings
  • Customer Support: Respond to your questions and resolve issues
  • Security: Detect and prevent fraud, abuse, and security threats
  • Legal Compliance: Comply with legal obligations and enforce our Terms of Use

2.2 AI Model Training

We do not use your conversations or data to train AI models.

Your queries are forwarded to third-party AI providers solely to generate your response. We do not retain query content beyond what is needed to provide your conversation history. We do not share your data with any provider for training purposes.

Training practices vary by provider. OpenAI and Anthropic explicitly do not use API data for training by default. Google's free-tier API may use data for service improvement per their terms. See our AI Usage Policy for a full per-provider breakdown.

3. How We Share Your Information

3.1 Third-Party AI Model Providers

Critical Information: When you use Alfred, your queries are processed by third-party AI model providers:

Text Generation Providers:

  • Anthropic (Claude Sonnet, Claude Haiku) - USA
  • Google (Gemini Flash) - USA
  • Meta (Llama 4 Scout via Groq) - USA

Image Generation Providers:

  • FAL.ai (FLUX models, Recraft, Bria, HiDream, and other specialized models) - USA
  • OpenAI (DALL-E 3) - USA
  • Google (Imagen 3, Imagen 4) - USA

Embeddings & Other Services:

  • Google (Gemini embeddings, used for intent classification) - USA

What This Means:

  • Your queries and uploaded content are sent to these providers for processing
  • Each provider has their own privacy policy and data handling practices
  • All current providers are US-based. We select providers based on cost, quality, and geographic data residency
  • We use API endpoints (not consumer products) which have stricter data protection terms

Smart Routing:

  • We automatically route queries to the most appropriate AI model based on complexity and task type

3.2 Service Providers

We share data with trusted service providers who assist us:

  • Payment Processing: Stripe (payment information only)
  • Infrastructure: Microsoft Azure (cloud hosting)
  • Analytics: Internal analytics only (not shared with third parties)
  • Google Workspace: OAuth integration for Slides and Sheets export (optional, only if you connect your Google account)

All service providers are contractually obligated to protect your data.

3.3 Google Workspace Integration (Optional)

If you choose to connect your Google account to export AI-generated presentations and spreadsheets:

  • What we access: Only files created by Alfred (using the restricted drive.file scope)
  • What we store: OAuth access tokens and refresh tokens (encrypted in our database)
  • What we do: Export AI-generated presentations to Google Slides and spreadsheets to Google Sheets
  • What we don't access: Your existing Google Drive files, Gmail, Calendar, or other Google services
  • How to disconnect: You can revoke access at any time via Settings → Integrations

OAuth Scopes We Request:

  • spreadsheets - Create and edit Google Sheets from Alfred-generated data
  • drive.file - Access only files that Alfred creates, including exporting presentations to Google Slides (restricted scope - we cannot see your other Drive files)

Data Deletion:

  • When you disconnect Google Workspace or delete your account, OAuth tokens are immediately revoked with Google
  • Token records are deleted from our database within 30 days
  • Files in your Google Drive remain (they are yours)
  • We cannot access your Google account after disconnection

3.4 Legal Requirements

We may disclose your information if required by law:

  • To comply with legal process (subpoena, court order)
  • To protect our rights, property, or safety
  • To prevent fraud or security threats
  • In connection with a merger, acquisition, or sale of assets

3.5 What We Never Do

  • ❌ We NEVER sell your personal information
  • ❌ We NEVER share your data for advertising purposes
  • ❌ We NEVER use your conversations for third-party marketing
  • ❌ We do not share your data with AI providers for the purpose of training their models. However, some providers we use (notably Google on the free API tier) may process API requests in accordance with their own terms, which may include use for service improvement. See our AI Usage Policy for a full per-provider breakdown

4. Data Retention

4.1 Active Accounts

  • Conversations: Retained for the duration of your account to provide service continuity
  • Account Information: Retained while your account is active
  • Usage Data: Retained for up to 2 years for analytics and improvement

4.2 Deleted Accounts

When you delete your account:

  • Personal information is deleted within 30 days
  • Anonymized usage data may be retained for analytics
  • Backup copies are deleted within 90 days

4.3 Data Retention Controls

You can control your data:

  • Delete individual conversations at any time
  • Delete your entire account and all associated data
  • Export your conversation history before deletion

5. Data Security

We implement industry-standard security measures to protect your data and prevent abuse:

Technical Safeguards:

  • Encryption in transit (TLS/SSL for all connections)
  • Encryption at rest (Azure service-managed encryption for database and backups)
  • Secure authentication (bcrypt password hashing)
  • Secure session management
  • Regular security updates
  • Automated backups (7-day retention with point-in-time restore)
  • Device fingerprinting for trial abuse prevention (browser/device signals used to detect multiple free trial accounts — no persistent tracking beyond this purpose)

Operational Safeguards:

  • Access controls and authentication
  • Firewall rules and network security
  • Secure development practices
  • Monitoring for suspicious activity
  • Cloud infrastructure security (Microsoft Azure)

However: No method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

6. Your Rights and Choices

6.1 Access and Control

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update or correct your information
  • Deletion: Request deletion of your account and data
  • Export: Download your conversation history

6.2 Conversation Memory

Alfred automatically extracts and stores facts about you inferred from your conversations (for example, "User is VP of Engineering" or "User prefers Python"). This memory is used to personalise future responses.

  • Stored memories are associated with your account only
  • You can disable memory entirely via Settings → Preferences, or delete individual entries via Settings → Memory Management
  • Memories are permanently deleted when you delete your account

6.3 Data Controls

You can manage your data directly in your account:

  • Delete conversations: Remove individual conversations at any time from your chat history
  • Disable memory: Turn off memory collection entirely via Settings → Preferences
  • Delete memories: Remove individual inferred facts via Settings → Memory Management
  • Export your data: Download all your conversations via Settings → Account → Export Data
  • Delete your account: Permanently delete your account and all associated data via Settings → Account

6.4 Email Communications

We send the following service emails:

  • Email address verification on registration
  • Welcome email when your account is activated
  • Trial expiry reminders before your free trial ends
  • Account-related notifications, which may include information about usage limits or subscription options

All emails we send are directly related to your account and service. We do not send newsletters or third-party marketing emails.

7. Children's Privacy

Alfred is not intended for children under 13 years of age.

  • We do not knowingly collect data from children under 13
  • If we discover we have collected data from a child under 13, we will delete it immediately
  • Parents/guardians can contact us to request deletion of their child's data

8. International Data Transfers

Important for Non-US Users:

Alfred's servers are hosted on Microsoft Azure in the United States (East US 2 region):

  • Data is processed on secure cloud infrastructure in the US
  • All data encrypted in transit (TLS/SSL) and at rest (Azure encryption)
  • Automated backups with 7-day retention
  • US data protection laws apply to your data
  • By using Alfred, you consent to this data transfer and processing

For EU/UK Users:

  • We rely on Standard Contractual Clauses for data transfers
  • You have rights under GDPR (see Section 6)
  • Contact our Data Protection Officer for GDPR-related requests

9. Third-Party Links

Alfred may contain links to third-party websites or services:

  • We are not responsible for their privacy practices
  • We encourage you to review their privacy policies
  • Our Privacy Policy does not apply to third-party services

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time:

  • We will notify you of material changes via email or in-app notification
  • Continued use after changes constitutes acceptance
  • Previous versions will be archived and available upon request

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights:

Right to Know:

  • Categories of personal information collected
  • Sources of personal information
  • Business purposes for collection
  • Categories of third parties we share with

Right to Delete:

  • Request deletion of your personal information
  • Subject to certain exceptions (legal obligations, security)

Right to Opt-Out:

  • We do not sell personal information (no opt-out needed)

Right to Non-Discrimination:

  • We will not discriminate against you for exercising your rights

To Exercise Your Rights:

  • Email: support@snrblabs.com (include "California Privacy Rights" in the subject line)
  • We will respond within 45 days

12. European Privacy Rights (GDPR)

If you are in the EU/UK, you have additional rights:

Legal Basis for Processing:

  • Contract performance (providing AI services)
  • Legitimate interests (service improvement, security)
  • Consent (optional features like training data)

Your Rights:

  • Right to access your data
  • Right to rectification (correction)
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent

Privacy Contact:

  • Email: support@snrblabs.com (include "EU/UK Privacy Request" in the subject line)
  • We will respond within 30 days

Supervisory Authority:

  • You have the right to lodge a complaint with your local data protection authority

13. Contact Us

If you have questions about this Privacy Policy or our data practices:

  • Email: support@snrblabs.com
  • Company: SNRB Labs LLC

Please include the nature of your request in your email (data access, deletion, privacy question, security concern) and we will respond appropriately.

14. Transparency Commitments

We believe in transparency about data handling:

14.1 Model Provider Transparency

A current list of all AI model providers we use, along with their privacy policies, is available in our AI Usage Policy. This list is updated when providers change.

14.2 Data Breach Notification

In the event of a data breach:

  • We will notify affected users as soon as possible
  • We will provide details about the breach and remediation steps
  • We will report to relevant authorities as required by law

Acknowledgment

By using Alfred, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.

Last Updated: February 25, 2026
Version: 1.4