Your data belongs to you.
Technically.
Citerius Holdings LLC, doing business as alaivOS ("we," "us," "our"), operates the alaivOS mobile application and website at alaivos.com. This Privacy Policy explains how we collect, use, and protect your information.
Our Core Principle
Your data is stored locally on your device and encrypted end-to-end using the Signal Protocol. We cannot read your messages, notes, health data, financial information, or personal content. This is not a policy — it is a technical guarantee enforced by encryption.
What Data Stays on Your Device
The following data is stored locally on your device and never transmitted to our servers in readable form:
- Personal notes, messages, and AI conversations with Laiv
- Financial transactions, budgets, and bank account data
- Health readings, mood entries, medication logs, and wellness data
- Pregnancy tracking, baby care logs, and family health information
- Photos, media, and AI-generated tags
- Calendar events, contacts, and relationship data
- Sessions, Capsules, and checkpoint data
- Mode configurations and personal preferences
- AI model processing and on-device inference results
When you enable cloud sync, this data is encrypted on your device before transmission. Our servers store only encrypted blobs that we cannot decrypt.
What We Do Collect
We collect limited data necessary to operate the service:
Account Information
Email address, display name, and authentication credentials when you create an account. Required to provide the service.
Subscription Status
Your subscription tier (Starter, Spark, Core, Pro, or Elite) and billing status. Managed through Apple App Store, Google Play Store, or Stripe. We do not store payment card details.
Device Information
Device model, operating system version, and app version. Used to ensure AI model compatibility and app performance.
Crash Reports
Anonymous crash logs to identify and fix bugs. These contain no personal content.
Referral Data
If you use or share a referral code, we track which users were referred by whom to credit rewards. We do not share your personal data with referrers. Referrers see only aggregate counts.
Third-Party Services
Banking Providers
We use Plaid (United States), Belvo (Latin America), and TrueLayer (United Kingdom and European Union) to connect your bank accounts. When you use the Bank Sync add-on:
- Your bank credentials are entered directly into the banking provider's secure interface. alaivOS never sees or stores your bank login credentials.
- Transaction data is transmitted from the banking provider to your device and stored locally.
- We do not store your transaction data on our servers.
- Each banking provider has their own privacy policy governing how they handle your credentials.
Text-to-Speech Providers
We do not store generated audio on our servers.
Ghost Protocol
When you use Ghost Protocol, your AI queries are encrypted before transmission and processed on our private servers running open-source AI models (Qwen). We do not log, store, or analyze your queries or the AI responses. Results are encrypted and delivered to your device.
Ghost Protocol uses a credit-based model. Credits are the only gate — all capabilities are available at every Ghost tier.
Cloud Sync
If you enable multi-device sync, your data is encrypted on your device using the Signal Protocol before being transmitted to our cloud infrastructure hosted on our encrypted cloud infrastructure. The data stored on our servers is encrypted and unreadable to us or any third party.
Health Data Integration
alaivOS can import data from Apple Health (iOS) or Health Connect (Android). This integration is read-only — we read data from these services but never write data back. Imported health data is stored locally on your device and is never transmitted to our servers.
Capsules and Marketplace
Capsule files (.alaiv) are data-only files containing structured activity content. They contain no executable code, tracking pixels, or analytics. When you install a Capsule from the Marketplace, the content is stored locally on your device.
When you create and share Capsules, only the content you explicitly include in the Capsule is shared. Your personal data, health information, and usage patterns are never included.
Groups
When you create or join a group, shared data within that group (calendar events, lists, chat messages, shared projects) is visible to group members. Each group member has their own account with their own encryption keys.
Group members never see your:
- Personal finances (unless explicitly shared via expense splitting)
- Health or wellness data
- Personal notes, AI conversations, or private content
- Individual mode settings
Trusted Contacts
If you designate a trusted contact, they receive only the specific alert messages you have authorized (such as medication reminders or activity notifications). Trusted contacts never receive raw health data, financial information, or personal content. You can revoke trusted contact access at any time.
Children's Privacy
alaivOS is not directed at children under 16. Given its integration of health tracking, financial tools, and AI features, we enforce a minimum age of 16. We do not knowingly collect personal information from users under 16. If we discover an account belongs to a user under 16, we will immediately terminate the account and delete all associated cloud data.
COPPA (US): We do not knowingly collect personal information from children under 13 as defined by the Children's Online Privacy Protection Act. If you believe a child under 13 has provided us with personal information, please contact us at support@alaivos.com and we will delete it promptly.
GDPR Article 8 (EU): For users in EU member states that set the digital consent age at 16, our minimum age policy aligns with this requirement by design.
Data Retention and Deletion
Your data lives on your device. If you delete the app, your local data is deleted with it. If you have cloud sync enabled, you can request deletion of your encrypted cloud data by contacting us at support@alaivos.com. We will delete your account and all associated encrypted data within 30 days.
Data Sharing
We do not sell, rent, trade, or share your personal data with third parties for advertising, marketing, or any commercial purpose. We do not serve advertisements. We do not allow third parties to track you through our application.
We may disclose information only if required by law, such as in response to a valid court order or government request. Given that most of your data is encrypted and unreadable to us, our ability to produce meaningful data in response to legal requests is extremely limited.
International Data Transfers
If you use cloud sync, encrypted data may be stored on servers located in the United States or European Union. Because the data is encrypted end-to-end before leaving your device, the geographic location of storage does not affect the privacy of your information.
Your Rights
Depending on your jurisdiction, you may have the right to:
- Access your personal data — your data is on your device, you already have it
- Request deletion of your account and cloud data
- Opt out of any data collection (most collection is already optional)
- Data portability — export your data from the app
Jurisdiction-Specific Rights
Washington State — My Health My Data Act (MHMD)
For users in Washington State, alaivOS complies with the My Health My Data Act. Our device-only health data architecture satisfies the Act's requirements by design — health data is never collected by Citerius Holdings LLC and never transmitted to our servers. We do not perform geofencing around healthcare facilities. Explicit opt-in consent is obtained before any health data is accessed. To submit a consumer health data rights request, contact support@alaivos.com.
European Union & United Kingdom — GDPR / UK GDPR
Our local-first architecture satisfies GDPR's Privacy by Design and by Default mandate (Article 25). For your right to erasure (Article 17): your local data is deleted by uninstalling the app; cloud metadata is deleted within 30 days of an account deletion request. For other GDPR rights (access, portability, rectification, restriction), contact support@alaivos.com. We will respond within 30 days.
Brazil — LGPD
In compliance with the Lei Geral de Proteção de Dados (LGPD), Citerius Holdings LLC acts as the data controller for the limited account information we collect (email, subscription status). The legal basis for processing is contract performance (Article 7, II) and legitimate interest (Article 7, IX). We have designated a Data Protection Officer reachable at support@alaivos.com. International transfers of your data (to our US-based infrastructure) are conducted under appropriate safeguards. To exercise your LGPD rights (access, correction, deletion, portability, opposition), contact us at the address below.
Mexico — LFPDPPP
En cumplimiento con la Ley Federal de Protección de Datos Personales en Posesión de los Particulares (LFPDPPP) y sus reformas de 2025, Citerius Holdings LLC informa: Responsable: Citerius Holdings LLC. Datos recopilados: correo electrónico y estado de suscripción únicamente. Finalidad: gestión de cuenta y prestación del servicio. Transferencias: ninguna a terceros con fines comerciales. Para ejercer sus derechos ARCO (Acceso, Rectificación, Cancelación, Oposición), contacte a support@alaivos.com. La autoridad supervisora es la Secretaría Anticorrupción y de Buen Gobierno (SABG).
Changes to This Policy
We will notify you of material changes to this policy through the app or by email. The updated policy will be posted at alaivos.com/privacy with the new effective date.
Contact Us
For privacy inquiries or data deletion requests:
Related policies: Health Data Privacy · Billing Terms · Law Enforcement Guidelines · Warrant Canary