Privacy Policy

Last Updated: 3 February 2025

Welcome to Avenlis Copilot and Avenlis Prompt Attack (“we,” “our,” “us”). Your privacy is of utmost importance to us. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you use our AI-powered applications specializing in AI Red Teaming and Security concepts (the “Services”). By using our Services, you consent to the data practices outlined in this Privacy Policy.

Information We Collect

We collect limited personal data necessary for authentication, service functionality, and communication.

• Authentication Information: We use Google Third-Party Authentication for login. We do not require or store usernames and passwords. Your Google-authenticated email is stored for authentication and communication purposes.

• User Prompts & Query Data: We store your query inputs and message history to enhance your experience. Your prompts are NOT used to train our AI models. Query data is processed locally on our servers and not shared with third parties.

• Communication Data: We may use your Google-authenticated email to send updates, security advisories, and relevant product-related content. You can opt-out at any time.

How We Use Your Information

• Authentication: Your Google login credentials verify your identity and grant you access to our Services.

• Service Enhancement: We store prompts and message history to provide a seamless experience.

• Security & Compliance: AI interactions and system logs are analyzed to maintain service integrity.

• Communication: We may send product updates, security advisories, and relevant content. You can unsubscribe anytime.

Data Storage & Security Measures

• Local Hosting & Processing: Our AI models are hosted in Singapore. No cloud storage is used.

• Data Retention: User prompts and history are stored only as needed. Data deletion requests are processed promptly.

• Security Measures: We implement access control, secure data storage, and system hardening techniques.

Data Sharing & Disclosure

• We do not sell, rent, or share your personal data with third parties.

• Information may be disclosed if required by Singaporean law or for security threat mitigation.

• If our Services undergo restructuring or acquisition, user data may be transferred with prior notice.

Your Rights Under Singapore’s PDPA

• Access & Correction: You can request access to your personal data and correct inaccuracies.

• Opt-Out: Unsubscribe from communications via email opt-out links.

• Data Deletion: Request deletion of authentication data and stored prompts.

• Security Concerns: Report security issues to our team at tech@staterasolv.com.

Cookies & Tracking

We do not use cookies, third-party trackers, or analytics tools. AI interactions are processed locally.

International Data Transfers

All user data remains within Singapore. We do not transfer data outside of Singapore unless legally required.

Compliance with Singapore’s PDPA

• Explicit user consent is obtained before data collection.

• Transparency in data storage, retention, and security measures.

• Strict security controls prevent unauthorized data access.

• Opt-out options are provided for communications.

• User data is retained only as necessary, with deletion options.

Updates to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, regulatory requirements, or security measures. We will notify users via:

• Email notifications

• In-app announcements

Your continued use of our Services after updates constitutes acceptance of the revised policy.

Contact Information

• Data-related issues: ng@staterasolv.com

• Security/Bug Reports: tech@staterasolv.com

By using our Services, you acknowledge that you have read and understood this Privacy Policy and consent to the outlined practices.