AIDAC logoAIDAC

Privacy Policy

Last updated: February 27, 2026

1. Information We Collect

AIDAC (“we”, “our”, or “us”) collects information in the following ways:

  • Account information: name, email address, and OAuth profile data from Google, GitHub, or Apple when you register.
  • Architecture prompts and descriptions: text inputs you provide to generate diagrams.
  • Generated content: diagram images (PNG), diagram JSON, and Mermaid code produced by the platform.
  • Project metadata: project identifiers (UUID), project names, cloud provider selections, and diagram types.
  • Technical metadata: component counts, connection counts, and generation timestamps.
  • Device and browser data: IP address, user agent, and operating system.
  • Usage analytics: feature usage patterns and session data.

2. How We Use Your Information

We use your data to:

  • Generate architecture diagrams from your descriptions
  • Store and retrieve your projects and diagram history
  • Improve diagram generation quality
  • Enforce architectural governance rules you define
  • Provide customer support and ensure platform security

3. AI and Third-Party Services

AIDAC uses third-party AI models to generate diagrams from your descriptions:

  • Your prompts and architectural context are sent to third-party AI model providers (Together.ai) for diagram generation.
  • Only prompt text and architectural context are sent to AI providers. Personal account information (name, email) is NOT sent.
  • AI providers process data according to their own privacy policies.
  • Generated diagram images are stored on AIDAC infrastructure, not with AI providers.

4. Data in Tool Responses (MCP / Third-Party Platform Integration)

When used via third-party AI platforms (such as OpenAI), AIDAC tools return the following data:

  • Project identifier (UUID)
  • Project name (user-provided or auto-generated)
  • Diagram image (rendered PNG)
  • Diagram metadata (component count, connection count, cloud provider, diagram type)
  • Diagram URL for interactive viewing
  • Generation timestamp
  • For unauthenticated users: a registration link and guest status flag

We do NOT return: email addresses, personal account details, authentication tokens, internal server logs, or debug data in tool responses.

5. Information Sharing

We do NOT sell your personal information. We share limited data with the following service providers:

  • AI model providers (Together.ai): receive prompts for diagram generation
  • Cloud infrastructure (Railway, Supabase): host our services and store data
  • Analytics (Google Analytics): anonymized usage data
  • Legal authorities: if required by law or legal process

6. Data Storage and Retention

  • Projects and diagrams: retained while your account is active.
  • Guest data (via AI platforms): deleted after 30 days.
  • Server logs: retained for 90 days.
  • Account deletion: all associated data is removed within 30 days of your request.

7. Data Security

We use TLS encryption for data in transit and encryption at rest. Access controls and authentication are enforced across all services. We conduct regular security reviews. However, no system is 100% secure.

8. Your Rights

You have the right to:

  • Access, correct, export, or delete your personal information
  • Request a full data export of your projects and account data
  • Opt out of analytics tracking

To exercise these rights, contact us at privacy@aidac.app. We will respond within 30 days.

9. Guest Users via Third-Party Platforms

  • Guest users are assigned an anonymous temporary identifier that is not linked to any personal identity.
  • No personal information is collected from guest sessions.
  • Guest diagrams are stored for 30 days and then automatically deleted.

10. Cookies and Tracking

  • Essential cookies: used for authentication and session management.
  • Analytics cookies: Google Analytics for usage insights. You can opt out via your browser settings.
  • We do not use advertising or third-party tracking cookies.

11. International Data Transfers

Your data may be processed in the United States and Australia. Our service providers comply with applicable data protection standards.

12. Children's Privacy

AIDAC is not intended for users under the age of 16. We do not knowingly collect personal information from children.

13. Updates to This Policy

We may revise this Privacy Policy from time to time. Changes will be posted here with the updated date. Material changes will be communicated via email or a notice on the platform.

14. Contact

For any privacy-related questions, please email privacy@aidac.app or support@aidac.app.