Privacy Policy
Effective date: February 28, 2026 · Last updated: February 28, 2026
Summary
persīv collects only what is necessary to operate the service. We do not sell your personal data. We do not use your code or AI prompts to train models. You can request deletion of your data at any time by emailing privacy@persiv.ai.
1. Who We Are
persīv is a product of Two Coils LLC ("persīv," "we," "us," or "our"). We provide a downloadable AI-assisted coding IDE and associated web portal at persiv.ai. Our contact details are:
- Email: privacy@persiv.ai
- General inquiries: hello@persiv.ai
For users located in the European Economic Area (EEA) or United Kingdom, persīv acts as the data controller for personal data collected through this service.
2. Information We Collect
2.1 Account Information
When you create an account, we collect your name, email address, and hashed password. If you sign in via Apple, we receive a unique identifier and, if you choose, your email address from Apple.
2.2 Billing Information
Payment processing is handled entirely by Stripe. We do not store credit card numbers or bank details. We retain Stripe customer IDs and subscription status to manage your account.
2.3 Usage Data
We collect anonymized telemetry about feature usage (e.g., which models are selected, number of messages sent, approximate token counts) to improve the product and enforce plan limits. This data is associated with your account but is not sold or shared with third parties for advertising.
2.4 API Keys
If you provide third-party API keys (e.g., OpenAI, Anthropic), they are encrypted at rest in our database and transmitted to the relevant provider only to fulfill your requests. We do not log, inspect, or retain the content of API responses beyond what is necessary to display them to you. Keys are never shared with other users or organizations.
2.5 AI Prompts and Code
When using cloud models (Claude, GPT-4o, Gemini, etc.), your prompts are transmitted to the relevant provider via a passthrough proxy. We do not store, log, or use the content of your prompts or code for any purpose, including model training. When using the local Looking Glass model, all inference occurs on your device and no data is transmitted to us.
2.6 Log Data
Our servers automatically log IP addresses, browser or IDE version, request timestamps, and HTTP status codes for security monitoring and debugging. These logs are retained for 30 days and then deleted.
2.7 Cookies and Sessions
We use strictly necessary session cookies to keep you logged in to the web portal. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. We do not track users across third-party websites and therefore do not respond to Do Not Track (DNT) browser signals.
3. How We Use Your Information
We use the information we collect to:
- Provide and maintain the persīv service
- Process payments and manage subscriptions
- Enforce usage limits and budget controls
- Send transactional emails (e.g., account confirmation, password reset, billing receipts)
- Respond to support requests
- Detect and prevent fraud, abuse, and security incidents
- Comply with applicable legal obligations
We do not use your data for advertising, profiling, or sale to third parties. We do not send marketing emails without your explicit opt-in.
4. Legal Bases for Processing (EEA / UK Users)
If you are located in the EEA or United Kingdom, we process your personal data under the following legal bases:
- Contract performance — to provide the services you have signed up for
- Legitimate interests — for security monitoring, fraud prevention, and product improvement (where these interests are not overridden by your rights)
- Legal obligation — to comply with applicable laws (e.g., tax, financial regulations)
- Consent — for any optional processing (e.g., marketing communications), which you may withdraw at any time
5. Sharing and Disclosure
We share data only with the following categories of service providers ("subprocessors") under appropriate data processing agreements:
| Subprocessor | Purpose | Location |
|---|---|---|
| Fly.io | Application hosting & compute | USA |
| Neon | PostgreSQL database | USA |
| Stripe | Payment processing | USA |
| Anthropic | LLM inference (passthrough only) | USA |
| OpenAI / Google / others | LLM inference (passthrough only) | USA |
| Resend | Transactional email delivery | USA |
| Apple | Sign in with Apple (authentication) | USA |
| Google Sign-In (authentication) | USA | |
| Tigris (S3-compatible) | Release artifact storage & delivery | USA |
We may also disclose information if required by law, court order, or government authority, or if necessary to protect the rights, property, or safety of persīv or its users.
6. International Data Transfers
persīv is operated from the United States. If you access the service from outside the United States, your information may be transferred to and processed in the United States. For transfers from the EEA or UK, we rely on Standard Contractual Clauses (SCCs) as an appropriate safeguard under GDPR Chapter V.
7. Data Retention
We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal, financial, or fraud-prevention purposes (typically up to 7 years for billing records as required by US tax law). Server access logs are retained for 30 days. Error and security logs (which may include IP addresses and request metadata) are retained for up to 90 days to support debugging and incident response, then automatically purged.
8. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access — request a copy of the data we hold about you
- Correction — request correction of inaccurate or incomplete data
- Erasure ("right to be forgotten") — request deletion of your personal data
- Portability — receive your data in a structured, machine-readable format
- Objection — object to processing based on legitimate interests
- Restriction — request that we restrict processing in certain circumstances
- Withdraw consent — where processing is based on consent, withdraw it at any time without affecting prior lawful processing
California residents have additional rights under the CCPA / CPRA, including the right to know what personal information is collected, the right to delete, and the right to opt out of the sale or sharing of personal information. We do not sell or share personal information for cross-context behavioral advertising.
To exercise any of these rights, email privacy@persiv.ai. We will respond within 30 days (45 days for CCPA requests). We may need to verify your identity before processing your request.
9. Security
We implement industry-standard security measures including TLS encryption in transit, encryption at rest for sensitive data (API keys, tokens), hashed and salted passwords, and role-based access controls. No system is 100% secure, and we cannot guarantee absolute security. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify affected users and relevant supervisory authorities as required by applicable law.
10. Children's Privacy
persīv is not directed to children under the age of 13 (or 16 in the EEA where applicable). We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us at privacy@persiv.ai and we will promptly delete it.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a prominent notice in the web portal at least 30 days before the changes take effect. Continued use of the service after changes take effect constitutes acceptance of the revised policy.
12. Contact and Complaints
For privacy-related questions or requests, contact us at privacy@persiv.ai.
If you are located in the EEA and believe we have not addressed your concern adequately, you have the right to lodge a complaint with your local data protection authority (e.g., the ICO in the UK, or your national supervisory authority within the EU).