HomeLegalPrivacy Policy

Privacy Policy

What data exists, where it lives, who can read it, and what moves where. The same as on the privacy page, but in legal language.

Last updated · 23 May 2026 · v1.0 · GDPR-compliant

1. Who we are

Avelina AI is operated by the Architect ("we", "us", "the Provider"). For privacy questions — via the Architect's Telegram.

2. The fundamental architecture

Avelina is installed on your own server. The overwhelming majority of personal data — conversations, memory, shared history, API keys, backups — never leaves your server and is inaccessible to us. This is intentional and is the central commitment of the product.

3. What data exists on your server (and only there)

  • Telegram messages between you and Avelina
  • The four-layer memory: claims, journal, lessons, worldview
  • The identity core: emotional state, drives, wisdom, pending tasks
  • The full conversation history (FTS5 + vector embeddings)
  • API keys (Anthropic, OpenAI, optional) — encrypted in .env
  • Daily and weekly backups

We have no remote access to any of this. We cannot read it. We cannot hand it over on request — because we do not have it.

4. What outbound traffic your installation generates

4.1 Anthropic

The prompts from your conversations go to Anthropic so that Claude can generate Avelina's responses. Governed by your own Anthropic subscription. We are not a party to that relationship. To Anthropic you are the customer; we are the software author.

4.2 OpenAI (if configured)

Voice transcription (Whisper), TTS (Nova), embeddings — governed by your own OpenAI subscription. The same position as with Anthropic.

4.3 Anonymized findings to the master copy (can be turned off)

Weekly self-audits create anonymous patterns — counters, error categories, capability gaps — that are sent back to the master copy. This data contains no message content and no identifiers. The schema is described in the Academy.

Turned off in .env. Once turned off, your installation is invisible to the accumulated experience of the fleet.

5. What we receive from the purchase

When you buy a license, payment goes through Telegram via Tribute. We receive:

  • Your Telegram username/handle
  • The fact of payment, the amount, and the plan
  • Any data you voluntarily share during installation planning (the VPS IP, root credentials — used only during the installation session, transmitted over encrypted SSH, and deleted from the Architect's records within 24 hours after the installation is complete)

We do not receive: card numbers, billing addresses, bank details. The payment provider handles those under its own policy.

6. Cookies on this site

The site (avelina.ai) uses:

  • One functional cookie — to remember consent. It cannot be turned off (otherwise we would have to ask on every visit).
  • Cookieless analytics (Plausible / PostHog) — page views, scroll depth, CTA clicks. IPs are hashed at the source. No personal profiles are built.

We do not use advertising cookies, tracking pixels, third-party social cookies, or session replay. There is no retargeting across the open web.

7. Your GDPR rights

7.1 Right of access

The data is already on your server. Run avelina export to package it into a portable archive.

7.2 Right to be forgotten

Run avelina uninstall followed by deleting the backups directory. None of your data remains anywhere else. Your Telegram username in our purchase records can be erased on request to the Architect — usually within 7 days.

7.3 Right to portability

The export from §7.1 is a portable archive. You can take it anywhere.

7.4 Right to object to processing

Turn off the anonymized-findings stream in .env. Turn off site analytics via the cookie banner.

8. Data retention

On your server: for as long as the installation runs. Backups roll over per the policy in §3. After uninstall — nothing of ours remains.

In the Architect's purchase records: Telegram handle + plan + purchase date, kept for as long as the law of the jurisdiction requires for accounting / tax records (typically 7 years). On request, the handle is anonymized to OWNER-{hash} with no possibility of reverse mapping.

9. Children

Avelina is not intended for children under 16. The Architect deliberately does not install Avelina for Owners who state that it will be used by children under 16. If there is reason to believe an Owner is a child, contact the Architect.

10. International transfers

Conversation traffic to Anthropic and OpenAI is governed by those providers' international transfer mechanisms (typically SCCs for subjects in the EU). Read Anthropic's privacy policy and OpenAI's policy for the full picture.

11. Updates to this policy

Material changes are announced in the Avelina Academy channel and via Telegram to active Owners. The "last updated" label at the top of the page reflects the current version.

12. Complaints and the supervisory authority

If you believe your privacy rights have been violated — first write to the Architect on Telegram; most matters are resolved in a couple of messages. EU residents always have the right to lodge a complaint with their national data protection authority.

This policy is the primary document. The plain-language summaries on the other pages of the site are descriptive; this document and the Terms define the rights.