Privacy Policy
Privacy Policy
Effective Date: November 1, 2025Adora AI ("we," "us," or "our") provides an AI operating system that lets you access and orchestrate multiple AI models through a unified platform on web and mobile. We take your privacy seriously and are committed to being transparent about how we handle your data.
This Privacy Policy explains what personal data we collect, how we use it, and your rights and choices.
1. Scope
This Privacy Policy applies to personal data we collect when you:
- Visit our website at adoraos.com
- Use Adora AI as an individual user ("Services")
- Access Adora AI through your organization's enterprise account ("Business Services")
Services (Individual Users)
When you use Adora AI as an individual, we act as the data "controller", meaning we decide how your personal data is handled, subject to this Privacy Policy and applicable law.
Business Services (Enterprise Customers)
When your organization provides you access to Adora AI, your organization controls how your data is handled. In this case, we act as a "processor" and handle data according to our agreement with your organization. Your organization's privacy policy applies to that data.
However, we still control certain data even for Business Services users, including:
- Account and authentication data
- Payment and billing information
- Data needed for security and fraud prevention
2. Personal Data We Collect
Personal Data You Provide
Account Information. When you create an account, we collect your name, email address, and password. If you sign up through a provider like Google or Microsoft, we receive basic profile information from them. Payment Information. If you purchase a paid plan, our payment processor collects your payment card or bank account information. We store only the last four digits of your card and your billing address. Content You Create. We collect the inputs you provide (prompts, questions, uploaded files) and the outputs generated for you (AI responses, documents). This is necessary to provide the Services. Communications. When you contact us for support or feedback, we collect your messages, email address, and any attachments you send. Profile Information. You can optionally provide information like your job title, organization, and professional role to help us personalize your experience.Personal Data We Receive from Your Use of the Services
Usage Data. We collect data about how you interact with Adora AI, including:- Features you use
- Models you select
- Pages you visit
- Time spent in the application
- Searches and actions
- Device type, operating system, and browser
- IP address (which reveals your approximate location)
- Network information
- Error messages and diagnostics
- Performance metrics
- Access times and dates
Information from Other Sources
Single Sign-On. If you log in using Google, Microsoft, or another provider, we receive basic profile information (name, email, profile photo) from them. AI Model Providers. When you use third-party AI models through our platform, those providers may share usage metadata with us (such as response time and token counts) but not your conversation content. Payment Processors. Our payment partners share transaction status and partial payment details with us.3. How We Use Personal Data
We use personal data to:
Provide and Maintain Our Services
- Operate Adora AI and process your requests
- Authenticate you and maintain your account
- Store your conversations and uploaded files
- Route your requests to the AI models you select
- Provide customer support
Improve and Develop Our Services
- Understand how people use Adora AI
- Identify and fix bugs
- Develop new features
- Conduct research and analysis
Communicate with You
- Send transactional emails (password resets, receipts, security alerts)
- Respond to your questions and requests
- Send product updates (you can opt out anytime)
Safety and Security
- Detect and prevent fraud and abuse
- Enforce our Terms of Service and Usage Policies
- Protect against security threats
- Investigate violations and harmful content
Legal and Compliance
- Comply with applicable laws and regulations
- Respond to legal requests (subpoenas, court orders)
- Enforce our agreements and protect our rights
4. Disclosure of Personal Data
We share personal data in the following circumstances:
Service Providers
We share data with vendors who help us operate Adora AI, including:
- Cloud hosting providers (AWS, Google Cloud, Microsoft Azure)
- AI model providers (when you use their models)
- Payment processors (Stripe, PayPal)
- Email and communication services
- Security and analytics tools
These providers are contractually required to protect your data and use it only for the purposes we specify.
Business Services Customers
If you use Adora AI through your employer or organization, we may share data with your organization's administrators as needed for them to manage your access.
Legal Requirements
We disclose data when required by law or when we believe disclosure is necessary to:
- Comply with legal obligations (court orders, subpoenas)
- Protect our rights or property
- Prevent fraud or security threats
- Protect user safety
We will notify you of legal requests for your data unless prohibited by law.
Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your personal data may be transferred. We will notify you before your data becomes subject to a different privacy policy.
With Your Consent
We may share data with third parties when you explicitly consent—for example, when you connect third-party integrations to your account.
Aggregated or De-Identified Data
We may share aggregated or de-identified data that cannot reasonably identify you (for example, usage statistics or trends).
We do not sell your personal data. We have never sold user data and never will.5. Data Retention
We retain your personal data only as long as necessary to provide our Services and fulfill the purposes described in this Privacy Policy.
Content (Inputs and Outputs). For individual Services users, we retain your conversations and uploaded files until you delete them or close your account. For Business Services, your organization controls retention periods. Account Data. We keep your account information for as long as your account is active, plus 30 days after closure. Log Data. We retain logs for 30 days by default, unless longer retention is needed for security investigations. Billing Records. We keep transaction records for 7 years to comply with tax and financial regulations. Deleted Data. When you delete content or close your account, we permanently delete your data from our active systems within 30 days and from backups within 90 days. Business Services. Enterprise customers can configure custom retention policies, including zero-retention mode where data is not stored after session ends.6. Your Rights
Depending on where you live, you may have rights to:
Access Your Data. You can request a copy of your personal data. Correct Your Data. You can update inaccurate information in your account settings or by contacting us. Delete Your Data. You can delete your content or entire account at any time. Go to Settings → Profile → Delete Account. Deleting your account requires email verification. Export Your Data. You can download your data in JSON or CSV format from Settings → Export Data. Opt Out of Training. Individual users can opt out of having their data used to improve AI models. Go to Settings → Privacy → Model Improvement. (Business Services customers are opted out by default.) Manage Cookies. You can control cookies through your browser settings or our cookie preferences. Unsubscribe from Marketing. Click "unsubscribe" in any marketing email, or update your preferences in Settings.To exercise these rights or if you have questions, contact us at privacy@adoraos.com. We will respond within 30 days.
Business Services Users: For data controlled by your organization, please contact your organization's administrator or privacy office.We will not discriminate against you for exercising your privacy rights.
7. Security
We implement commercially reasonable technical and organizational measures to protect your personal data, including:
- Encryption of data in transit (TLS 1.3) and at rest (AES-256)
- Regular security audits and penetration testing
- Access controls and authentication requirements
- Monitoring for security threats and anomalies
- Employee training on data protection
However, no system is completely secure. If we become aware of a security breach affecting your data, we will notify you promptly as required by law.
8. International Data Transfers
Adora AI is based in the United States. If you access our Services from outside the US, your data will be transferred to and processed in the US and other countries where we or our service providers operate.
For users in the European Economic Area, UK, and Switzerland, we rely on Standard Contractual Clauses and other legal mechanisms approved by regulators to protect your data during international transfers.
Business Services customers can request data residency options to store data in specific regions. Contact support@adoraos.com for details.
9. Children's Privacy
Adora AI is not intended for children under 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at privacy@adoraos.com and we will delete it.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. If we make significant changes, we will notify you by email or through a prominent notice in the Services at least 30 days before the changes take effect.
Previous versions of this Privacy Policy are available upon request.
11. How to Contact Us
If you have questions about these Terms, our Privacy Policy, or the Services, please contact us:
General Support & Enterprise: support@adoraos.comPrivacy & Legal: privacy@adoraos.com
Security Issues: security@adoraos.com
Mailing Address:
Adora AI
2100 N Greenville Ave, Suite 500
Richardson, TX 75082