Last updated: March 2026
We collect the minimum information needed to provide the service: your email address, display name, and account credentials. We also store encrypted API keys for your AI providers.
We never access, read, or store your chat conversations, AI sessions, agent execution data, or any content processed by your assistant. Your assistant container runs in isolation with encrypted storage. The Go API only queries gateways with operator.read scope (metadata only).
API keys are stored encrypted (AES-256-GCM) and used solely to configure your assistant container. They are passed to your container as environment variables via Nomad and never logged or transmitted to third parties.
Account data is stored in a PostgreSQL database hosted on Supabase. Tenant data (assistant configuration, credentials) is stored on encrypted JuiceFS volumes with AES-256-GCM client-side encryption and per-tenant POSIX isolation.
When you delete your assistant, all associated data (container, encrypted storage directory, channel credentials, config backups) is permanently removed. You can request full account deletion by contacting support.
We use Supabase (database), Hetzner (infrastructure), and Cloudflare (DNS). Authentication may use Google OAuth. We do not sell, share, or monetize your data in any way.
For privacy-related questions, contact us at support@chelar.ai.