LEGAL

Privacy Policy

Last updated: 19 April 2026

1. Who We Are

Dear Wise Earth Inc ("we", "us", "our"), operating under the trading name "Vigilia", provides the AI compliance reporting platform at aivigilia.com. Dear Wise Earth Inc is the data controller for personal data collected through the Service. For any privacy-related enquiries, contact us at: gregorio.vonhildebrand@aivigilia.com

2. What Data We Collect

Account data: When you create an account, we collect your email address. We use Supabase for authentication; passwords are hashed and never stored in plain text.

Agent and workspace data: Data you submit about your AI agents, data sources, relationships, and governance policies is stored to generate your compliance reports. This data remains yours and is not shared with third parties.

Payment data: We use a third-party payment processor to handle transactions. We do not store your full card number or payment credentials. We retain transaction records (amount, date, report ID) for accounting and legal compliance.

Usage data: We collect standard server logs including IP addresses, browser type, pages visited, and timestamps for security and service improvement purposes.

Communications: If you contact us by email, we retain those communications to respond to your enquiries.

3. How We Use Your Data

We use your data to:

  • Provide, operate, and improve the Service
  • Generate compliance reports based on the agent data you submit
  • Process payments and maintain transaction records
  • Send transactional emails (account creation, report ready, payment confirmation)
  • Respond to support enquiries
  • Detect and prevent fraud and abuse
  • Comply with legal obligations

We do not use your agent data to train AI models, sell data to third parties, or conduct profiling for advertising purposes.

4. Legal Basis for Processing (GDPR)

If you are based in the European Economic Area, we process your personal data under the following legal bases:

  • Contract performance: Processing necessary to deliver the Service you have purchased
  • Legitimate interests: Security, fraud prevention, and service improvement
  • Legal obligation: Retaining transaction records as required by applicable law
  • Consent: Newsletter and update emails, where you have explicitly opted in

5. Data Storage and Security

Your data is stored securely using Supabase (PostgreSQL), hosted on infrastructure within the European Union or United States with appropriate data transfer safeguards in place (Standard Contractual Clauses where applicable).

We implement industry-standard security measures including encrypted connections (TLS), row-level security on our database, and restricted internal access. No system is 100% secure; in the event of a data breach affecting your rights, we will notify you as required by applicable law.

6. Data Retention

We retain your account and workspace data for as long as your account is active. If you close your account, we delete your personal data within 90 days, except where retention is required by law (e.g. financial records, which are retained for 7 years in most EU jurisdictions).

Generated compliance reports are retained in your account for 12 months after creation, after which they are deleted from our systems. You should download and store your report if you need it for longer.

7. Third-Party Services

We use the following sub-processors to operate the Service:

  • Supabase — database, authentication, and storage
  • Vercel — hosting and deployment
  • Anthropic — AI model API used to generate compliance narratives (agent data is sent to Anthropic's API; Anthropic's data use policy applies)
  • Payment processor — payment processing (no card data stored by Vigilia)

Dear Wise Earth Inc does not sell your data to any third party.

8. Your Rights

Under GDPR and other applicable privacy laws, you have the right to:

  • Access the personal data we hold about you
  • Rectify inaccurate data
  • Erase your data ("right to be forgotten"), subject to legal retention obligations
  • Restrict or object to certain processing
  • Data portability — receive your data in a structured, machine-readable format
  • Withdraw consent at any time for consent-based processing (e.g. newsletter)

To exercise any of these rights, email us at gregorio.vonhildebrand@aivigilia.com. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

9. Cookies

We use only essential cookies required for authentication and session management. We do not use tracking, analytics, or advertising cookies. No cookie consent banner is required for essential cookies under GDPR.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a prominent notice on the Service. Your continued use of the Service after changes are posted constitutes acceptance of the revised policy.

Terms of ServiceRefund Policy← Back to Vigilia