Privacy Policy

1. Introduction & Overview

Welcome to STELLE.WORLD. This Privacy Policy applies to the STELLE.WORLD platform and its application stelle.chat (accessible at stelle.chat), as well as the website stelle.world We are committed to providing you with a proactive, personalized AI companion that respects your privacy and safeguards your data. This Privacy Policy outlines how we collect, use, store, and protect your information, ensuring transparency and trust in every interaction.

At Stelle, we believe that your data is yours. Our decentralized, privacy-first architecture is designed to empower you with control over your information while delivering seamless, cross-platform assistance.

2. Scope & Applicability

This Privacy Policy applies to:

• Users of the Stelle Platform: Whether you interact with our web application, mobile app, or APIs, the guidelines herein apply to all end users.
• Third Parties: Partners and service providers who interact with Stelle data under contractual obligations.
• Contexts of Data Processing: This policy covers data collected via user interactions, file uploads, text and image processing, OAuth integration (where applicable), and financial transactions related to premium services and enterprise solutions.

3. Data Collection & Use

3.1 Types of Data Collected

• Personal Information: This may include user IDs, session IDs, names, email addresses, and authentication tokens obtained via OAuth integrations.
• Interaction Data: Your prompts, chat histories, and file uploads (including PDFs, DOCX, TXT, and images) that are processed for features like multi-modal context retrieval and long-term memory updates.
• Technical Data: Device identifiers, IP addresses, browser types, and usage statistics collected to optimize performance and user experience.
• External Content: URLs and content fetched from external sources when provided in your queries.
• Data Sharing: We do not sell or rent user data. Data may only be shared with trusted service providers when necessary to operate the platform, such as payment processors, authentication providers, or infrastructure services.

3.2 Purposes for Data Collection

• Authentication & Personalization: To verify your identity securely and tailor the AI’s responses based on your past interactions.
• Feature Enhancement: To improve our services through context-aware responses, file content analysis, and long-term memory functions.
• Analytics & Platform Performance: To monitor system performance, improve reliability, and enhance the functionality of the Stelle platform. Data collected for analytics is limited to what is necessary for maintaining and improving the user experience.
• Third-Party Services: Some data may be shared with trusted third-party services (e.g., payment processors, OAuth providers) solely to facilitate core functionalities.

3.3 GDPR Compliance

Our platform may use automated systems and artificial intelligence to assist with certain features. These systems operate only on the data necessary to provide the requested functionality within the Stelle platform. Data obtained through connected third-party accounts is used solely to provide user-facing features and is not used to train machine learning models or artificial intelligence systems.

4 Oauth Integration & Connected Third-Party Platform Data

Notwithstanding any other provision in this Privacy Policy, Stelle's use of information received from Google APIs is subject to the Google API Services User Data Policy, including the Limited Use requirements. Google user data will only be used to provide or improve user-facing features visible within the Stelle platform. Google user data will not be used for serving advertisements, will not be transferred to third parties except as necessary to provide the service, will not be used to determine creditworthiness or for lending purposes, and will not be used for any purpose that is not disclosed to the user. Stelle does not allow humans to read Google user data unless the user has given explicit permission, it is necessary for security purposes, it is required by law, or the use is limited to internal operations and the data has been aggregated and anonymized.

Stelle's use of data obtained through Google Workspace APIs, including YouTube APIs, is not used to develop, improve, or train generalized or non-personalized artificial intelligence or machine learning models. Data obtained from Google APIs is used solely to provide and improve user-facing features within the Stelle platform, and only at the explicit direction of the user.

Stelle allows users to optionally connect their accounts from supported third-party platforms using secure authorization mechanisms. When a user connects an external account, Stelle may access limited data from that platform strictly for the purpose of providing the services requested by the user.

1. Depending on the platform and permissions granted by the user, this data may include:

• Basic account identification information
• Content created or published by the user (such as posts or media)
• Engagement information related to that content (such as comments or replies)
• Performance metrics or analytics associated with the user’s content

2. This information is used exclusively to provide features such as:

• Connecting and managing user accounts from external platforms
• Viewing and organizing published content
• Scheduling or publishing new content on behalf of the user
• Displaying engagement data and analytics
• Allowing users to view and respond to comments or interactions

Data obtained from connected platforms is used solely to provide or improve user-facing features of the Stelle platform. This data is not sold, rented, or shared with third parties for advertising or marketing purposes.

Stelle does not use data obtained from connected third-party platforms to train artificial intelligence models, build user profiles unrelated to the platform’s functionality, or for any purpose unrelated to providing the requested services.

Users may disconnect their linked accounts at any time through the platform settings, which will revoke Stelle’s access to the external account.

If users connect a Google account, Stelle’s use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Data obtained from Google APIs will only be used to provide or improve user-facing features of the Stelle platform and will not be used for advertising, sold to third parties, or used to train artificial intelligence or machine learning models.

5. Payment Processing & Monetary Transactions

• Secure Handling: Financial transactions are processed using industry-standard encryption and transmitted securely. We partner with PCI-DSS–compliant payment processors to handle all monetary data.
• Data Minimization: We do not store full credit card details or sensitive financial information on our servers. Instead, only transaction confirmations and necessary billing data are maintained for record-keeping and support.
• Fraud Prevention: Additional security measures, including real-time fraud detection and secure payment gateways, are in place to protect your transactions.

6. Data Storage & Security

6.1 Data Storage

Infrastructure: User data—including chats, file uploads, and long-term memory summaries—is stored in secure databases (e.g., MongoDB) and processed using advanced indexing techniques (e.g., FAISS) as detailed in our backend architecture.

Decentralized Options: In line with our commitment to privacy, certain data may be stored on decentralized networks (e.g., IPFS) or encrypted locally to give you enhanced control.

6.2 Security Measures

• Encryption: Data is encrypted in transit (using HTTPS) and at rest, ensuring that unauthorized access is prevented.
• Access Controls: Strict access controls and authentication protocols limit data access to authorized personnel only.
• Regular Audits: We conduct periodic security audits and vulnerability assessments to maintain high standards of data protection.
• Compliance Certifications: We adhere to industry standards and may obtain relevant certifications (e.g., PCI-DSS for payment processing) to reinforce our commitment to security.

7. User Rights & Control

We respect your rights regarding your personal data. You have the right to:

• Access and Review: Request a copy of the personal data we hold about you.
• Modify or Update: Correct inaccuracies or update your personal information.
• Delete: Request the deletion of your personal data, subject to any legal obligations.
• Opt-Out: Opt out of non-essential data collection or marketing communications. Instructions for opting out are provided within your account settings and in our communications.
• Raise Concerns: Contact us with any questions or concerns regarding your data privacy.

8. Compliance & Legal Considerations

• GDPR (General Data Protection Regulation)
• CCPA (California Consumer Privacy Act)
• Other regional regulations applicable to the jurisdictions in which our users reside.

8.1 Legal Basis for Data Processing

Data processing is conducted based on:

• User Consent: Where applicable, you provide explicit consent for data collection.
• Contractual Necessity: Data is processed to fulfill your requests and ensure the proper func- tioning of our services.
• Legitimate Interests: We may process data to improve our services, prevent fraud, and ensure operational security, provided these interests do not override your fundamental rights.

9 Updates to the Privacy Policy

We reserve the right to update this Privacy Policy as our practices evolve. When significant changes are made:

• Notification: We will notify users via email, platform notifications, or by posting a prominent notice on our website.
• Version History: The effective date of the updated policy will be clearly indicated at the top of this document.
• Review: We encourage you to review the Privacy Policy periodically to stay informed about how your information is protected.