Privacy Notice
Last updated: June 2026
This Privacy Notice explains how Resilience ("Resilience", "we", "us") collects, uses, shares, and protects your personal data when you use our website and services (the "Service"). Resilience acts as the data controller for personal data processed in connection with the Service.
1. Personal data we collect
- Account data: name, email address, login credentials, workspace and organization information.
- Customer support data: messages, attachments and metadata you send us through support channels.
- Usage and telemetry data: pages viewed, features used, timestamps, referring URLs and similar product analytics.
- Device and connection data: IP address, browser type, operating system, device identifiers, language and time zone.
- Content you submit: brands, prompts, URLs and other information you upload to run analyses inside the Service.
Payment information (card number, billing address, tax identifiers) is collected directly by Stripe, our Merchant of Record, and is not stored on our servers.
2. Purposes and legal bases
- Provide the Service — create your account, deliver features, host your data (legal basis: performance of a contract).
- Billing and subscription management — process orders, renewals, refunds and tax via Stripe (legal basis: performance of a contract and legal obligation).
- Security and fraud prevention — protect accounts and infrastructure (legal basis: legitimate interests).
- Product improvement and analytics — understand usage patterns and improve features (legal basis: legitimate interests).
- Customer support — respond to your requests (legal basis: performance of a contract and legitimate interests).
- Marketing — send product updates where permitted (legal basis: consent or legitimate interests, with opt-out).
3. How we share personal data
We share personal data only with the following categories of recipients:
- Service providers and subprocessors — hosting, database, email delivery, analytics and support tooling acting on our instructions.
- Stripe.com Market Limited — our Merchant of Record for sale of the Service, subscription management, payments, tax compliance and invoicing.
- Professional advisers — legal, accounting and audit advisers where reasonably required.
- Authorities — where required by law, court order or valid legal process.
We do not sell your personal data.
4. International transfers
Where personal data is transferred outside your country of residence (including outside the UK/EEA), we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses or equivalent adequacy decisions.
5. Data retention
We keep personal data only as long as needed for the purposes described above, to comply with legal obligations (for example tax and accounting retention required by Stripe), to resolve disputes and to enforce our agreements. When data is no longer needed it is deleted or anonymised.
6. Your rights
Depending on your jurisdiction, you may have the right to access, rectify, erase, restrict or object to the processing of your personal data, to data portability, and to withdraw consent at any time. Users in the UK/EEA also have the right to lodge a complaint with their local supervisory authority. We will respond to verified requests within one month.
To exercise these rights, contact us at hello@aiorigin.io.
7. Security
We implement appropriate technical and organisational measures — including encryption in transit, access controls, least-privilege permissions and audit logging — designed to protect personal data against unauthorised access, alteration, disclosure or destruction.
8. Cookies
We use cookies and similar technologies that are strictly necessary to operate the Service (for example authentication and security), and optional analytics cookies used to understand product usage. You can manage non-essential cookies through your browser settings.
9. Contact
Resilience — hello@aiorigin.io.
