Privacy Policy

1. Introduction

Vaspera Capital, LLC ("Company," "we," "us," or "our") operates VasperaMemory, an AI memory and context management platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, name, and authentication credentials when you create an account
• Payment Information: Billing details processed securely through Stripe (we do not store full card numbers)
• Project Data: Code context, decisions, preferences, and memories you choose to store
• Communication: Messages when you contact our support team

2.2 Information Collected Automatically

• Usage Data: API calls, feature usage, and interaction patterns
• Device Information: Browser type, operating system, and device identifiers
• Log Data: IP address, access times, and pages viewed
• Analytics: Aggregated usage statistics to improve the Service

2.3 AI-Processed Data

• Decisions: Architectural choices and patterns extracted from your AI conversations
• Preferences: Learned coding style preferences and workflow patterns
• Error Patterns: Error signatures and fixes to help prevent recurring issues
• Code Dependencies: Relationships between code symbols for impact analysis

3. How We Use Your Information

We use your information to:

• Provide, maintain, and improve the Service
• Personalize your experience and deliver relevant context to AI tools
• Process payments and manage subscriptions
• Send service-related communications and updates
• Respond to support requests and inquiries
• Analyze usage patterns to improve features
• Protect against fraud and unauthorized access
• Comply with legal obligations

4. Data Storage and Security

Your data is stored securely using industry-standard practices:

• Database: Supabase with PostgreSQL, protected by Row Level Security (RLS)
• Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256)
• Authentication: Secure OAuth and API key management
• Infrastructure: Hosted on secure cloud infrastructure with SOC 2 compliance
• Access Control: Strict access controls and audit logging

5. Data Sharing and Disclosure

We do not sell your personal information. We may share information with:

• Service Providers: Third parties who help us operate the Service (Supabase, Stripe, Vercel, Railway)
• AI Tool Integrations: Context is shared with AI tools you explicitly connect (Claude, ChatGPT, etc.)
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets

6. Your Data Rights

You have the following rights regarding your data:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your data (right to be forgotten)
• Export: Export your data in a portable format
• Restriction: Request restriction of processing
• Objection: Object to processing based on legitimate interests

To exercise these rights, contact us at support@vasperacapital.com.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. Upon account deletion:

• Personal data is deleted within 30 days
• Anonymized usage data may be retained for analytics
• Backup copies are purged within 90 days
• Legal hold data is retained as required by law

8. Third-Party Services

Our Service integrates with third-party AI tools. When you connect these tools:

• Context and memories may be shared with those tools to provide functionality
• Each third-party service has its own privacy policy
• You can disconnect integrations at any time through your dashboard

9. Cookies and Tracking

We use cookies and similar technologies for:

• Essential: Authentication and session management
• Functional: Remembering your preferences
• Analytics: Understanding how you use the Service (anonymized)

You can control cookies through your browser settings.

10. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us.

11. International Data Transfers

Your data may be transferred to and processed in the United States. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses where applicable.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the new policy and updating the "Last updated" date. We encourage you to review this policy regularly.

13. Contact Us

For privacy-related inquiries or to exercise your data rights, contact us at: