← Back to Home

Privacy Policy

Last updated: October 13, 2025

Overview

SCIO Copilot ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our service.

Information We Collect

Account Information

When you register for an account, we collect:

  • Email address
  • Password (encrypted)
  • Authentication provider (email or Google OAuth)

Usage Data

We collect information about how you interact with our service:

  • Conversation history and messages
  • Timestamps of interactions
  • Subscription and plan information

How We Use Your Information

We use the collected information to:

  • Provide and maintain our service
  • Authenticate your account and maintain security
  • Store and retrieve your conversation history
  • Process your requests and provide AI responses
  • Manage your subscription and billing
  • Improve our service and user experience

Cookies and Tracking

We use essential cookies only:

  • Authentication cookies: HTTP-only refresh tokens for secure session management
  • Consent cookies: LocalStorage flag to remember your cookie consent choice

We do not use tracking cookies, analytics cookies, or third-party advertising cookies in this version of the service.

Data Security

We implement industry-standard security measures:

  • Passwords are hashed using PBKDF2 (100,000 iterations)
  • Refresh tokens are stored as HTTP-only, Secure, SameSite cookies
  • All API communications require authentication
  • User data is isolated and scoped to individual accounts

Data Retention

We retain your data as follows:

  • Account data: Retained while your account is active
  • Conversations: Retained indefinitely unless you delete them
  • Refresh tokens: Expire after 30 days of inactivity
  • Mock billing data: Non-durable, may reset on system restart

Third-Party Services

Our service integrates with:

  • OpenAI API: For AI model responses (when configured)
  • Google OAuth: For optional authentication
  • Cloudflare: For hosting and infrastructure

These services have their own privacy policies. We recommend reviewing them.

Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and associated data
  • Export your conversation history
  • Withdraw consent for data processing

Children's Privacy

Our service is not intended for users under the age of 18. We do not knowingly collect personal information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

Contact Us

If you have questions about this Privacy Policy, please contact us at: privacy@scio-copilot.example.com