MetisAI Privacy Policy
Last Updated: January 30, 2026
1. Information We Collect
When you use MetisAI, we collect:
- Email address (for account identification)
- Name and basic profile information
- Google Drive files that you create through MetisAI
- Your AI assistant preference (ChatGPT, Claude, Gemini, or DeepSeek)
2. How We Use Your Information
We use your information to:
- Provide MetisAI life companion services
- Store and manage your life story documents in your Google Drive
- Manage progress tracking and document organization
- Communicate with you about your account
3. How We Access Your Google Drive
Your Privacy is Protected
MetisAI uses Google's most restrictive permission level (drive.file scope). This means:
- ✓ MetisAI can ONLY see files it creates for you
- ✓ MetisAI CANNOT see your other Google Drive files
- ✓ Your personal photos, documents, and other files are completely hidden from MetisAI
- ✓ Each user's data is completely isolated - no user can see another user's files
- ✓ Your files remain in YOUR Google Drive - you control them
You can revoke MetisAI's access at any time through your Google Account settings, and your files will remain safely in your Drive.
MetisAI uses limited Google Drive access to:
- Create folders for organizing your life story documents
- Save and update your life story files
- Manage progress tracking spreadsheets
- Archive previous versions of your documents
4. Data Storage and Security
Your data is stored securely:
- Account information stored in Microsoft Azure cloud services with enterprise-grade security
- All data encrypted in transit (HTTPS/TLS) and at rest (AES-256)
- Google Drive files remain in your personal Google Drive account under your control
- Access tokens encrypted and stored securely in Azure Table Storage
- We do not sell or share your personal information with third parties
- All access is logged and auditable for security purposes
5. Administrator Access
Like all cloud services, system administrators have technical capability to access user data for legitimate purposes only, including:
- Technical support and troubleshooting (with user permission)
- Security incident investigation
- Legal compliance requirements
- System maintenance and updates
Important: All administrative access is logged, audited, and restricted to authorized personnel only. We are legally and ethically bound to protect your privacy and only access data when necessary for these legitimate purposes.
6. Your Rights
You have complete control over your data:
- Access your personal data at any time
- Request deletion of your account and data
- Revoke Google Drive access at any time through your Google Account settings
- Export your life story documents from your Google Drive
- Request corrections to your personal information
- Withdraw consent for data processing
7. Data Retention
We retain your data as long as your account is active. When you delete your account:
- Your account information is permanently deleted from our servers within 30 days
- Your Google Drive files remain in your Drive (you control them)
- You can manually delete Drive files at any time
- Access tokens are immediately revoked and deleted
8. Third-Party Services
MetisAI integrates with the following third-party services:
- Google Drive: For file storage (subject to Google's Privacy Policy)
- Microsoft Azure: For secure data storage and hosting
- AI Assistants: ChatGPT, Claude, Gemini, or DeepSeek (as per your choice - you interact with them directly)
- Payhip: For payment processing and license management
These services have their own privacy policies which govern their use of your data.
9. User Data Isolation
Your data is completely private:
- Each user's data is completely isolated from other users
- No user can access another user's documents or information
- Your Google Drive access token is unique to you and cannot be used by others
- All data is partitioned by user email for complete separation
10. Changes to This Policy
We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will notify users of any material changes via email or through the MetisAI dashboard. Your continued use of MetisAI after changes constitutes acceptance of the updated policy.
11. Contact Us
For privacy concerns, questions, or to exercise your rights, contact:
Email: tony.czarnecki@sustensis.co.uk
Company: Sustensis Ltd
Website: https://metisai-gateway5.azurewebsites.net
12. GDPR Compliance (For EU Users)
For users in the European Union, we comply with GDPR requirements:
- Legal Basis: Data processing is based on your explicit consent
- Right to Withdraw: You can withdraw consent at any time
- Data Portability: You can export all your data
- Right to Erasure: You have the right to be forgotten
- Data Protection Officer: Contact tony.czarnecki@sustensis.co.uk for data protection inquiries
- Supervisory Authority: You have the right to lodge a complaint with your local data protection authority
13. Children's Privacy
MetisAI is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will take steps to delete such information.
14. International Data Transfers
Your data may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your data in accordance with this privacy policy and applicable laws.