Privacy Policy

Aibexx ("we," "our," or "us") is committed to protecting the privacy of our users. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.

1. Information We Collect

• Account Information — name, email address, job title, and institution name provided during registration
• Phone Number — if voluntarily provided, used only for direct communication related to your inquiry, pilot program, or licensing agreement, and for SMS communications you have explicitly opted into
• AI Query Logs — records of AI requests routed through the Aibexx platform, including prompts, model selections, token counts, and response metadata
• Usage Data — workflow activity, department attribution, cost tracking data, and platform interaction records
• Audit Trail Data — hash-chained logs of every AI agent action, tagged by user identity and workflow owner
• Billing Information — contract and payment records processed securely via AWS
• Device & Access Logs — IP addresses, browser type, and login timestamps for security monitoring

2. How We Use Your Information

• To deliver, operate, and improve the Aibexx platform
• To enforce institutional AI compliance policies (FED/NIH standards)
• To generate cost attribution and audit reports for your organization
• To monitor platform security and prevent unauthorized access
• To fulfill contractual obligations under your licensing agreement
• To send text message communications to users who have explicitly opted in

3. SMS / Text Message Communications

If you provide your phone number and opt in to SMS communications, you may receive text messages from Aibexx related to your inquiry, pilot program, or licensing agreement.

• Message frequency varies based on your engagement with Aibexx
• Message and data rates may apply
• Reply STOP at any time to unsubscribe from text communications
• Reply HELP for assistance
• We do not share your phone number with third parties for their own marketing purposes

4. Who We Share Your Information With

• AWS (Amazon Web Services) — our infrastructure provider; data is hosted on AWS in private VPC subnets
• Your Institution — usage, cost, and compliance reports are accessible to authorized administrators at your organization
• No third-party selling — we do not sell, rent, or trade your data to any outside parties

5. How We Protect Your Information

• End-to-end encryption in transit and at rest using AWS KMS
• Deployment within private VPC subnets on AWS
• Role-based access control (RBAC) with four permission levels
• HIPAA-compliant infrastructure with a signed AWS Business Associate Agreement (BAA)
• Immutable, hash-chained audit logs for all data access events

6. Your Rights

You have the right to:

• Request access to the data Aibexx holds about you
• Request correction of inaccurate information
• Request deletion of your data, subject to legal and contractual obligations
• Opt out of SMS communications at any time by replying STOP
• Opt out of non-essential communications at any time

To exercise any of these rights, contact us using the information in Section 8 below.

7. Data Retention

We retain your data for the duration of your active license agreement and for up to 12 months following termination, unless a longer retention period is required by law or contract.