1. Information We Collect

Account Information

When you register for GENVA Mind AI, we collect your name, email address, and password (encrypted with bcrypt). We also collect your billing information when you subscribe to a paid plan — this is handled securely by Stripe, Razorpay, or PayPal and we never store raw card numbers.

Usage Data

• AI conversations and agent task inputs/outputs
• Automation workflows you create
• Features you use and how often
• API calls made with your keys
• Login times, IP addresses, and device information

Memory Engine Data

With your explicit consent, GENVA Mind AI's Memory Engine stores learned facts, preferences, and context from your sessions to improve future AI responses. You can view, export, or delete all memory nodes at any time from the Memory page.

2. How We Use Your Data

• Delivering AI responses and agent services
• Processing payments and managing subscriptions
• Sending product updates, receipts, and security alerts
• Improving platform performance and reliability
• Detecting and preventing fraud and abuse
• Complying with legal obligations

3. AI & Your Content

Your prompts, agent tasks, and workspace documents are processed in real-time and are not used to train any AI model without your explicit written consent. Conversation history stored in your account is encrypted at rest.

4. Data Storage & Security

Your data is stored on secure servers hosted on Hostinger KVM2 infrastructure in India (Mumbai region). All data is encrypted in transit (TLS 1.3) and at rest (AES-256). We maintain automated daily backups with 30-day retention.

• Passwords: bcrypt hashed (never stored in plaintext)
• Backend credentials secured and masked in all interfaces
• Secure sessions with automatic renewal and rotation
• Database: PostgreSQL 15 with SSL connections only

5. Third-Party Services

GENVA Mind AI integrates with third-party services to provide its functionality. Each service has its own privacy policy:

• GENVA Backend — AI processing (GENVA AI Engine)
• Stripe / Razorpay / PayPal — Payment processing
• SendGrid — Transactional emails
• AWS S3 — File storage (optional)
• Slack / GitHub / WhatsApp — Integrations (only when you connect)

6. Your Rights (GDPR / DPDP)

• Access — Request a copy of all your data
• Correction — Update inaccurate information
• Deletion — Delete your account and all data
• Portability — Export your data in JSON format
• Objection — Opt out of analytics tracking
• Memory Erasure — Clear AI memory at any time

To exercise any right, email: privacy@genvamind.com or use the Settings page.

7. Cookies

We use only essential cookies required for authentication and session management. We do not use third-party advertising cookies. You can disable cookies in your browser settings, though this may affect platform functionality.

8. Contact

Privacy questions: privacy@genvamind.com
Data deletion requests: privacy@genvamind.com
Response time: Within 72 hours

1. Acceptance of Terms

By accessing or using GENVA Mind AI ("the Platform"), you agree to be bound by these Terms of Service and our Privacy Policy. These terms apply to all users including free, paid, and enterprise customers.

2. Service Description

GENVA Mind AI provides an AI-powered business intelligence platform including: AGI Chat, AI Agents, Workspace document generation, World Intelligence, Memory Engine, Automation workflows, and a Marketplace of AI tools. Features vary by subscription plan.

3. Subscription Plans & Billing

• Starter — $29/month: 5 agents, 100K tokens/month, basic automation
• Growth — $99/month: 25 agents, 1M tokens/month, all features
• Enterprise — $1,200/month: Unlimited agents, custom tokens, white-label

All plans are billed monthly. Annual plans receive a 20% discount. Payments are processed via Stripe, Razorpay, or PayPal. Refunds are available within 7 days of initial purchase. No refunds for subsequent billing cycles.

4. Acceptable Use Policy

You agree NOT to use GENVA Mind AI to:

• Generate illegal, harmful, or deceptive content
• Spam, harass, or abuse other users or third parties
• Attempt to bypass AI safety filters or prompt inject
• Reverse engineer, scrape, or copy platform source code
• Resell API access without written authorization
• Mine cryptocurrency or perform compute-intensive abuse
• Violate any applicable laws or regulations

Violations may result in immediate account termination without refund.

5. Intellectual Property

AI outputs generated using GENVA Mind AI are owned by you, the user. The GENVA Mind AI platform, codebase, brand, and design are owned by GENVA Mind AI Technologies. You may not reproduce our platform without authorization.

6. Limitation of Liability

GENVA Mind AI is provided "as is." We are not liable for indirect, incidental, or consequential damages arising from AI-generated content. AI outputs are not professional legal, medical, or financial advice. Always verify critical decisions with qualified professionals.

7. Termination

You may cancel your account at any time from Settings. We reserve the right to terminate accounts that violate these terms. Upon termination, your data will be retained for 30 days then permanently deleted unless legally required to retain it.

8. Governing Law

These terms are governed by the laws of India. Disputes shall be resolved through binding arbitration in accordance with Indian Arbitration and Conciliation Act, 2015.

9. Contact

Legal questions: legal@genvamind.com

1. Transparency

We clearly disclose when content is AI-generated. Our agents identify themselves as AI systems. We never deceive users into thinking they're communicating with a human without their knowledge.

2. Safety First

• All AI outputs pass through multi-layer safety filters
• Prompt injection detection is active on all endpoints
• Harmful content generation is blocked by default
• AI agents operate within defined permission boundaries
• Human oversight is always available and never bypassed

3. No Bias Amplification

We actively work to detect and reduce bias in AI outputs. Our agents are designed to provide balanced perspectives and flag when topics require professional human judgment. We do not deploy AI in high-stakes decisions (medical diagnosis, legal rulings, financial advice) without explicit human review.

4. Data Minimization

We collect only the data strictly necessary to provide our service. We do not train AI models on user data without explicit opt-in consent. Memory Engine data is stored only with the user's permission and can be deleted at any time.

5. Environmental Responsibility

AI computation has a carbon footprint. GENVA Mind AI optimizes all API calls to minimize token usage, uses efficient streaming to reduce server load, and offsets compute energy usage through verified carbon credits.

6. Accessibility

AI should benefit everyone. We offer a free Starter plan, and provide academic and NGO discounts. Our platform is designed to be accessible to users with disabilities following WCAG 2.1 guidelines.

7. Accountability

If our AI causes harm, we take responsibility. We maintain a public incident log, notify affected users within 72 hours of any AI-related issues, and work proactively to fix problems. Contact our ethics team: ethics@genvamind.com

Authentication Security

• Passwords hashed with bcrypt (cost factor 12)
• Backend authentication with automatic rotation
• 3-step admin login: credentials → OTP → biometric
• Automatic account lock after 5 failed login attempts
• Session invalidation on password change
• IP-based anomaly detection and alerting

API Security

• All backend credentials protected with AES-256 encryption
• Keys masked in all UI — shown only once on creation
• Per-key rate limiting (10–500 req/min by plan)
• Prompt injection detection on all AI endpoints
• CORS restricted to authorized origins only
• Helmet.js security headers on all responses

Infrastructure Security

• Servers protected by UFW firewall (ports 22, 80, 443 only)
• Fail2ban active — bans IPs after 5 failed attempts
• DDoS protection via Nginx rate limiting
• Automated daily backups with 30-day retention
• PostgreSQL SSL-only connections
• Redis password-protected, localhost-only binding

Vulnerability Disclosure

Compliance

• GDPR compliant (EU users)
• India DPDP Act 2023 compliant
• PCI DSS Level 1 via Stripe/Razorpay (card data never touches our servers)
• SOC 2 Type II audit in progress