Legal
Privacy Policy
Your data is yours. Here's exactly how we handle it.
Last updated: February 13, 2026
1. Information We Collect
Account Information: When you create an account, we collect your name, email address, and payment information. Payment details are processed and stored by Stripe — we never store card numbers.
Usage Data: We collect information about how you interact with Coheria, including queries submitted, features used, and session metadata. This data is used solely to improve service quality and is never sold.
Self-Hosted Deployments: If you use our self-hosted option, your data never leaves your infrastructure. We collect no usage data from self-hosted instances.
2. How We Use Your Information
Service Delivery: To provide, maintain, and improve the Coheria platform.
Security: To detect, prevent, and respond to security incidents. Our security pipeline processes requests in real-time but does not retain content beyond the active session.
Communication: To send essential service notifications and billing information. We do not send marketing emails without opt-in consent.
3. Data Retention & Deletion
Active Data: Workspace data is retained while your account is active. Delete individual items or your entire workspace at any time.
Session Data: Real-time session data is ephemeral and not persisted beyond the active session.
Account Deletion: Upon account deletion, all data is purged within 30 days across all storage systems.
Audit Logs: Retained for 90 days for security purposes, then permanently deleted.
4. Data Security
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Our infrastructure implements defense-in-depth security including WAF, input guard, OPA policy engine, sandboxed execution, output filtering, and hash-chained audit trails.
5. Data Sharing
We do not sell your data. We use limited service providers (Stripe for payments, infrastructure for hosting), each bound by data processing agreements.
Self-Hosted: No data is shared with Coheria or any third party.
6. Your Rights
Access: Request a copy of all data we hold about you.
Deletion: Request complete deletion of your account and data.
Portability: Export your data in standard formats (JSON, CSV).
Contact: privacy@coheria.ai
7. Cookies
We use essential cookies only — for authentication and session management. No advertising cookies or third-party analytics.
8. Changes
Material changes to this policy will be communicated via email at least 30 days before they take effect.
9. Contact
Privacy: privacy@coheria.ai | Security: security@coheria.ai
Coheria AI, Inc.