Privacy Policy — Ask Safely Assistant
Effective Date: February 23, 2026 · Last Updated: February 23, 2026
Scope
This policy covers the Ask Safely product: the web app at app.asksafely.ai, the iOS app, and the Android app. It applies to all user tiers — Guest and Essential.
For the marketing website at asksafely.ai, see the Marketing Site Privacy Policy.
The Short Version
Ask Safely is built on a simple premise: your conversations with AI are yours.
- Chats auto-delete. Every conversation is automatically deleted after 8 hours. You can delete instantly at any time. You can extend a chat to 14 days if you want to keep it — but we never keep it longer than that.
- Everything is encrypted. Every message, both yours and the AI’s, is encrypted with AES-256-GCM before it’s stored. Your email is encrypted too.
- Your data is never used for AI training. Not by us, not by Anthropic, not by anyone. Our AI runs on Anthropic’s Claude models via AWS Bedrock, which contractually prohibits training on customer data.
- We do not sell your data. Not now, not ever. Our business model is subscriptions, not data extraction.
- No open or click tracking in emails. When we email you, we don’t track whether you opened it or clicked anything.
- No device advertising IDs. We never request your device’s advertising identifier (IDFA on iOS, GAID on Android). We do not show you ads. When you arrive from a paid advertisement, we record the anonymous click identifier from the URL to measure ad effectiveness — see Advertising Attribution below for details.
- Guest mode collects nothing about you. You can use Ask Safely without an account, an email address, or any personal information.
What We Collect
We’re going to be specific. Here’s every category of data Ask Safely handles, what it’s for, and when it’s deleted.
If You Use Guest Mode (No Account)
Guest mode lets you try Ask Safely without providing any personal information. No email. No password. No account.
What we collect in Guest mode:
- Your chat messages — encrypted and stored temporarily so we can generate AI responses. Auto-deleted after 8 hours. You can delete them instantly at any time.
- A device-local session — so we can enforce the daily message limit (10 messages/day). This stays on your device and is not transmitted to our servers.
What we do not collect in Guest mode: Your name, email, phone number, location, contacts, photos, advertising identifier, or any other personal information.
If You Create an Account (Essential)
When you sign up, we collect the minimum information necessary to run your account.
Account information:
- Email address — used for login, password resets, and transactional emails (like OTP verification). Encrypted with AES-256-GCM via AWS KMS before storage.
- Password — encrypted using AES-256-GCM via AWS KMS during our current authentication system, and migrating to industry-standard one-way hashing (bcrypt or Argon2) via SuperTokens in 2026. After this migration, your password cannot be decrypted even by us.
- Authentication tokens — generated at login, valid for 90 days. Used to keep you signed in.
If you sign up with Google or Apple, we receive only the email address and authentication token from those services. We do not receive your Google or Apple password.
Chat messages:
- Every message you send and every AI response is encrypted with AES-256-GCM before it touches our database.
- Default: Auto-deleted after 8 hours via database-level TTL (time-to-live) indexes. This is not a setting you toggle — it’s the default architecture.
- Extended: If you choose to save a chat (swipe right on mobile, or use the extend button on web), it’s retained for up to 14 days with the same encryption. Then it’s permanently deleted.
- Instant delete: You can delete any chat immediately at any time. This is a hard delete — the data is removed from our database, not soft-deleted or archived.
Usage metrics (pseudonymized):
- Session timestamps, message counts, and feature interactions — used to understand product health (e.g., how many people use web search, chat retention rates). These metrics are associated with your user ID internally for product analysis but are never shared externally in a way that identifies you.
Web Search
When Ask Safely determines your question needs current information, it automatically searches the web on your behalf using the Brave Search API. Your query (or a rephrased version of it) is sent to Brave’s servers to retrieve results. Brave does not receive your email, user ID, or any account information — only the search query. See Brave’s Privacy Policy for how they handle search data.
AI Processing
Your messages are processed by Anthropic’s Claude AI models (Claude Haiku 4.5 and Sonnet 4.5) via AWS Bedrock.
This is important: AWS Bedrock contractually guarantees that your data is not used to train or improve AI models. Your conversations are processed to generate responses and then are not retained by Anthropic. We chose AWS Bedrock specifically for this guarantee.
Your messages are encrypted in our database, decrypted only for the moment they’re sent to the AI model for processing, and the AI’s response is encrypted before storage.
Biometric Authentication (iOS)
If you enable Face ID or Touch ID, your biometric data is handled entirely by Apple’s Secure Enclave on your device. Ask Safely never receives, transmits, or stores biometric data. We only receive a yes/no confirmation from your device that authentication succeeded.
Email Communications
We use Resend to send emails. Here’s what that means for you.
Types of email we send:
- Transactional: OTP verification codes and password reset emails. You can’t opt out of these because they’re necessary for account security.
- Onboarding: A short welcome sequence when you first sign up (up to 3 emails). You can unsubscribe from these.
- Re-engagement: Occasional emails if you haven’t used Ask Safely in a while. You can unsubscribe from these.
What Resend receives: Your email address and the email content, so they can deliver the message.
What we’ve disabled:
- Open tracking — OFF. We don’t insert tracking pixels. We don’t know if you opened our emails.
- Click tracking — OFF. We don’t route your link clicks through a redirect server. Links go directly where they say they go.
This is a deliberate choice. A privacy company shouldn’t track your email behavior. Resend retains delivery metadata (delivered, bounced, failed) so we know if emails are reaching inboxes. See Resend’s Privacy Policy for details.
Advertising Attribution
We measure whether our advertising works — but we do it without tracking you across apps or the web.
Mobile App Attribution — Adjust
We use Adjust, a mobile measurement partner (MMP), to understand which ad campaigns lead to app installs. We run Adjust with its maximum privacy configuration:
What Adjust receives from our app:
- Install event — the fact that the app was installed, and the timestamp.
- First chat event — the fact that a first chat occurred (not the content of the chat).
- IDFV (Identifier for Vendor) — an Apple-generated ID unique to our app on your device. It cannot be used to track you across other apps. On Android, the equivalent app-scoped identifier.
- Basic device information — device type, OS version, and app version. Used to match an install to the ad that drove it.
What we have disabled or don’t request:
- IDFA (iOS advertising ID) — NOT REQUESTED. We do not present the App Tracking Transparency (ATT) prompt. We do not access your advertising identifier.
- GAID (Google Advertising ID) — NOT COLLECTED.
- Extended Privacy Measurement — ENABLED. This is Adjust’s highest privacy mode. It provides only aggregated, campaign-level attribution data. No user-level data is shared with ad networks.
- No raw data callbacks to ad networks. Google and Reddit receive only aggregate campaign performance from Adjust, not information about individual users.
The purpose: we know “Campaign X drove 50 installs” — not “this specific person installed because of this specific ad.”
Adjust’s data is stored on Adjust’s own servers (not third-party cloud). See Adjust’s Privacy Policy for details on their data practices.
Web App Attribution
If you arrive at the web app from a paid ad, the URL may contain an anonymous click identifier (like a Google Click ID) and campaign parameters. These are stored in your browser’s session storage (which clears when you close the tab) and sent to our backend at signup. This attribution data is:
- Stored in a separate database table from your conversations and profile
- Never used for profiling, retargeting, or any purpose other than measuring ad effectiveness
- Automatically deleted after 90 days
For the full details on how attribution parameters work at the marketing site level, see the Marketing Site Privacy Policy.
Infrastructure and Security
Where Your Data Lives
Ask Safely runs entirely on Amazon Web Services (AWS) infrastructure based in the United States.
| Component | Purpose |
|---|---|
| AWS RDS (PostgreSQL) | Account data, authentication, metrics |
| MongoDB with TTL indexes | Chat messages (auto-deletion enforced at database level) |
| Redis | Temporary streaming cache for real-time AI responses |
| AWS KMS | Encryption key management (FIPS 140-2 Level 2/3 validated HSMs) |
| AWS Lambda | AI response processing |
| AWS Amplify | Web app hosting |
Encryption Details
- Standard: AES-256-GCM envelope encryption via AWS KMS
- How it works: A unique data key is generated from AWS KMS for each message. The message is encrypted with that key. Both the encrypted message and the encrypted data key are stored together. Decryption requires the KMS master key, which never leaves AWS hardware security modules in plaintext.
- What’s encrypted: Email addresses, all chat messages (yours and the AI’s), OTP codes, and authentication tokens.
- What’s hashed (one-way): Passwords are hashed using bcrypt or Argon2 via SuperTokens. Hashing is irreversible — we cannot decrypt or recover your password.
Compliance
- SOC 2 Type 2 audit in progress via Vanta (certification expected mid-2026)
- AWS infrastructure meets SOC, PCI DSS, and HIPAA standards
- FIPS 140-2 Level 2/3 validated hardware security modules for key management
Server Logs
AWS generates standard infrastructure logs (request timestamps, IP addresses, error codes) for operational purposes. These are managed by AWS, access-controlled, and used by us only for debugging and security monitoring.
Feature Flags
We use LaunchDarkly for feature management (e.g., rolling out new features to a percentage of users). LaunchDarkly receives an anonymous context identifier — not your email or personal information. See LaunchDarkly’s Privacy Policy for details.
Third-Party Services Summary
Every external service Ask Safely uses is listed here. No exceptions.
| Service | Purpose | Data Shared | Privacy Policy |
|---|---|---|---|
| AWS Bedrock (Anthropic Claude) | AI responses | Chat messages (decrypted for processing, not retained for training) | AWS |
| Brave Search | Web search results | Search queries only | Brave |
| Resend | Email delivery | Email addresses, email content | Resend |
| Adjust | Mobile app attribution | Install events, IDFV, device type, OS version | Adjust |
| LaunchDarkly | Feature flags | Anonymous context identifier | LaunchDarkly |
| AWS KMS | Encryption | Encrypted keys (never in plaintext outside HSMs) | AWS |
| Apple / Google | Authentication (social sign-in) | Email address, auth token | Apple / Google |
Each third-party service listed above is bound by contractual terms that limit how they may use the data they receive from us. Where applicable, we maintain data processing agreements (DPAs) that require our vendors to process your data only for the purposes described in this policy, to implement appropriate security measures, and to delete or return data upon termination of the relationship.
What We Do Not Do
To be explicit:
- We do not sell your data. To anyone. For any reason.
- We do not use your data for AI training. Our contract with AWS Bedrock prohibits it.
- We do not show you ads.
- We do not build advertising profiles about you.
- We do not share chat content with any third party except Anthropic (via AWS Bedrock) for the sole purpose of generating your AI response.
- We do not track you across apps or websites.
- We do not collect your location. We don’t request location permissions.
- We do not access your contacts. Camera, microphone, and file access will be available in future Expert tier features and will only be activated with your explicit permission.
- We do not use tracking pixels in our emails.
Data Retention
| Data Type | Retention |
|---|---|
| Chat messages (default) | 8 hours, then permanently deleted |
| Chat messages (extended) | 14 days, then permanently deleted |
| Chat messages (instant delete) | Immediately permanently deleted |
| Account information | Retained until you delete your account |
| Advertising attribution | 90 days, then permanently deleted |
| Email delivery metadata (via Resend) | Per Resend’s retention policy |
| Adjust attribution data | Per Adjust’s retention policy |
“Permanently deleted” means hard-deleted from the database. Not archived. Not soft-deleted. Not recoverable.
Your Rights and Controls
Controls Available to Every User
- Delete any chat instantly — swipe left (mobile) or click the delete button (web)
- Delete your entire account — this triggers a cascade delete across all databases: PostgreSQL, MongoDB, and Redis. All your data is permanently removed.
Controls for Registered Users
- Extend or shorten chat retention — choose to save a chat for up to 14 days, or delete it immediately
- Unsubscribe from non-transactional emails — every marketing or re-engagement email includes an unsubscribe link
Data Access and Deletion Rights
Regardless of where you live, you can:
- Request access to the personal data we hold about you
- Request deletion of your account and all associated data
- Request correction of inaccurate personal data
To exercise any of these rights, email us at mike@asksafely.ai. We’ll respond within 30 days.
In practice, our architecture means there’s very little to request: your chats auto-delete, your email is encrypted, and we don’t build profiles. But the rights are yours, and we’ll honor them.
California Residents (CCPA/CPRA)
If you are a California resident, the California Consumer Privacy Act (as amended by the CPRA) provides you with specific rights. Here is how our practices map to the required disclosures:
- Categories of personal information collected: Email address (Essential tier only), hashed password (Essential tier only), usage metrics (pseudonymized), and advertising attribution data. Guest mode collects no personal information.
- Purpose of collection: Providing the Service, account management, product improvement (via aggregate metrics), and measuring advertising effectiveness.
- Sale or sharing of personal information: We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising.
- Sensitive personal information: We do not collect sensitive personal information as defined by the CCPA/CPRA (such as Social Security numbers, financial account details, precise geolocation, or biometric data used for identification).
- Right to opt out of sale/sharing: Because we do not sell or share personal information, there is nothing to opt out of.
- Right to limit use of sensitive personal information: Not applicable — we do not collect sensitive personal information.
- Non-discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.
- Retention: See the Data Retention table above for specific retention periods by data type.
To exercise any California-specific right, email mike@asksafely.ai. We’ll respond within 45 days as required by law.
Data Breach Notification
In the event of a data breach that affects your personal information, we will notify affected users as required by applicable law. For breaches that pose a risk of harm, we will notify you by email (for registered users) or through in-app notice as quickly as practicable and no later than required by the laws of your jurisdiction.
We maintain security monitoring and incident response procedures designed to detect and respond to potential breaches promptly.
Children’s Privacy
Ask Safely is not intended for use by anyone under 17 years of age. We do not knowingly collect personal information from anyone under 17. If we learn that we’ve collected data from someone under 17, we’ll delete it immediately. If you believe someone under 17 has provided us with personal information, contact us at mike@asksafely.ai.
Guest mode does not collect personal information from anyone, regardless of age.
Changes to This Policy
If we update this policy, we’ll change the “Last Updated” date at the top. For material changes — like adding new data collection, new third-party services, or changing how we handle your messages — we’ll notify you via email (for registered users) or in-app notice before the changes take effect.
We built Ask Safely because we believe AI companies should be transparent about what they do with your data. This policy is part of that commitment.
Contact
Questions, concerns, or data requests? Reach us at:
SafeLife Inc.
Minneapolis, MN
mike@asksafely.ai
SafeLife Inc. is a Delaware C-Corp.