AETHEIO ← Back
Try Cedar
AETHEIO LEGAL

Privacy Policy

Last Updated: May 27, 2026

At Aetheio Private Limited ("Aetheio", "we", "us", or "our"), a private company registered in Bangladesh, we take your personal data privacy seriously. This Privacy Policy outlines how we collect, process, secure, and manage your information across our flagship product: Project Cedar (Education Platform).

1. Information We Collect

We only collect the information necessary to deliver, personalize, and secure Aetheio's services:

  • Account Information: Name, phone number, email address, password, class/grade, and registered educational board (for Project Cedar users).
  • Living Memory Profile Data: Student learning preferences, Academic goals (such as preparations for BUET, Dhaka University, or Medical colleges), and educational strengths/obstacles.
  • Audio & Transcription: Spoken introductions recorded during the optional Project Cedar voice onboarding are transcribed to seed initial Memory Profiles and are instantly deleted from our storage after processing.
  • Interaction History: Conversation histories, past board exam choices, and files/images generated within our platform (Project Cedar).
  • Local Billing Data: Verification codes and billing transaction logs generated through direct bKash local billing rails. We do not store PINs or direct payment credentials.

2. How We Process Your Data

We process your personal details to provide highly secure, context-aware AI interactions:

  • Personalization: Feeding your adaptive AI tutor (Cedar) with persistent memory to help you study without repetitive contexts.
  • Syllabus Locking: Aligning context locks to NCTB textbook chapter parameters to ensure grade-appropriate responses.
  • Usage Gatekeeping: Monitoring usage limits and cost allocations via our serverless proxy shield based on actual token costs.

3. Security & Zero-Exposure Architecture

Aetheio is built with a Privacy-First, Zero-Exposure infrastructure to ensure your data and our software system credentials remain completely safe:

  • Serverless Proxy Shield: Managed via a secure serverless edge gateway, our secure proxy shield manages all token communication. Underlying API keys are entirely encapsulated and are never exposed in client browsers or mobile applications.
  • CORS Lockdown: Our API gateway strictly validates request origins, instantly rejecting any unauthorized external attempts to fetch or manipulate user sessions.
  • On-Device Encryption: Localized security and container configurations protect cached databases and memory files stored on mobile devices.

4. Data Sharing and Retention

We **never** sell, trade, or lease your personal information to third parties. We do not expose your prompts or personal memory details to global LLM providers beyond standard token inference, which operates under strict safety filters. We retain data only for as long as your account remains active or to verify transaction histories under local financial compliance guidelines.

5. Contact Us

For inquiries regarding data deletion, account privacy, or to request a copy of your stored Aetheio Memory Profile, please contact our privacy compliance officer at privacy@aetheio.com.