Privacy Policy
Last updated: 2025-08-21 · Draft
1. Core Principle
Tresor is designed around a Zero-Access model: only you can view your AI data. We avoid storing plaintext prompts, model outputs, documents, memories, or web search content in a form readable by Tresor personnel or model providers.
2. Data We (Intentionally) Do Not See
We do not retain readable AI conversation content, document contents, memory embeddings, or prompt / completion text for internal model training. Encrypted blobs may transit our infrastructure but remain unintelligible outside trusted execution boundaries.
3. Minimal Operational Data
We may process strictly minimal technical metadata (e.g. request timing, success state, model identifier, anonymized usage counters) necessary for reliability, billing, and abuse prevention. We deliberately exclude prompt or output plaintext from logs.
4. Analytics
Any analytics used are privacy-preserving and aggregated. We do not employ invasive cross-site tracking, fingerprinting, or behavioral advertising pixels.
5. Security & TEEs
Trusted Execution Environments (TEEs) allow model inference on encrypted inputs while keeping decryption confined. Keys remain outside provider access. Administrative access does not grant plaintext visibility.
6. Your Controls
You may delete stored artifacts you create. Deleted data is removed from active systems and scheduled for cryptographic erasure from backups on a rolling basis.
7. Changes
Material updates will be versioned. Continued use after an update constitutes acceptance of the revised policy.