Last updated: February 20, 2026
AIPMO ("we," "us," or "our") operates the websites aipmo.co and app.aipmo.co. This Privacy Policy describes how we collect, use, store, and protect your personal information when you use our websites and services.
We take privacy seriously — particularly as a platform focused on responsible AI governance. We aim to collect only the data we need, be transparent about how we use it, and give you control over your information.
Information We Collect
Information You Provide
When you create a membership account or subscribe to our services, we collect:
- Name — To personalize your experience and pre-fill documents you generate
- Email address — For account authentication, membership management, and newsletter delivery ("The AI Governance Brief")
When you use the AIPMO Advisor application, we may also collect:
- Organization details — Information you provide about your organization (or, for Consultant members, your client organizations) for AI governance document generation, such as organization name, industry, size, and AI maturity level
- Project details — Information about specific AI projects within your organizations, including project type, objectives, and stakeholders
- Conversation messages — Messages you send and responses generated through the AI Governance Advisor chat, stored per project to maintain continuity within your sessions
- Generated documents — Documents created through our AI-powered customization tools
Information Collected Automatically
When you visit our websites, we automatically collect limited technical information:
- Session data — Authentication tokens to keep you signed in
- Server logs — Standard web server logs maintained by our hosting providers (Vercel and Ghost), which may include IP addresses, browser type, and pages visited
Information We Do Not Collect
We do not collect or process:
- Payment card numbers (these are handled entirely by Stripe)
- Browsing behavior through analytics or tracking tools
- Location data beyond what is present in server logs
- Data from third-party sources about you
How We Use Your Information
We use the information we collect to:
- Provide our services — Authenticate your account, deliver content based on your membership tier (Essential, Professional, or Consultant), and generate customized AI governance documents
- Communicate with you — Send membership-related emails, newsletter editions of "The AI Governance Brief," and important service updates
- Process payments — Facilitate paid membership subscriptions through Stripe
- Improve our services — Understand how our platform is used so we can make it better
We do not sell, rent, or share your personal information with third parties for their marketing purposes.
How We Process Your Data with AI
The AIPMO Advisor uses Anthropic's Claude API to generate customized AI governance documents and provide interactive chat guidance. When you use these features:
- The information you provide about your organization (or client organizations, for Consultant members) and your chat messages are sent to Anthropic's API to generate responses and documents
- Anthropic processes this data according to their Usage Policy and does not use API inputs to train their models
- We do not send your name, email address, payment information, or other personal identifiers to the AI API
- Generated documents and conversation history are stored in your account for your access
- You retain ownership of all documents generated through the platform
Third-Party Service Providers
We work with the following service providers who may process your data on our behalf:
| Provider | Purpose | Data Processed | Privacy Policy |
|---|---|---|---|
| Ghost | Content management and membership | Name, email, membership status | https://ghost.org/privacy/ |
| Stripe | Payment processing | Email, payment information | https://stripe.com/privacy |
| Vercel | Application hosting | Server logs, IP addresses | https://vercel.com/legal/privacy-policy |
| Supabase | Database services | Account data, organization profiles, project details, conversations, documents | https://supabase.com/privacy |
| Anthropic | AI document generation and chat | Organization details, project context, and chat messages submitted for guidance and document creation | https://www.anthropic.com/policies/privacy-policy |
Each provider processes data in accordance with their own privacy policies and our data processing agreements with them.
Data Retention
We retain your personal information for as long as your account is active or as needed to provide you with our services. Specifically:
- Account data (name, email, membership status) — Retained while your account exists
- Organization and project profiles — Retained while your account exists or until you delete them
- Conversation messages — Retained while your account is active or until you delete the associated project
- Generated documents — Retained while your account exists or until you delete them
- Payment records — Retained as required by applicable tax and financial regulations
- Server logs — Retained according to our hosting providers' standard retention policies
If you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required by law to retain certain records. For Consultant members, deleting an organization will cascade to remove all linked projects, conversations, and documents associated with that organization.
Data Security
We implement appropriate technical and organizational measures to protect your personal information, including:
- Encrypted connections (HTTPS/TLS) for all data transmission
- Encrypted session tokens for authentication
- Database access restricted by role-based controls
- Payment processing handled entirely by PCI-compliant Stripe infrastructure
- Regular review of our security practices
No method of transmission over the internet or electronic storage is completely secure. While we strive to protect your personal information, we cannot guarantee absolute security.
Your Rights
Depending on your location, you may have the following rights regarding your personal information:
- Access — Request a copy of the personal data we hold about you
- Correction — Request that we correct inaccurate or incomplete data
- Deletion — Request that we delete your personal data
- Data portability — Request a copy of your data in a portable format
- Opt out of communications — Unsubscribe from newsletters and non-essential emails at any time using the unsubscribe link in any email
To exercise any of these rights, contact us at info@aipmo.co. We will respond to your request within 30 days.
For California Residents (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act, including the right to know what personal information we collect, the right to request deletion, and the right to non-discrimination for exercising your rights. We do not sell personal information.
For European Economic Area Residents (GDPR)
If you are located in the EEA, our legal basis for processing your personal data is:
- Contract performance — Processing necessary to provide the services you signed up for
- Legitimate interest — Processing necessary for our legitimate business interests (such as improving our services), where those interests are not overridden by your rights
- Consent — Where you have given us specific consent to process your data (such as subscribing to our newsletter)
You also have the right to lodge a complaint with your local data protection authority.
Children's Privacy
Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information.
International Data Transfers
Our services are hosted in the United States. If you access our services from outside the United States, your information will be transferred to and processed in the United States. We take appropriate safeguards to ensure your data is protected in accordance with this Privacy Policy.
Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by posting the updated policy on this page and updating the "Last updated" date. For significant changes, we may also notify you by email.
Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:
Email: info@aipmo.co
Website: aipmo.co