Legal
Privacy
Policy.
Last updated: April 23, 2025 · Effective immediately for new users
We built Alterus because we believe your time is yours. We apply that same philosophy to your data: it belongs to you, we use it only to serve you, and you can delete it anytime.
1. Who we are
Alterus ("Alterus," "we," "us," or "our") is a personal AI productivity product that drafts communications on your behalf. Our registered contact for privacy matters is privacy@alterus.io.
2. What we collect
We collect information in three ways:
- Account information — your name, email address, and account credentials when you sign up.
- Connected data — with your explicit authorization, content from linked services (email threads, calendar events, documents, and messaging channels) necessary to draft replies in your voice.
- Usage data — how you interact with Alterus: approvals, edits, feature usage, and performance metrics (never the content of your communications without consent).
- Device & technical data — IP address, browser type, operating system, and access timestamps for security and operational purposes.
3. How we use your data
We use your data solely to provide and improve the Alterus service:
- To generate communication drafts personalized to your voice and context
- To operate, maintain, and improve Alterus features
- To authenticate you and prevent fraud or abuse
- To send service-related notices (never marketing without consent)
- To comply with legal obligations
We do not sell your data. We do not use your connected email or document content to train AI models that serve other users.
4. Data sharing
We share your data only with:
- Service providers — infrastructure partners (hosting, analytics) bound by strict data processing agreements
- AI model providers — for inference only, under zero-retention agreements where your content is not used for model training
- Law enforcement — only when legally compelled, and we will notify you unless prohibited by law
5. Data retention
We retain your account data for as long as your account is active. Communication content (emails, documents) used for context is retained for the period you configure in your settings (default: 90 days). You can reduce this window or delete all cached context at any time from your dashboard.
When you delete your account, all personal data is purged within 30 days from our systems and any sub-processors we use.
6. Your rights
You have the right to:
- Access a copy of all personal data we hold about you
- Correct inaccurate information
- Delete your account and all associated data
- Withdraw consent for connected integrations at any time
- Port your data in a machine-readable format
- Object to or restrict certain processing activities
To exercise any of these rights, email privacy@alterus.io. We will respond within 30 days.
7. Security
We implement industry-standard safeguards: TLS encryption in transit, AES-256 encryption at rest, role-based access controls, and regular security audits. No method of electronic storage is 100% secure; we will notify you promptly in the event of a breach affecting your data.
8. Cookies
We use strictly necessary cookies for authentication and session management. We do not use advertising or tracking cookies. You can disable cookies in your browser settings, though this may limit functionality.
9. Children
Alterus is not directed at children under 16. We do not knowingly collect data from anyone under 16. If you believe a child has provided us information, contact us and we will delete it promptly.
10. Changes to this policy
We may update this policy from time to time. We will notify you of material changes via email or in-app notice at least 14 days before they take effect. Continued use after the effective date constitutes acceptance.
11. Contact
Questions, requests, or concerns: privacy@alterus.io
Alterus, Inc. · Boston, MA, USA