Privacy Policy

Last updated: pre-launch placeholder, awaiting legal review.

This policy is a placeholder for platform launch. A finalised policy will be published before paid subscriptions go live. Use of the free tier constitutes acceptance of the policy on this page at the time of use.

1. What we collect

When you check an entity, AVA records the entity you submitted, the verdict produced, the signals cited, and timestamps. When you sign in, AVA records an identifier issued by your chosen provider (Google, GitHub, Microsoft, LinkedIn, Facebook, Apple), your provider-supplied email, and the time you last accepted these terms. When you use a messaging platform integration (Telegram, Discord, Slack, WhatsApp), AVA stores the platform identifier and the channels the bot is authorised to monitor.

AVA also records the IP address your request arrives from, and a coarse location derived from it by our network provider (country, and where available region and city). This supports security, abuse prevention, and understanding where the service is used.

2. What we don't collect

AVA does not collect payment card details. Payments are handled by Stripe or the equivalent platform provider. AVA does not read message content from connected platforms beyond what is required to check entities present in those messages.

3. How we use it

We use submitted entities and verdicts to operate the service, improve detection quality, and publish high-confidence verdicts to community intelligence channels. We do not sell individual customer data.

4. Retention

Check records are retained for a period appropriate to your plan. Operator logs for debugging and security incident response are retained for up to 90 days. Delete-on-request is available at any time by emailing [email protected].

Raw IP addresses are automatically deleted after 30 days. The coarse location derived from them (country, and where available region and city) is retained afterwards, no longer linked to your IP address. We also keep non-identifying aggregate counts of activity by location indefinitely.

5. Data residency

AVA's production environment runs in AWS ap-southeast-2 (Sydney). Some third-party services we consult during analysis operate in other regions; queries made to those services leave ap-southeast-2.

6. Your rights

You can request a copy of the data we hold about you, correct it, or have it deleted, by emailing [email protected]. We aim to respond within 30 days.

Back to AVA · Terms of Service