Privacy Policy
Last updated: 25 April 2026
1. Introduction
This Privacy Policy explains how Aeris ("we", "us", or "our") collects, uses, discloses, and protects personal data when you use our Service. It applies to all users — business owners (admin accounts) and their end customers who interact via the public chat widget.
We are committed to complying with the Personal Data Protection Act 2010 (PDPA) of Malaysia.
2. Data We Collect
2.1 Account Data (Admin Users)
When you register for an account:
- Email address and password (managed by Supabase Auth)
- Subscription and billing details (plan, billing cycle, invoice history)
- Locale and timezone preferences
2.2 Business Configuration Data
Data you enter to configure the Service:
- Business name, description, and profile settings
- Appointment categories, availability windows, menu items, staff records, locations, rental units, FAQ entries
- Module settings and preferences
2.3 Operational Data
Data generated through normal use:
- Conversation and message history (including AI responses)
- Food orders, appointments, shift records, inventory movements
- Scheduled task configurations
- Pending actions and job logs
2.4 Usage and Analytics Data
- Daily AI request counts and usage logs
- Session activity: timestamp, IP address, country (derived via GeoIP lookup), browser/device (User-Agent)
- System event logs (tool calls, job outcomes)
2.5 Guest / End-Customer Data
When your end customers interact with your public chat widget:
- Chat messages sent to the widget
- Name, email, or phone number if provided during a booking or order
- IP address and country (session activity logging, 5-minute debounce)
We act as a data processor for end-customer data on your behalf. You are the data controller for that data and are responsible for informing your customers about its collection and use.
3. How We Use Your Data
| Purpose | Legal Basis (PDPA) |
|---|---|
| Providing and operating the Service | Contractual necessity |
| Billing and invoice generation | Contractual necessity |
| AI response generation (sent to AI providers) | Contractual necessity / legitimate interest |
| Session activity logging for security and analytics | Legitimate interest |
| Sending transactional emails (invoices, support) | Contractual necessity |
| Improving the Service | Legitimate interest |
| Complying with legal obligations | Legal obligation |
We do not sell your personal data to third parties.
4. Data Sharing
We share data with the following categories of third parties, solely to operate the Service:
| Third Party | Purpose | Where |
|---|---|---|
| Supabase | Database hosting and authentication | Your chosen Supabase region |
| Anthropic / MiniMax / Gemini / Ollama | AI model inference (conversation messages are sent) | Varies by provider; defaults to Anthropic (US) |
| Resend | Transactional email delivery | US |
| Calendar integration (if enabled) | US | |
| Brave | Web search results (if enabled) | US |
| Redis / BullMQ host | Job queue processing | Your infrastructure |
We require all sub-processors to maintain appropriate data protection standards.
5. Data Retention
| Data Type | Retention Period |
|---|---|
| Account and business config data | For the life of your account + 30 days after termination |
| Conversation and message history | For the life of your account + 30 days after termination |
| Session activity logs | Cleaned up periodically; raw logs purged after 90 days |
| Invoice records | 7 years (tax and accounting compliance) |
| End-customer chat data | For the life of your account + 30 days after termination |
After retention periods expire, data is permanently deleted and cannot be recovered.
6. Data Security
We implement the following technical and organisational measures:
- Encryption in transit: All data transmitted between your browser, the frontend, and backend is encrypted via HTTPS/TLS.
- Encryption at rest: Data stored in Supabase (Postgres) is encrypted at rest by Supabase.
- Access control: Row-Level Security (RLS) policies in the database enforce per-account data isolation. Service-role access is limited to backend processes only.
- API key management: API keys and secrets are stored as environment variables and never exposed to clients.
- Authentication: Managed by Supabase Auth with JWT-based bearer tokens.
No system is completely secure. In the event of a data breach that affects your personal data, we will notify you as required by applicable law.
7. Cookies and Local Storage
The Service uses browser localStorage for:
- Session preferences (developer mode toggle, invoice acknowledgement state)
- Authentication tokens (managed by Supabase SSR)
We do not currently use third-party tracking cookies or advertising pixels.
8. Your Rights
Under the PDPA and general data protection principles, you have the right to:
- Access the personal data we hold about you
- Correct inaccurate or incomplete personal data
- Delete your personal data (subject to legal retention requirements)
- Withdraw consent where processing is based on consent
- Data portability — request an export of your data before account deletion
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
EU/EEA users: If you are located in the EU or EEA, you have additional rights under the GDPR, including the right to lodge a complaint with your local supervisory authority. Please note this Service is not specifically directed at EU residents; if you have EU customers, consult a GDPR specialist regarding your obligations as a data controller.
9. Children's Privacy
The Service is not directed to individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected data from a minor, contact us and we will delete it promptly.
10. International Data Transfers
Your data may be processed in countries outside Malaysia (e.g. the US, where Anthropic and Supabase infrastructure may be hosted). We take reasonable steps to ensure adequate protection is in place for such transfers, including contractual safeguards with sub-processors.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notice at least 14 days before taking effect. The "Last updated" date at the top of this page always reflects the current version.
12. Contact
If you have questions, concerns, or requests regarding this Privacy Policy or your personal data:
Email: [email protected]
Company: AerisOS Technologies
We aim to respond to all privacy-related enquiries within 30 days.