EchoIQ
Privacy PolicyTerms & Conditions

Privacy Policy

Effective: March 21, 2026Version 2.0
1

Introduction

This policy explains how we handle your data.

2

Data Controller

Contact support@pleisys.com

3

Data We Collect

  • firstName, lastName (separate fields)
  • country/state/city
  • device tokens for push notifications
  • DOB with validation
  • Account info
  • Conversation data
  • Usage data
  • Payment data
4

How We Use Data

  • Service delivery
  • Security
  • Communication
  • Proactive token refresh
  • notification opt-in defaults
5

Third Parties

  • AssemblyAI
  • Anthropic Claude
  • AWS
  • Stripe and Razorpay
6

Security

  • AES-256-GCM encryption
  • TLS 1.2+
  • RBAC
  • Audit logging
  • Encryption mandatory
  • Session invalidation on password reset
  • All UserSession records deleted
  • S3 deletion blocks account deletion
7

Retention

  • Account data while active
  • Audit logs 1 year
  • Invoices 7 years
8

Your Rights

  • Export data as JSON
  • Delete account
  • Manage consent
  • Data export now includes 16 categories (v1.2)
  • Consent management (4 types: data_processing, marketing, analytics, third_party_sharing)
  • Data & Privacy settings page in webapp
9

Consent

Notification defaults opt-in, consent toggles in settings, data_processing consent required and cannot be revoked

10

Contact

support@pleisys.com

Was this policy easy to understand?