Skip to main content

Privacy Policy

Auryth TX

Last updated: April 1, 2026

1. Who we are

Auryth ("we", "us") operates Auryth TX, an AI-powered legal research platform for tax professionals.

2. What data we collect

Account data

Email & display name

Provided at sign-up

Password

Stored as a cryptographic hash, never in plain text

Professional role

Optional — used to personalize results

Usage data

Queries & responses

Submitted queries, generated answers, session history

Credit consumption

Plan usage and feedback ratings

Personal library

Uploaded documents

Stored securely and isolated per user

Technical data

IP address & browser

Device information for security and diagnostics

Error logs

Performance metrics for service reliability

3. How we use your data

Providing the Service

Processing your queries, generating responses, managing your account and subscription.

Improving the Service

Aggregated, anonymized usage patterns to improve relevance and accuracy.

Communication

Account notifications, service updates, billing communications.

Legal compliance

As required by applicable law.

We do not use your data for AI training.

Your queries, your documents, and your results are never used to train any AI model. Your data stays yours.

4. Data processing and storage

Account & usage data

Stored in AWS (eu-north-1, Stockholm).

Document embeddings

Stored in Qdrant (vector database), isolated per user with structural partitioning.

Uploaded files

Stored in AWS S3, isolated per user with path-based and key-based access controls.

Query processing

Queries are processed by Anthropic (Claude) and OpenAI language models. Query text and relevant legal corpus excerpts are sent to these providers for response generation. These providers do not retain your data for training.

5. Payment data

We do not store credit card numbers, bank details, or other payment instruments.

All payment processing is handled by Paddle.com Market Limited, our Merchant of Record. Paddle's privacy policy applies to payment data: paddle.com/legal/privacy.

6. Data sharing

We share data only with:

Paddle

Payment processing and invoicing

Anthropic / OpenAI

Query processing (no data retention by these providers)

AWS

Infrastructure hosting

Law enforcement

Only when legally required

We do not sell your data. We do not share your data with advertisers.

7. Your rights (GDPR)

If you are in the EU/EEA, you have the right to:

Access

Request a copy of your personal data

Rectify

Correct inaccurate data

Delete

Delete your account and associated data

Export

Receive your data in a portable format

Object

Object to processing based on legitimate interests

Restrict

Restrict processing in certain circumstances

To exercise these rights, contact [email protected]. We will respond within 30 days.

8. Data retention

Account data

Retained while your account is active, deleted within 90 days of account deletion.

Query history

Retained while your account is active. You can delete individual sessions at any time.

Uploaded documents

Deleted immediately when you remove them, or within 90 days of account deletion.

Anonymized metrics

Retained indefinitely for service improvement.

9. Security

All data is encrypted in transit (TLS) and at rest (AES-256).
User documents and library data are isolated per user with multi-layer access controls.
Access to production systems is restricted and logged.

10. Cookies

We use only essential cookies for authentication (session tokens). We do not use tracking cookies or third-party analytics.

11. Changes to this policy

We will notify you of material changes to this policy via email at least 14 days in advance.

12. Contact

Data protection inquiries: [email protected]