← Back to home

Privacy Policy

Last updated: April 2026

Our Commitment to Data Sovereignty

Aigis is built on the principle that your career data belongs to you. We are a Sovereign Candidate Platform — meaning you control who can access your AI Twin, for how long, and you can revoke access or delete your data at any time.

What Data We Collect

  • Account data: Your email address, used for authentication via magic links.
  • Profile data: Name, professional role, skills, experience, and projects you provide.
  • Documents: Resumes, portfolios, and other files you upload to train your AI Twin.
  • Usage data: Access logs showing when and how your share links are used (visible to you on your dashboard).

How We Store Your Data

  • All candidate content (documents, transcripts, journals, profiles) is encrypted at rest using AES-128-CBC via Fernet. Encryption keys are managed at the application layer and never exist on the database server.
  • Personal information such as email addresses uses hash-based lookups — the database stores only encrypted values and SHA-256 hashes, never plaintext.
  • Authentication tokens are stored as one-way SHA-256 hashes, never in plaintext.
  • Uploaded files are encrypted before writing to disk.
  • All connections use PostgreSQL with encrypted transport (TLS).
  • Railway provides additional disk-level encryption as a baseline layer.

How We Use Your Data

Your data is used exclusively to power your AI Twin. We do not:

  • Sell your data to third parties.
  • Use your data to train AI models beyond your own Twin.
  • Share your profile with anyone you haven't explicitly granted access to.

Your Rights

  • Access: View all data we hold about you on your dashboard.
  • Portability: Download your profile and documents at any time.
  • Deletion: Permanently delete all your data or your entire account from Settings > Account.
  • Revocation: Revoke any share link or connected agent access instantly.

Third-Party Services

We use the following services to operate Aigis:

  • Google Gemini: AI model powering your Twin's responses (your queries are processed but not stored by Google for training).
  • Resend: Email delivery for magic link authentication.
  • Railway: Infrastructure hosting.

Contact

Questions about your data? Contact us at hello@aigis.bio