Privacy Policy

Last updated: March 22, 2026

This Privacy Policy describes how ezvo ai ("we", "us", or "Service"), operated by an individual self-employed person (INN: 771689440380), collects, uses, and protects your personal information when you use our browser extension and web application at ai.ezvo.dev.

1. Information We Collect

Account information: When you register, we collect your email address and a hashed password. We do not store your plain-text password.

Usage data: We log the number of tokens used per request (input and output counts), image generation events, and the AI model used. We do not log the content of your conversations.

IP address: Your IP address is used to detect your country (for showing the appropriate payment method) and for security purposes such as rate limiting. We do not permanently store IP addresses beyond server access logs, which are retained for up to 30 days.

Payment information: We do not store your card details. Payments are processed by Robokassa (for Russia) and Paddle (for international users). We receive only a transaction confirmation and the amount paid.

Analytics events: We collect anonymized in-app events (e.g., "chat sent", "model used") to understand how the Service is used. These do not include conversation content.

2. How We Use Your Information

• To provide and maintain the Service (authentication, plan enforcement, usage limits).
• To send transactional emails (account confirmation, payment receipts, password reset).
• To detect your country and display the appropriate payment form.
• To monitor for abuse and enforce our Terms of Service.
• To improve the Service based on aggregated, anonymized usage statistics.

We do not sell, rent, or trade your personal data to third parties for marketing purposes.

3. Third-Party Services

We use the following third-party services to operate the Service:

• Anthropic (Claude): Your messages are processed by Anthropic's API to generate AI responses. Anthropic's Privacy Policy applies.
• OpenAI (GPT, DALL-E): Your messages and image generation prompts are processed by OpenAI's API. OpenAI's Privacy Policy applies.
• Robokassa: Payment processor for Russia. Processes card transactions. Robokassa Privacy Policy.
• Paddle: Payment processor for international users. Acts as Merchant of Record. Paddle Privacy Policy.
• Brevo (Sendinblue): Email delivery service for transactional emails.
• ip-api.com: Used to detect the country of visitors to our payment page, based on IP address. No personal data is stored by this service beyond the lookup request.

We share only the minimum data necessary with each third-party provider to fulfil their function.

4. Data Retention

• Account data: Retained for as long as your account exists. Deleted within 30 days of an account deletion request.
• Usage logs: Retained for up to 12 months for billing verification and abuse prevention, then deleted.
• Server access logs: Retained for up to 30 days, then automatically deleted.
• Payment records: Retained as required by applicable law (typically 5 years for tax purposes).

5. Cookies and Local Storage

The ezvo ai browser extension stores your authentication token and user preferences (such as language and selected AI model) in browser local storage. This data stays on your device and is not transmitted to our servers except as necessary to authenticate API requests.

Our website does not use tracking cookies or analytics cookies. We do not use Google Analytics or similar third-party tracking tools.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of your personal data.
• Correction: Request correction of inaccurate data.
• Deletion: Request deletion of your account and associated data.
• Portability: Request your data in a machine-readable format.
• Objection: Object to processing based on legitimate interests.

To exercise these rights, contact us at support@ezvo.dev. We will respond within 30 days.

Users in Russia also have rights under Federal Law No. 152-FZ "On Personal Data".

Users in the European Economic Area have rights under the GDPR. If you believe your rights have been violated, you may lodge a complaint with your local data protection authority.

7. Data Security

We implement industry-standard security measures: HTTPS encryption for all data in transit, hashed passwords (bcrypt), and access controls on our servers. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

8. Children's Privacy

The Service is not directed at children under the age of 13 (or 16 in some jurisdictions). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users by email when we make material changes. The updated policy will be posted on this page with a new "Last updated" date.

10. Contact

Terms of Service · Refund Policy · Pricing · Buy access