1) Scope

This policy covers CyberAI websites, courses & downloads, AI Tutor, CyberAI VPN (desktop app and Chrome extension), and any other services that link to it (collectively, the "Service"). It does not cover third-party sites we link to or embed; review their policies separately.

2) Data We Collect

3) Where Data Comes From

4) How We Use Data

5) AI Tutor & Model Providers

Don't paste secrets you're not authorized to share. Validate model outputs before use; the AI Tutor is educational, not professional advice.

When you chat with the AI Tutor, we process your prompts, conversation history, and usage telemetry to deliver responses, safety-check content, and improve quality. Depending on your plan and settings, we may route requests through reputable AI providers as processors (e.g., model APIs). We minimize data shared and use secure transport. We do not sell your personal information.

Enterprise/workspace settings can restrict logging or retention; contact us for a DPA.

6) CyberAI VPN & No-Logs Policy

CyberAI VPN is designed to protect your privacy. We do not monitor, store, or log the content of your VPN traffic.

What we do not log

Minimal data we may process

During development, some VPN features may operate in a simulated mode. Our no-logs commitment applies to production VPN infrastructure. See our Terms of Service — CyberAI VPN for acceptable use.

7) Cookies, Local Storage & Analytics

We use necessary cookies for login and session security, preference cookies (e.g., theme), and optional analytics to understand feature usage. You can control cookies in your browser; some features may not work without them.

8) Sharing & Subprocessors

We share data with vendors who help us run the Service, under contracts that limit use:

We may disclose information to comply with law, enforce terms, or protect rights/safety. We do not sell your personal information.

9) Data Retention

We keep personal data only as long as needed to provide the Service and for legitimate business or legal purposes (e.g., tax, security). VPN authentication tokens expire within minutes and are not retained as traffic logs. You can request deletion as described below.

10) Security

We use reasonable technical and organizational measures (TLS in transit, role-based access, least privilege, logging). No method is 100% secure; please use a strong unique password and enable device protections.

11) Children's Privacy

The Service is not directed to children under 13 (or the minimum age in your jurisdiction). If we learn we've collected data from a child without verifiable parental consent, we'll delete it.

12) International Data Transfers

We may process data in countries other than where you live. Where required, we use appropriate safeguards (e.g., SCCs/DPAs) for cross-border transfers.

13) Your Rights

You may have the following rights, subject to local laws:

To exercise rights, email [email protected]. We may need to verify your identity. You may also contact your local data protection authority.

CCPA/CPRA (California)

14) Your Choices

15) Changes to this Policy

We may revise this policy as our services evolve. We'll post updates here and adjust the date below. Material changes may also be announced in-app or by email.

Last updated: 2026-07-03.

16) Contact Us

Email: [email protected]

Support: [email protected]

Address:
CyberAI
Edmonton, Alberta, Canada