1. Overview
LEBILIX LLC, a company registered in the United States of America ("we," "our," or "us"), operates the AITODEXdocument intelligence platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and protect your information when you access or use the Service.
By creating an account or using AITODEX, you acknowledge and consent to the practices described in this Privacy Policy. If you do not agree with any part of this policy, you should discontinue use of the Service.
2. Data We Collect
2.1 Account Information
When you register, we collect:
- Email address (required for authentication)
- Display name (optional, used in documents)
- Phone number (optional)
- Password (stored as a one-way cryptographic hash — we never see your plaintext password)
2.2 Document Content
When you use the editor, we store the content you create — including text, titles, page structures, and settings. This content is stored in our database under your account and is private to you.
2.3 AI Interaction Data
When you use AI features (writing assistant, translator, diagram generator, etc.), your input prompts may be processed by configured AI providers. We limit retention of AI request data to what is reasonably necessary for service delivery, security, troubleshooting, and legal compliance. Please review Google's Privacy Policy and applicable provider terms for details on provider-side processing.
2.4 Usage & Technical Data
We automatically collect technical data when you use the Service:
- IP address and approximate geolocation (country-level)
- Browser type and version
- Device type and operating system
- Pages visited and features used
- Session timestamps and duration
- Error logs for debugging
- Analytics identifiers (cookie/device identifiers) when analytics or marketing tools are enabled
2.5 Billing Data
Payment transactions are processed by Polar.sh. We do not store your credit card numbers or payment instrument details. We receive a transaction confirmation and your subscription status from Polar after a successful payment.
2.6 Categories of Personal Data (US State Law Mapping)
In the preceding 12 months, we may have collected the following categories, depending on your usage:
- Identifiers (e.g., email address, account ID, IP address, online identifiers)
- Commercial information (subscription plan, billing status, transaction metadata)
- Internet or network activity (app events, page interactions, feature usage)
- Approximate geolocation data (derived from IP at country/region level)
- Professional or employment-related information you provide voluntarily
- Inferences drawn from usage data to improve product functionality and safety
- Sensitive data only where required for service operation or legal compliance
3. How We Use Your Data
| Provide the Service | Authenticate you, store your documents, process AI requests |
| Improve the Service | Analyze usage patterns (in aggregate) to improve features |
| Analytics & SEO | Measure traffic, optimize page performance, and improve search visibility |
| Marketing Performance | Measure campaign effectiveness and conversion events where enabled |
| Billing & Subscriptions | Manage plan limits, process upgrades/downgrades via Polar |
| Support | Respond to emails and resolve issues you report |
| Security | Detect fraud, abuse, and unauthorized access |
| Legal Compliance | Meet obligations under applicable law |
We do not sell personal data. We do not intentionally use private user document content to train public AI models. We may process limited data through service providers acting on our behalf.
4. Legal Bases for Processing (EU/UK GDPR)
If you are in the European Economic Area, Switzerland, or the United Kingdom, we process personal data under one or more lawful bases:
| Contract Performance (Art. 6(1)(b)) | Create and manage accounts, provide core SaaS functionality, billing, and support |
| Legitimate Interests (Art. 6(1)(f)) | Service security, fraud prevention, reliability, analytics, and product improvement |
| Consent (Art. 6(1)(a)) | Non-essential cookies, marketing pixels, and optional communications where required |
| Legal Obligation (Art. 6(1)(c)) | Tax, accounting, compliance, and lawful disclosure obligations |
Where consent is the legal basis, you may withdraw consent at any time without affecting prior lawful processing.
6. International Data Transfers
Because we operate globally, your personal data may be transferred to and processed in countries outside your country of residence. Where required, we implement recognized safeguards for cross-border data transfers, including contractual and organizational protections (such as Standard Contractual Clauses where applicable).
You may contact us for additional information about transfer safeguards relevant to your jurisdiction.
7. Data Storage, Retention & Security
We implement administrative, technical, and organizational safeguards designed to protect personal data against unauthorized access, disclosure, alteration, and destruction.
- Encryption and transport-security controls where appropriate
- Access controls, least-privilege permissions, and credential protection
- Monitoring, logging, and security incident response procedures
- Business continuity, backup, and recovery controls
- Periodic review and improvement of security practices
Despite these measures, no system is 100% secure. We encourage you to use a strong, unique password and to report any suspected security issues to privacy@aitodex.com.
9. AI Features & Your Content
When you use AI features, your prompts may be processed by one or more providers including Google Gemini, OpenAI, and Anthropic Claude (depending on configuration, availability, and fallback routing). We apply controls intended to limit unnecessary exposure of content and metadata. For provider-specific terms and privacy details, review: Gemini API Terms of Service and OpenAI Privacy Policy and Anthropic Privacy Policy.
10. Global Privacy Rights
Depending on your jurisdiction, you may have the following rights:
- Access — request a copy of the personal data we hold about you
- Correction — update or correct inaccurate information in your account settings
- Deletion — request deletion of your account and associated data
- Portability — request an export of your documents in a machine-readable format
- Objection — object to certain uses of your data
- Restriction — request we restrict processing in certain circumstances
To exercise any of these rights, email us at privacy@aitodex.com. We will respond within the time required by applicable law. You may also delete your account directly from the Account settings page when this option is available.
8.1 Data Retention
We retain personal data only as long as necessary for legitimate business purposes, legal obligations, dispute resolution, and enforcement of agreements. Retention periods vary by data category and jurisdiction.
10.2 Automated Decision-Making
We do not make solely automated decisions that produce legal or similarly significant effects on individuals without appropriate safeguards required by applicable law.
11. US State Privacy Notices (including California)
11.1 Notice at Collection
At or before collection, we provide notice of categories of personal information collected, the purposes of use, retention criteria, and whether data is sold or shared under applicable law.
11.2 US Consumer Rights
Eligible residents may have rights to:
- Know/access categories and specific pieces of personal information
- Correct inaccurate personal information
- Delete personal information (subject to legal exceptions)
- Data portability
- Opt out of sale/sharing for targeted advertising and certain profiling
- Limit use/disclosure of sensitive personal information where applicable
- Non-discrimination for exercising privacy rights
11.3 Global Privacy Control (GPC) and Opt-Out Signals
Where required by law, we honor recognized browser-based universal opt-out signals (including GPC) for applicable processing contexts.
11.4 Authorized Agents and Appeals
Where permitted by law, you may submit requests through an authorized agent. If we deny a request, you may have appeal rights under certain state laws.
12. Children's Privacy
The Service is not directed to children and we do not knowingly collect personal data from minors where prohibited by applicable law. If you believe a child has provided us with personal data, please contact us at privacy@aitodex.com and we will delete it promptly.
13. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last Updated" date at the top of this page. For material changes, we will notify you via email or an in-app notification at least 14 days before the change takes effect.
Continued use of the Service after the effective date constitutes acceptance of the updated policy.
14. Contact, Data Controller & Complaints
The data controller for the purposes of applicable data protection law is:
| Company | LEBILIX LLC |
| Product | AITODEX |
| Privacy inquiries | privacy@aitodex.com |
| General support | support@aitodex.com |
| Website | https://aitodex.com |
We strive to respond to all privacy-related inquiries within 5 business days.
If you are in the EEA/UK/Switzerland, you may also lodge a complaint with your local data protection authority. We encourage you to contact us first so we can try to resolve your concern promptly.