NeuroFSNeuroFS

PRIVACY

How NeuroFS collects, processes, and protects your data.

Effective DateJanuary 1, 2025
§ 01

What We Collect

We collect only the data necessary to operate and improve the NeuroFS routing service:

  • Account identifiers from Google or GitHub OAuth (name, email, provider ID).
  • API usage metadata: request counts, routing decisions, timestamps, latency.
  • System and error logs retained for operational monitoring.
  • Cookie and session data for authentication continuity.
§ 02

How We Use It

Your data is used exclusively to deliver and improve the NeuroFS service:

  • Authenticate you and manage your session and API keys.
  • Route prompts through the semantic cube and compute activation patterns.
  • Analyze aggregate usage to tune Hebbian edge weights and improve accuracy.
  • Send essential service communications (security alerts, major updates).
§ 03

Data Retention

We retain data only as long as necessary for the stated purpose:

  • Account data: retained for the lifetime of your account.
  • API usage logs: retained for up to 90 days, then purged.
  • Routing activation data: retained in anonymized, aggregated form indefinitely to improve the model.
  • Deleted accounts: all personal data purged within 30 days of deletion request.
§ 04

Third Parties

We use a minimal set of third-party providers to operate the service:

  • Google and GitHub: OAuth authentication only. We do not receive your passwords.
  • Infrastructure providers: hosting and database — bound by data processing agreements.
  • We do not sell, rent, or trade your personal data to any third party.
  • We do not use your data for advertising or behavioral profiling.
§ 05

Cookies

We use cookies and similar technologies for the following purposes:

  • Session cookies: maintain your authenticated state across requests.
  • Preference cookies: remember consent and UI preferences.
  • Analytics: aggregate, anonymized usage patterns — no cross-site tracking.
  • You can decline non-essential cookies via the cookie banner.
§ 06

Your Rights

Depending on your jurisdiction, you have the following rights regarding your personal data:

  • Access: request a copy of the data we hold about you.
  • Correction: request correction of inaccurate data.
  • Deletion: request deletion of your account and all associated personal data.
  • Portability: request your data in a machine-readable format.
  • Objection: object to certain processing activities.
§ 07

Security

We implement industry-standard security practices to protect your data:

  • All data in transit is encrypted via TLS 1.2+.
  • API keys are signed with HS256 JWTs — never stored in plaintext.
  • Database access is restricted to internal service accounts.
  • Security incidents are disclosed to affected users within 72 hours.
§ 08

Contact

For privacy-related requests or questions about your personal data, reach out via GitHub:

  • github.com/Demoen
  • Data deletion requests are processed within 30 days of contact.

See also: Terms of Service