We take reasonable steps to protect the information you share with balance pi. This policy describes what safeguards are in place. We do not claim perfect security — no online service can. We describe only controls that are genuinely implemented; we do not make aspirational claims.
All communication between your browser and the balance pi server is encrypted using TLS (HTTPS). Data is not transmitted in plaintext over the network.
User authentication is handled by a dedicated authentication service that provides industry-standard password hashing, email verification, and session token management. Passwords are never stored in plaintext. Access to the session API requires a valid authenticated session token.
An optional invite-code gate can be enabled by the operator to restrict access to the service during limited-access periods.
Information you enter during sessions — your inputs, responses, and session content — is processed by balance pi's underlying AI processing engine and is subject to that provider's own data handling and security practices. Session content is not stored server-side by balance pi beyond what is necessary to deliver your current session response.
Your account registration data (name, email, and optional fields) is stored with our authentication and account data provider, under its own infrastructure security controls.
Session content is not persistently stored on balance pi's servers. Account data is retained for as long as you have an active account. To request deletion of your account and associated data, email privacy@balancepi.com. We will action deletion requests within a reasonable timeframe.
LocalStorage data on your device (session history, preferences) is under your control and can be cleared at any time via your browser settings.
No internet-based service is completely secure. Despite the safeguards described above, we cannot guarantee that data will never be subject to unauthorised access, disclosure, alteration, or loss. You use the service understanding this inherent limitation.
If we become aware of a security incident that affects your data, we will take reasonable steps to investigate and address it. Where required by applicable law, we will notify affected users and relevant authorities. We do not make specific response-time guarantees.
balance pi relies on the following third-party infrastructure. Their security practices are governed by their own policies:
If you discover a potential security vulnerability in balance pi, please report it responsibly to privacy@balancepi.com. We will acknowledge your report and investigate promptly.
We will update this policy if our security practices change materially. We will not add claims for controls we have not implemented. The version date above reflects the most recent update.