Privacy Policy
Elyan is an intelligence-based agent system that separates a local-first desktop runtime from a hosted control-plane. This policy explains what data we process, why we process it, how permissions work, and how you can delete your account or request support. Effective date: June 22, 2026.
1. Scope and Contact
This policy applies to the Elyan website, Elyan Mobile, Elyan Desktop, and Elyan control-plane services.
For privacy, account, access, correction, export, or deletion requests, contact us at support@elyan.dev.
2. Data Categories We Process
Account data: email address, user identifier, session data, authentication method, and records needed for secure account management.
Device and pairing data: paired device identifiers, device type, connection state, runtime readiness, last heartbeat time, and technical metadata needed for secure task routing.
Task and chat data: prompts you write, task status, responses, artifact metadata, error states, and limited context needed for conversation continuity.
Support data: contact information, messages, and troubleshooting details you provide when asking for help.
Subscription data: subscription status, plan information, and store-provided transaction metadata needed to verify purchases from the App Store or Google Play. Elyan does not store full payment card numbers.
3. Permissions, World Signals, and Sensitive Context
Elyan asks for permissions only when a feature needs them. Calendar, time, device state, notifications, health/activity signals, and similar device context are not used unless you enable the related feature or grant permission.
When these signals are supported, Elyan processes them as limited summary context packets, not as a raw data dump. For example, sleep, energy, activity, or schedule pressure may temporarily support conversation quality.
Health and wellness signals are not used for medical diagnosis, treatment, emergency assessment, or permanent health profiling. Elyan is not a medical service or emergency response system.
4. Local-First Architecture and File Processing
Elyan Desktop protects a local-first boundary for private files, local tools, and device-side work context. The local runtime executes private computer actions on the user's device.
When you attach a file, image, PDF, table, or document, Elyan processes it only to complete the task. If a file must be sent to the server, the transfer is limited to the explicit task context; where possible, Elyan uses summaries, metadata, or processed packets instead of raw data.
Your private files are not used for advertising, profiling, or external marketing.
5. Elyan Intelligence Layer and Secure Infrastructure
Elyan manages response generation, task routing, authentication, databases, notifications, and security through its own intelligence layer and secure operating infrastructure.
Data use is limited to what is necessary to operate the service. Your personal data is not sold for advertising or external marketing.
Elyan is presented as a single product identity. User content is not used for model development outside explicit consent or the task context required to operate the service.
6. Retention, Account Deletion, and Data Rights
Account data is retained while your account is active or as long as required for legal, security, billing, or operational obligations. Temporary task logs and technical error records are kept only as long as operationally needed.
You can delete your account from the Settings or Account area in the app, or contact support@elyan.dev. A dedicated deletion page is available at /en/data-deletion.
After account deletion, identity data, chat history, paired device links, and user-linked task records are deleted or anonymized within a reasonable technical period. Payment, security, and dispute records that we are legally required to keep may be retained for the required period.
You may request access, correction, export, restriction, or deletion of your data by contacting support@elyan.dev.
7. Security
Elyan uses authentication, authorization, secure device pairing, session controls, and access boundaries to protect your data.
No internet service can guarantee absolute security. If you notice suspicious access, a vulnerability, or unusual account activity, contact support@elyan.dev.
8. Children's Privacy
Elyan is not intended for children under 13. If we learn that personal data from a child under 13 has been processed, we will take appropriate steps to delete it after verification.
9. International Transfers and Policy Updates
Elyan services may run through secure infrastructure components located in different regions. In those cases, data is processed with safeguards needed to provide and secure the service.
We may update this policy as the product, law, or app store requirements change. Significant changes may be announced on the website, in the app, or by email.