🎉 DirayahAI is now live — Get started free, no credit card required.
D
DirayahAI
Start free →

Privacy Policy

Last updated: 03 April 2026

1. Introduction

DirayahAI ("we", "us", "our") is committed to protecting your personal data. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data. By using our Service, you agree to this policy. For questions about how your data is used within the Service, see also our Terms of Service.

2. Data We Collect

We collect the following categories of data:

  • Account data: name, email address, company name, mobile number, country.
  • Usage data: chatbot interactions, document uploads, API usage metrics, session activity.
  • Billing data: handled entirely by our payment processor — we do not store card details or payment instrument data on our servers.
  • Technical data: IP address, browser type, access logs retained for security and abuse prevention purposes.

3. How We Use Your Data

We use your data to:

  • Provide, maintain, and improve the Service
  • Process payments and manage your subscription via our authorised payment processor
  • Send transactional emails including account notifications, email verification, and usage alerts
  • Detect and prevent abuse, fraud, or security incidents
  • Comply with applicable legal obligations

We do not sell, rent, or trade your personal data to third parties for marketing or advertising purposes.

4. Document Content and Storage

Documents you upload are processed and stored as text chunks in a vector database for the sole purpose of powering your chatbot. Raw document files are not retained after processing is complete — only the extracted text chunks and document metadata (title, summary) are stored. You may delete your documents at any time from the dashboard, which permanently removes all associated chunks and embeddings.

Document content is transmitted to third-party AI providers to generate chatbot responses. See Section 11 for full details on sub-processors.

We do not use your document content for any purpose beyond delivering the Service to you, and we do not permit third-party AI providers to use your content for model training.

5. Tenant Data Isolation

Every account operates in a fully isolated environment. Your documents, embeddings, chat sessions, and user data are never shared with or accessible to other tenants on the platform. Access controls are enforced at the database level on every query.

6. Data Retention

We retain your account data for as long as your account is active. Upon account deletion, your data is retained for 30 days before permanent and irreversible deletion. Chat logs and document data are deleted immediately upon domain deletion. Billing records may be retained longer where required by law.

7. Your Rights

You have the right to:

  • Access — request a copy of the personal data we hold about you
  • Correction — request correction of inaccurate or incomplete data
  • Deletion — request permanent deletion of your account and associated data
  • Portability — request your data in a structured, machine-readable format
  • Objection — object to processing of your data in certain circumstances

To exercise any of these rights, contact us at contact@dirayahai.com. We will respond within 30 days.

8. Cookies

We use only essential session cookies required for authentication and maintaining your logged-in state. We do not use tracking, analytics, or advertising cookies. No cookie consent banner is required as no non-essential cookies are set.

9. Security

We implement industry-standard security measures including encrypted data transmission (TLS 1.2+), bcrypt-hashed passwords, JWT-based authentication, and access-controlled cloud infrastructure. No method of transmission over the internet is 100% secure — we cannot guarantee absolute security, but we take all reasonable steps to protect your data.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users by email of any material changes at least 7 days before they take effect. Continued use of the Service after changes constitutes acceptance of the updated policy.

11. Sub-processors

We use the following third-party services to operate the platform. Each processes data only to the extent necessary to provide their specific function:

  • OpenAI — AI language model processing for chatbot response generation. Privacy Policy
  • Anthropic — AI language model processing for chatbot response generation. Privacy Policy
  • Railway — cloud infrastructure, API hosting, and PostgreSQL database hosting. Privacy Policy
  • Resend — transactional email delivery (account notifications, alerts). Privacy Policy
  • Dodo Payments — subscription billing and payment processing. We do not store card details. All payment data is handled directly by Dodo Payments as our Merchant of Record. Privacy Policy

We do not permit any sub-processor to use your data for their own purposes, including model training or advertising.

12. Contact and Data Controller

DirayahAI is operated by an individual developer. For all privacy-related enquiries, data access requests, or deletion requests, contact:

Muhammad Shahroz Khan

Dubai, United Arab Emirates

contact@dirayahai.com

LinkedIn Profile

See also our Terms of Service.