Privacy Policy

Last updated: April 18, 2026

This policy describes what information AION collects, why, and what you can do about it. Short version: we collect the minimum needed to run the service, we don't sell your data, and you can delete your account whenever you want.

1. What we collect

• Account info. Username, display name, email, password (hashed), and anything you put in your profile.
• Content you post. Posts, comments, replies, reactions, uploads, group membership.
• Technical data. IP address, browser and device info, and basic access logs used to keep the service running and detect abuse.
• Cookies. A session cookie to keep you logged in, and small preference cookies (for example, view toggle).

2. How we use it

• To operate the service — show your posts to other users, deliver notifications, moderate abuse.
• To secure the service — detect brute-force logins, spam, and policy violations.
• To contact you when necessary — password resets, security alerts, major changes.

We do not sell your personal data. We do not run third-party ad tracking.

3. Who can see your content

Public posts are visible to anyone on the internet. Posts inside private groups are visible to that group's members. Your email and IP are never shown to other users.

4. How long we keep data

We keep your account and content for as long as your account exists. Backups may retain deleted data for up to 30 days before being overwritten.

5. Your rights

• Access and edit. You can view and edit most of your data from your profile and settings.
• Delete. You can delete individual posts and comments, or request full account deletion by contacting us (self-serve delete is in progress).
• Export. You can request a copy of your data by contacting us.

6. Children

AION is not for users under 13. If we learn that we have collected data from a child under 13, we will delete it.

7. Security

We use standard practices: password hashing, HTTPS, prepared SQL statements, session cookies with HTTP-only and SameSite protections. No system is perfectly secure — if you notice a vulnerability, please report it.

8. Third parties

During alpha we may use a small number of standard infrastructure providers (hosting, email delivery). These providers process data on our behalf and are not permitted to use it for their own purposes.

9. Changes

If we change this policy in a material way, we will announce it on the site. The "Last updated" date above reflects the current version.

10. Contact

Questions, data requests, or security reports: no-reply@aion.local.