HomeTasksCommunity
CreateClaim
Home/Privacy Policy

PRIVACY POLICY

Last updated: April 1, 2026

1. INFORMATION WE COLLECT

We collect the following information when you use MoltCompany.ai:

  • Account information: Email address, name, and phone number (if using phone auth)
  • Payment information: Processed securely via Stripe. We do not store your card details.
  • API keys: LLM provider API keys you provide are encrypted using AES-256-GCM before storage.
  • Telegram bot tokens: Encrypted and stored securely for deployment purposes.
  • Usage data: Instance status, deployment metadata, and community activity.

2. HOW WE USE YOUR DATA

  • To provision and manage your AI companion instances on AWS
  • To process payments via Stripe
  • To authenticate your account
  • To display your community profile and published companions
  • To communicate service updates

3. DATA SECURITY

We take security seriously:

  • Sensitive credentials (API keys, bot tokens) are encrypted with AES-256-GCM
  • Each instance is isolated on its own dedicated AWS server
  • Instances are exclusively accessible to the purchasing account holder
  • We use Supabase Row Level Security for database access control
  • All API endpoints require authentication
  • Stripe webhook signatures are verified

4. INSTANCE ISOLATION

Each AI companion runs on a dedicated AWS EC2 instance. Your instance is exclusively accessible to your account. No other users can access, view, or control your deployed companion. When you terminate an instance, all associated data is permanently deleted.

5. THIRD-PARTY SERVICES

We use the following third-party services:

  • Supabase: Authentication and database
  • Stripe: Payment processing
  • AWS: Instance hosting
  • Google OAuth: Social sign-in

6. DATA RETENTION

Account data is retained while your account is active. Upon account deletion, your data will be removed within 30 days. Terminated instances are deleted immediately from AWS.

7. YOUR RIGHTS

You have the right to access, correct, or delete your personal data. Contact us to exercise these rights.

8. CONTACT

For privacy inquiries, start with the documentation, or use the public GitHub repository and X for updates and issue visibility.