All Users
Access, correction, and portability. You may contact us at privacy@bellsup.ai to request access to or correction of your personal data. We will respond within one month.
Data portability / export. You may request a portable copy of your saved conversation data by contacting us at privacy@bellsup.ai. We will prepare an export of your saved conversations and respond within one month. This is a manual process; there is currently no self-service export tool.
Per-conversation deletion. You may delete any individual saved conversation and its associated documents at any time, on demand, from within the platform. Deletion is permanent: the conversation's encryption keys are destroyed and the content cannot be recovered through Bells Up AI.
Account deletion — how to request it. Org admins and account owners may request deletion of the entire account (and for multi-member organizations, the entire organization) through the Delete Account control in account settings. You will be asked to confirm before the request is filed.
What happens after you request deletion:
- Free accounts are erased promptly after the request is confirmed — access ends immediately, erasure runs shortly afterward, and there is no multi-day hold period. There is nothing to cancel once the request is confirmed.
- Paid accounts enter a 7-day hold period. The account remains fully usable during the hold. You may cancel the deletion by contacting privacy@bellsup.ai within 7 days. After the hold, erasure runs and cannot be undone.
What erasure destroys. For Professional accounts: all saved conversations, messages, conversation titles, uploaded documents, and the encryption keys that protect them. Once the keys are destroyed, the content cannot be recovered through Bells Up AI. For Free accounts: your account data, saved preferences, and associated encryption keys. If your Free account retains saved conversations or documents from a prior Professional subscription, those are also destroyed. Free-text referral notes are scrubbed at erasure; referral status and credit records are retained for a bounded period for fraud prevention (see Section 8).
What is retained after erasure. Billing and tax records, security and audit logs, and identity and usage records are retained for limited periods under independent lawful bases, as described in Section 8 (Data Retention). We will tell you exactly what is retained and for how long in the deletion confirmation document (below).
Backup-residue window. After erasure, deleted content may persist in encrypted database backups for approximately 30 days before those backups expire and are automatically deleted. This is a bounded, self-expiring window. Your deletion confirmation document will identify the specific date by which the backup window closes.
Direct-provider residue. If you used OpenAI, Google, or xAI models, prompts and documents you sent to those providers may be retained by them for abuse monitoring, safety, and legal-compliance purposes before deletion — approximately 30 days for OpenAI and xAI, and up to 55 days for Google (Gemini). This residue is outside our control and is not removed by deleting your account with us. Providers accessed through AWS Bedrock (Claude, Llama, DeepSeek, Mistral, Qwen) are processed under the AWS Data Processing Addendum and are not subject to this residue window.
Deletion confirmation document. When erasure is complete, we will send the requesting org admin (and all org admins) a written confirmation identifying: the request date, the completion date, the categories of data destroyed, the backup-residue expiry date, and the categories of data retained with the applicable basis and period. Paid-tier confirmations certify destruction of saved conversations and documents. Free-tier confirmations describe what was erased. For Free accounts retaining saved content from a prior Professional subscription, the confirmation identifies the categories of saved conversations and documents destroyed.
Response window. We will complete erasure within 30 days of your request, and in any event within one month.
US State Privacy Rights and Disclosures
California (CCPA/CPRA) and other US states: Bells Up AI does not sell your personal information. We do not share your personal information for cross-context behavioral advertising. These statements apply as those terms are defined under the California Consumer Privacy Act, as amended by the California Privacy Rights Act, and under comparable state privacy laws including those in Virginia, Colorado, Connecticut, and other states with comprehensive privacy legislation.
Categories of personal information we collect: Identifiers (name, email, IP address), internet or electronic network activity (usage metadata, model selection, token counts), and, if you choose to save conversations, customer content stored in encrypted form.
How we use it: To provide and secure the service, as described in Section 1 of this policy.
Who we disclose it to: The categories of service providers listed in Section 5, solely to provide the service. We do not disclose personal information to third parties for their own commercial purposes.
Your rights: Depending on your state of residence, you may have the right to know what personal information we collect, request deletion, request correction, and opt out of the sale or sharing of personal information. Because we do not sell or share personal information, there is no sale or sharing to opt out of.
To exercise any of these rights, contact privacy@bellsup.ai. Account and organization deletion may also be initiated directly from account settings by org admins. You may also designate an authorized agent to make a request on your behalf. We will not discriminate against you for exercising your rights.
Canada (PIPEDA and Quebec Law 25)
If you are in Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA) gives you the following rights regarding the personal information we hold about you as its controller:
Access and correction — You may request access to the personal information we hold about you and ask us to correct information that is inaccurate or incomplete. These requests are handled through the access, correction, and deletion mechanisms described under All Users above, including account and organization deletion from your settings.
Withdrawal of consent — You may withdraw your consent to our processing of your personal information at any time, subject to legal and contractual restrictions and reasonable notice. Withdrawing consent may prevent us from providing some or all of the service.
Complaint to a regulator — If you have unresolved concerns, you may file a complaint with the Office of the Privacy Commissioner of Canada (OPC).
Quebec residents (Law 25) — If you are in Quebec, you have additional rights under Quebec's Law 25, and you may file a complaint with the Commission d'accès à l'information du Québec (CAI).
To exercise any of these rights, contact us at privacy@bellsup.ai. We may request verification of your identity before fulfilling a request.
Additional Rights Under GDPR (EEA)
Bells Up AI markets and offers its paid subscriptions to customers in the United States and Canada (see Terms of Service §02). If you are in the European Economic Area, you have the following rights regarding your personal data:
Access, rectification, erasure, restriction, portability, and objection — including the right to object to processing based on legitimate interest. We will cease processing unless we demonstrate compelling legitimate grounds. The right to erasure is exercised through the process described under All Users above. Erasure requests are subject to the retention carve-outs in Section 8 (Data Retention), which are lawful under GDPR Art. 17(3)(b) (legal obligation, for billing and tax records), Art. 17(3)(e) (defence of legal claims), or because the retained records remain necessary for the fraud-prevention and security purposes described in Section 8 (Art. 17(1)(a), Art. 6(1)(f)). Data portability requests under Art. 20 may be submitted to privacy@bellsup.ai; we will provide a portable copy of your saved conversation data within one month.
Lodge a complaint with a supervisory authority, in particular in the EEA member state of your residence, place of work, or of the alleged infringement.
To exercise any of these rights, contact us at privacy@bellsup.ai. We may request verification of your identity before fulfilling a request.
Providing your IP address is a technical necessity of using the service; we cannot provide the service to you without processing it. You are not required to provide any other personal data beyond what is necessary to create and maintain your account.
We use automated rate limiting and abuse detection that may result in temporary blocking of access. These measures are applied uniformly for security purposes and do not produce legal effects or similarly significant effects within the meaning of GDPR Art. 22. If you believe you have been incorrectly blocked, contact us at the email above.