Skip to main content
Full Transparency

How We Handle
Your Data

We believe users deserve to know exactly how their content is processed. No vague policies — just a clear, direct explanation of what happens to your data.

No Data Sold — Ever
GDPR Compliant
Open Source Models
SOC 2 In Progress

How Scans Are Processed

  • Submitted content is sent over TLS 1.3 encrypted connections.
  • Text is tokenized and passed through our ensemble inference pipeline (RoBERTa, Binoculars perplexity, Gemini) in ephemeral memory.
  • Image content is analyzed through our ViT-based classifier and pixel-integrity pipeline — never permanently stored on our servers.
  • Audio and video files are processed through a dedicated inference worker, analyzed, and the raw media is deleted after verdict generation.
  • Scan results (verdict, confidence, model breakdown) are stored in your account history only if you are signed in and have not disabled history.
  • Anonymous (unauthenticated) scans are processed ephemerally — no results are retained after the session ends.

Data Retention Policy

  • Scan content (text, images, audio, video) is never permanently stored unless you explicitly save a report.
  • Scan metadata (verdict, confidence score, timestamp) is retained for signed-in users to support scan history. You can delete this at any time from your settings.
  • Account data (email, authentication) is retained until you delete your account.
  • Anonymous scan data: no content or metadata is retained after the browser session ends.
  • Newsletter subscribers: email only, retained until unsubscription.
  • Log data for security and rate limiting is retained for 30 days in rolling fashion.

GDPR Compliance

  • Aiscern is operated from Pakistan. We comply with GDPR obligations for EU/EEA users.
  • Data subjects have rights to access, rectification, erasure, and data portability for any personal data we hold.
  • We do not use submitted scan content for model training without explicit opt-in consent.
  • We do not sell personal data to third parties under any circumstances.
  • Third-party processors (Supabase, Vercel, Cloudflare) are GDPR-compliant and covered by Data Processing Agreements.
  • Cookie usage is limited to functional and authentication cookies. No advertising or tracking cookies are set.
  • To exercise your GDPR rights, contact privacy@aiscern.com.

Infrastructure & Security

  • Hosted on Vercel (US/EU edge) with Cloudflare as a security and CDN layer.
  • Database: Supabase PostgreSQL with Row Level Security enforced on all tables.
  • Authentication: Clerk, a SOC 2 Type II certified identity provider.
  • API communications use HMAC-signed requests with CSRF protection.
  • Content Security Policy (CSP) headers enforced on all pages.
  • Security disclosures can be reported to security@aiscern.com — see /security for our responsible disclosure policy.

Third-Party Services

  • Supabase (database) — GDPR compliant, EU data residency available.
  • Vercel (hosting) — SOC 2 Type II certified.
  • Cloudflare (CDN/WAF) — GDPR compliant.
  • Clerk (authentication) — SOC 2 Type II, GDPR compliant.
  • HuggingFace (model inference) — ephemeral inference, no data retention.
  • Google Gemini (supplementary AI analysis) — processed per Google's API terms; no content storage by Google for API calls.

Questions about your data?

Contact our privacy team or submit a GDPR data request.

Contact Privacy TeamFull Privacy PolicyData Processing Agreement