We value your privacy and data security. This Privacy Policy explains how we collect, use, store, and protect your personal information.
Last Updated: March 3, 2026
Welcome to Alloomi Cross-Platform Communication Agent ("Alloomi", "we", "our", or "us").
We value your privacy and data security. This Privacy Policy explains how we collect, use, store, and protect your personal information, as well as your rights when using Alloomi.
By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.
Account Information
Email, username, or third-party login credentials (e.g., Slack, Discord, Telegram)
Basic identity information for account verification
Messages and Communication Data
Upon your authorization, we may access and process your communication data from platforms such as Slack, Discord, and Telegram to enable message aggregation, summarization, and notifications.
Your original messages and raw communication data remain on your device and are not uploaded to our cloud. Alloomi processes raw content locally and may upload only derived information—such as AI-generated summaries, extracted action items, and smart reply suggestions—to our cloud infrastructure to deliver the Service.
We will never use your communication content for unrelated purposes without your explicit consent.
Device and Technical Data
Device type, browser, operating system, IP address
Cookies and local storage data to maintain login sessions and improve user experience
Usage Data
Records of feature usage (e.g., number of summaries, conversations, external tool integrations)
Notification and delivery preference settings
We use the collected information for the following purposes:
To provide and improve Alloomi' core features (message aggregation, summarization, notifications, conversations)
To deliver information according to your preferences
To ensure service security and stability (monitoring suspicious behavior, preventing misuse)
To conduct anonymized statistical analysis for product optimization
To provide product updates and service-related notifications with your consent
Original chat records and emails exist only on your device and are not uploaded to our cloud. Only processed summaries and derived metadata (such as AI-generated summaries and smart reply suggestions) may be stored in the cloud to deliver the Service. For details on encryption and security measures applied to this stored data, see the Data Security section below.
Your communication data is only stored for the required processing period, after which it will be automatically deleted or anonymized.
We will not sell your personal information to third parties.
We only disclose user data when required by applicable law or valid legal process.
Third-Party Service Providers
To deliver the Service, we share limited data with the following trusted third-party providers:
Vercel (Cloud Infrastructure): We use Vercel to host and serve the Alloomi web application. Vercel may process technical data (such as IP addresses and request logs) as part of providing hosting services.
OpenRouter (AI Model Provider): We route AI inference requests through OpenRouter to access large language models for features such as message summarization, smart reply suggestions, and action item extraction. Processed (non-raw) content may be transmitted to OpenRouter for this purpose.
Stripe (Payment Processing):Stripe handles all subscription billing and payment transactions. Stripe receives payment-related information (such as billing details) as necessary to process your subscription. Stripe's privacy practices are governed by its own privacy policy.
Each provider is bound by data processing agreements and applicable privacy regulations.
We implement industry-standard security measures to protect your data:
In Transit: All data transmitted between your device and our servers is encrypted using TLS/HTTPS.
At Rest: Data stored on our cloud infrastructure is encrypted with AES-256 encryption.
Access Controls: We apply strict access controls and authentication measures to limit internal access to your data to authorized personnel only.
In Use: Raw message content is processed locally on your device wherever possible; only derived outputs are transmitted to the cloud.
Data Breach Notification
In the event of a data breach that affects your personal information, we commit to:
Notifying affected users within 72 hours of becoming aware of the breach, where feasible.
Reporting the breach to relevant regulatory authorities as required by applicable law (e.g., GDPR supervisory authorities).
Taking prompt remediation measures to contain the breach and prevent further unauthorized access.
Our Service is currently primarily deployed in the United States. If you are located outside the United States, please be aware that your data may be transferred to, stored in, or processed in the United States or other countries where our service providers operate.
These countries may have different data protection laws than your country of residence. To protect your data during cross-border transfers, we rely on appropriate safeguards, including:
Standard Contractual Clauses (SCCs) approved by the European Commission for transfers from the EEA, UK, or other jurisdictions with equivalent requirements.
Data processing agreements with our third-party service providers that impose obligations consistent with applicable data protection law.
By using the Service, you acknowledge and consent to the transfer of your data as described above.
We use cookies for the following purposes:
Strictly Necessary Cookies: To maintain login sessions and perform authentication (do not require additional consent)
Preference Cookies: To save user notification and interface settings
Performance and Analytics Cookies: To track visits and usage behavior in order to improve the product experience (require user consent)
You can clear or disable cookies at any time in your browser, though some features may not work properly.
You have the following rights regarding your personal information:
Right of Access – You may request access to the information we hold about you
Right of Rectification – You may correct inaccurate or incomplete information
Right of Erasure – You may request the deletion of your personal data
Right to Restrict Processing – You may limit how your data is processed in specific cases
Right to Data Portability – You may export and transfer your data
Right to Withdraw Consent – You may withdraw your consent to data collection and processing at any time
Communication data: Retained for 7 days by default, used only for summarization and conversation purposes
Account information: Deleted within 30 days after account deletion
Usage statistics and logs: May be retained in anonymized form for security and research purposes
We will only disclose your personal data to third parties in the following limited circumstances:
Legal Requirement: When we are required to do so by applicable law, court order, or other valid legal process.
Protection of Rights: When necessary to protect the rights, property, or safety of Alloomi, our users, or the public.
Business Transfers: In connection with a merger, acquisition, or sale of assets, subject to the acquirer maintaining equivalent privacy protections.
We will not sell your personal information to third parties for marketing or advertising purposes.
Alloomi services are intended for users aged 18 and above, or the age of legal majority in your jurisdiction, whichever is higher. If you are under the applicable age of majority, you may not use Alloomi without verified parental or guardian consent and supervision.
If we become aware that we have inadvertently collected personal information from a minor without appropriate consent, we will take steps to delete such information promptly.
We may update this Privacy Policy to comply with laws, regulations, or service changes. Updates will be announced on our website or via email. For significant changes, we will seek your explicit consent.
If you have any questions about this Privacy Policy or how your data is processed, please contact us at:
Alloomi is committed to complying with applicable data protection regulations, including but not limited to the GDPR (General Data Protection Regulation) and the Personal Data Protection Act (PDPA) of Singapore. Our privacy practices are designed to protect your personal data and ensure your privacy rights are respected. This Privacy Policy is governed by the laws of Singapore.
Any disputes arising out of or in connection with this Privacy Policy shall be resolved in accordance with the dispute resolution and arbitration provisions set forth in the Alloomi Terms of Service, which provides for binding arbitration in Singapore administered by the Singapore International Arbitration Centre (SIAC).