Privacy Policy

Aminta is operated by an individual developer based in Belgium. For the purposes of EU data protection law, the data controller is:

If you have any questions about this Privacy Policy or about how we handle your data, please contact us at the address above.

We collect the minimum information necessary to provide and improve the Aminta service. The categories below describe what we collect, why we collect it, and how.

We use the information we collect for the following purposes:

• ◈Providing, maintaining, and improving the Aminta extension and web application.
• ◈Authenticating your identity and managing your account.
• ◈Transmitting your prompts to AI providers to generate content on your behalf.
• ◈Storing your Voice Profile so Aminta can write in your style.
• ◈Sending transactional emails (account confirmation, password reset, billing receipts).
• ◈Analysing anonymised usage patterns to improve features and performance.
• ◈Preventing fraud, abuse, and violations of our Terms of Service.
• ◈Complying with our legal obligations under Belgian and EU law.

We do not use your content to train AI models. We do not use your data for advertising purposes. We do not share your personal data with third parties except as described in §8 and as required by law.

For users in the European Economic Area and the United Kingdom, we rely on the following legal bases under Article 6 GDPR:

• ◈Contract (Art. 6(1)(b)): Processing your account information and content to provide the service you signed up for.
• ◈Legitimate Interests (Art. 6(1)(f)): Processing anonymised analytics data to improve our product, and processing data to detect and prevent abuse.
• ◈Legal Obligation (Art. 6(1)(c)): Retaining billing records as required by Belgian and EU tax law.
• ◈Consent (Art. 6(1)(a)): For any optional communications or data uses beyond what is strictly necessary to provide the service, where we will ask for your explicit consent.

Aminta uses third-party AI models to generate content on your behalf. When you use a generation feature, your prompt (including any Voice Profile context you have enabled) is transmitted to the AI provider you have selected or that we have configured as the default.

Each AI provider has its own privacy policy and terms of service. You are encouraged to review these before using Aminta, in particular regarding how providers handle submitted data and whether they use it for model training.

The Aminta Chrome extension requests the following browser permissions. We request only the permissions necessary for the extension to function.

• ◈activeTab:Allows Aminta to read the current tab's URL and inject content into the X, LinkedIn, or Reddit composer when you activate the extension. We do not read page content unless you explicitly use a feature that requires it (e.g., Reply Generator reading a tweet you are replying to).
• ◈storage: Used to store your settings, Voice Profile, XP progress, and BYOK API keys locally in your browser. This data does not leave your device unless you are logged in and sync is enabled.
• ◈Host permissions (x.com, twitter.com, linkedin.com, reddit.com):Required to detect the active composer and inject generated content into the text field when you click "Insert into X" or equivalent.

We do not access your browsing history. We do not read page content on sites you visit other than the supported platforms listed above, and only when you have activated the Aminta panel.

Your account data and Voice Profile are stored on servers located within the European Economic Area. We use industry-standard security measures including:

• ◈Encryption in transit (TLS/HTTPS) for all data transmitted to our servers.
• ◈Encryption at rest for stored personal data.
• ◈Access controls limiting who within the operation can access user data.
• ◈Regular security reviews of our infrastructure and dependencies.

BYOK API keys are stored exclusively in your browser's local storage and are never transmitted to our servers. You are responsible for the security of your own device and browser environment.

No method of transmission or storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

Aminta integrates with the following third-party services. When you use features that rely on these services, your data is subject to their respective privacy policies in addition to ours.

Aminta uses cookies and browser local storage to operate the service.

• ◈Authentication cookies: Used to keep you logged in to your Aminta account. These are strictly necessary for the service to function and do not require consent under ePrivacy Directive Article 5(3).
• ◈Local storage (extension): Used to store your preferences, XP progress, Voice Profile, and API keys locally on your device. This data is not transmitted to external servers except as explicitly described in this policy.
• ◈Analytics cookies: If we use analytics, we will only set analytics cookies with your consent, where required by law.

You can clear local storage and cookies via your browser settings at any time. Doing so will log you out and reset locally stored preferences.

We retain your personal data only for as long as necessary:

• ◈Account data: Retained for the duration of your account. Deleted within 30 days of account deletion, except where retention is required by law.
• ◈Billing records: Retained for 7 years as required by Belgian accounting and tax law.
• ◈Anonymised analytics: May be retained indefinitely in aggregated form, as they do not identify you.
• ◈Prompt data: Not retained on our servers beyond the time needed to fulfill the AI request (typically seconds). We do not log or store the content of your AI prompts or generated outputs.

If you are located in the European Economic Area or the United Kingdom, you have the following rights regarding your personal data:

• ◈Right of access (Art. 15): You can request a copy of the personal data we hold about you.
• ◈Right to rectification (Art. 16): You can ask us to correct inaccurate data or complete incomplete data.
• ◈Right to erasure (Art. 17): You can request deletion of your personal data, subject to legal retention requirements.
• ◈Right to data portability (Art. 20): You can request your data in a structured, machine-readable format.
• ◈Right to restriction (Art. 18): You can ask us to restrict processing of your data in certain circumstances.
• ◈Right to object (Art. 21): You can object to processing based on legitimate interests.
• ◈Right to withdraw consent: Where processing is based on consent, you can withdraw it at any time.

To exercise any of these rights, contact us at hello@amintaapp.com. We will respond within 30 days. You also have the right to lodge a complaint with your local supervisory authority. In Belgium, this is the Gegevensbeschermingsautoriteit (GBA) / Autorité de protection des données (APD), reachable at gegevensbeschermingsautoriteit.be.

Some of our third-party service providers — in particular AI model providers such as OpenRouter, Groq, and OpenAI — are based in the United States. When you use these services, your prompt data is transferred to the United States.

We rely on the following safeguards for such transfers:

• ◈Standard Contractual Clauses (SCCs) adopted by the European Commission, where applicable and required.
• ◈The EU-US Data Privacy Framework, where the provider is certified.

If you use your own BYOK API keys, data is transmitted directly from your browser to the provider, and you take on the responsibility for that transfer.

Aminta is not directed at children under the age of 16. We do not knowingly collect personal information from anyone under 16. If we become aware that we have inadvertently collected personal data from a child under 16, we will delete that information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at hello@amintaapp.com.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will:

• ◈Update the "Last updated" date at the top of this page.
• ◈Notify you by email (if you have an account) or via an in-app notice, where the changes are material.

Your continued use of Aminta after the effective date of any changes constitutes your acceptance of the updated policy. If you do not agree with the changes, you should stop using Aminta and may request deletion of your account.

If you have questions, concerns, or requests relating to this Privacy Policy or to how we handle your personal data, please contact us: