Waniso

Waniso

Privacy Policy

This policy explains how Waniso handles account, conversation, file, memory, calendar, alert, and device data, and the safeguards we use to limit access and protect your information.

Last updated: April 26, 2026 privacy@waniso.net

Who We Are and Scope of This Policy

Waniso is a personal intelligence assistant that provides chat, file generation, memory and context, calendar, reminders, alerts, scheduled tasks, and web and mobile app experiences. This policy applies to the Waniso website, app, APIs, and related services.

We understand that using an intelligent assistant may involve personal, professional, or private content. This policy explains what we collect, why we need it, how we limit its use, and how you can request access, correction, or deletion.

We follow a data-minimization approach: we do not aim to collect data we do not need to operate or secure the service or complete the actions you request, and we do not use your data for purposes that are incompatible with this policy.

Data We Collect

We collect the data needed to create your account, operate the assistant, and provide the features you choose to use. Some data is provided directly by you, and some is generated automatically as part of running the service securely and reliably.

We treat sensitive data such as conversations, files, calendar items, reminders, and alerts with special care. This data is not available to our employees for ordinary viewing and is used only to provide the service, complete your request, maintain security, or comply with legal obligations when necessary and proportionate.

  • Account data such as email address, phone number or username, country, language, timezone, and assistant name. We also store your password in encrypted or hashed form. We and our employees cannot view or read your original password because it is not stored as readable text.
  • Conversation content, messages, prompts, and commands you send to Waniso, including voice notes, text notes, or other inputs when used. This content is used to process your request and deliver the response to your device. After messages reach the user's device, they are deleted from our servers by design, and the conversation remains available only on the user's device unless you use a feature that expressly requires additional storage, such as sync, backup, or saved outputs.
  • Files and attachments you upload, and outputs Waniso creates such as documents, spreadsheets, presentations, images, audio files, preview links, and download links. These items are processed only to complete your request, show the result to you, and enable preview or download when needed.
  • Personal memory and context such as preferences, stated facts, learned patterns, context states, and knowledge relationships used to make responses more relevant. You can reduce this data or request deletion when controls are available or by contacting us.
  • Planning data such as calendar events, reminders, alerts, scheduled tasks, and their run history. We treat this data as highly private because it may reveal your schedule and activities, and internal access is not allowed except for a specific security or legal need under restricted permissions.
  • Device and session data such as app installation ID, device name, app version, operating-system version, access and refresh tokens, APNS push tokens, and last-seen timestamps. This data helps with sign-in, notifications, session protection, and troubleshooting.
  • Operational and security logs such as routing decisions, tool calls, errors, audit events, and skill execution results. We use these logs for reliability, abuse prevention, troubleshooting, and security investigations, and we try to minimize user content appearing in them where possible.

How We Use Data

We use your data only for purposes related to operating Waniso, securing it, and providing the features you request. We do not use your private conversations, files, or calendar data for internal curiosity, and we do not make them generally available to employees.

If a limited team needs access to resolve a support issue or security incident, access is restricted to what is necessary, permission-controlled, and reviewable where possible.

  • To create accounts, sign you in, verify email, reset passwords, and protect sessions against unauthorized access.
  • To run the assistant, understand requests, generate responses, execute tools, create files, and display results in chat and the app.
  • To deliver messages and outputs to your device, then reduce server-side retention by design, especially for conversation content that is deleted from our servers after reaching the user's device.
  • To personalize the experience based on language, country, timezone, assistant name, preferences you choose to save, and context you allow us to use.
  • To manage calendars, alerts, reminders, scheduled tasks, and push notifications when enabled, while treating this data as highly private.
  • To store files, outputs, preview links, or download links when needed so you can access them later or complete a task you started.
  • To diagnose errors, prevent abuse, monitor performance, protect the service and users, and maintain limited security records when necessary.
  • To respond to support requests, privacy requests, account deletion requests, and legal or security inquiries.

Sharing and Processing by Service Providers

We do not sell your personal data, rent it, or share it with third parties for their independent marketing purposes. We may process some data with providers that help us operate Waniso, but only as needed to provide or secure the service or complete your request.

When we use an external provider, we aim to minimize the data sent to that provider, send only what is needed for the task, and choose providers with safeguards appropriate for the nature of the service. We do not give providers the right to use your data for their own purposes outside providing services to us, unless disclosed or legally required.

  • AI model, search, or execution providers when needed to understand or complete a task you requested, such as analyzing a message, generating a document, processing a file, or running a tool.
  • Resend for verification codes, support messages, account notifications, and legal or administrative requests related to the service.
  • Apple Push Notification service for iOS notifications when enabled. This may require sending a push token and limited notification content needed to display the alert.
  • Hosting, database, storage, cache, monitoring, and backup providers that keep the service running, prevent outages, and restore service when a problem occurs.
  • Limited disclosure may occur when required by law, to protect rights, prevent fraud, or investigate abuse or a security threat. In these cases, we aim to keep disclosure limited and proportionate to the purpose.

Retention and Deletion

We keep data only for as long as needed to provide the service or fulfill the purposes described in this policy. Retention periods vary by data type: account data is kept while the account is active, while some operational and security logs may be short-lived, compacted, or archived under internal retention rules.

For conversation content and messages, the service is designed to use messages to process the request and deliver them to the user's device, then delete them from our servers after they reach the user's device. The conversation remains on the user's device only. Limited exceptions may apply when the user asks to save outputs, uses a feature that requires storage, or when a temporary security record is needed to handle an error or abuse.

Files, outputs, preview links, and download links may be retained while you need them inside the service or while your account remains active, unless you request deletion or delete your account. We try to delete or disable links that are no longer needed according to the service's mechanisms.

You can request account deletion from the Delete Account page. After receiving the request, we verify the account owner, then delete or de-identify associated account data within a reasonable period. We may retain limited records when necessary for legal compliance, fraud prevention, security, dispute resolution, or proof that we completed your requests.

Backups or archived logs may take additional time to be fully removed from all systems, but they are isolated from active use and restored only when operationally or security necessary.

Your Choices and Rights

We want you to have clear control over your data. The rights available to you may vary depending on your country and applicable law, but we will make reasonable efforts to respond to privacy requests and verify the requester before taking sensitive actions.

  • You can update some account details from app settings or by contacting us when an in-app control is not available.
  • You can request access to your data, an explanation of the categories of data we process, or correction of inaccurate data.
  • You can request deletion of your account and associated data from the Delete Account page, noting that limited records may be retained when there is a legitimate legal or security reason.
  • You can disable push notifications in iOS settings, and the push token may be deleted or updated when you sign out or change device settings.
  • You can reduce the data you share by not uploading files or information you do not want Waniso to process, and by not enabling features such as calendar or alerts unless needed.
  • You can request deletion or modification of certain memory or personal-context items when controls are available or by contacting us.

Security and Internal Access Confidentiality

We use technical and organizational safeguards to protect accounts, sessions, and files, including encrypted or hashed passwords, protected tokens, HTTPS in production environments, permission controls, and audit logs for sensitive operations.

Our employees cannot view your original password because it is not stored as readable text. Conversation data, files, calendar events, reminders, and alerts are treated as highly private, and internal access is not allowed except for a specific need such as support requested by you, a security investigation, troubleshooting, or legal compliance.

No digital service is perfectly secure, so we monitor errors and vulnerabilities, update safeguards when needed, and work to minimize user data appearing in logs or monitoring tools.

Children and Sensitive Information

Waniso is not directed to children under the age permitted by law in the user's country. If we learn that an account was created or used in a way that violates age or consent requirements, we may restrict the account or delete related data.

We recommend that you do not enter highly sensitive data such as detailed health information, trade secrets, or official identity data unless it is necessary for your use and you understand the processing required to complete the request.

Data Transfers and International Processing

Waniso may be hosted, or some data may be processed, through infrastructure or providers in countries different from yours. When this occurs, we take reasonable steps to protect the data according to this policy and appropriate contractual and security commitments.

Changes and Contact

We may update this policy as the service, legal requirements, or security controls change. The latest update date appears at the top of the page, and we may notify you in the app or by email when material changes occur.

For privacy questions, access requests, correction requests, or deletion requests, contact us through the contact page or the email shown on Waniso legal pages.