OsemberLog in

Privacy Policy

Last updated: March 22, 2026

1. Information We Collect

When you use Osember, operated by OB Labz, we collect the following types of information:

  • Account information: email address, name, and password (hashed)
  • Usage data: conversation metadata, feature usage, and interaction patterns
  • Content: messages, memories, rules, and other content you create within the Service
  • Device information: browser type, operating system, and IP address

2. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service
  • Process your AI conversations and maintain your memories and rules
  • Send you important updates about the Service
  • Monitor and analyze usage trends to improve user experience
  • Detect and prevent fraud, abuse, and security issues

3. Data Storage & Security

Osember employs zero-knowledge encryption for your stored data. Your memories, rules, and conversation content are encrypted with a key derived from your account credentials. This means:

  • We cannot read your encrypted content, even if compelled to
  • Your data is encrypted at rest and in transit (TLS 1.3)
  • Each user has a unique encryption salt
  • Database access is protected by Row Level Security (RLS) policies

Our infrastructure is hosted on Vercel and Supabase, with data stored in secure, SOC 2 compliant facilities.

4. Data Sharing

We do not sell your personal information. We may share data only in the following cases:

  • AI processing: Conversation content is sent to AI model providers (Anthropic) to generate responses. These providers process data per their own privacy policies and do not retain your data for training.
  • Service providers: We use third-party services (hosting, analytics) that may process data on our behalf under strict data processing agreements.
  • Legal compliance: We may disclose information if required by law or to protect our rights and safety.

5. Cookies

We use essential cookies for authentication and session management. These are httpOnly, secure cookies that cannot be accessed by client-side scripts. We do not use tracking cookies or third-party advertising cookies.

6. Your Rights (GDPR)

If you are in the European Economic Area, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate personal data
  • Erasure: Request deletion of your personal data
  • Portability: Export your data in a machine-readable format
  • Restriction: Limit how we process your data
  • Objection: Object to certain types of processing

Osember includes a built-in data export feature in your account settings. To exercise other rights, contact us at the address below.

7. Data Retention

We retain your data for as long as your account is active. When you delete your account, your data is permanently deleted within 30 days. Encrypted content is irrecoverable once your account is deleted, as the encryption keys are derived from your credentials.

8. Children's Privacy

Osember is not intended for children under 18. We do not knowingly collect personal information from children. If we discover that a child under 18 has provided us with personal information, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. The "Last updated" date at the top indicates when changes were last made.

10. Contact

For privacy-related inquiries, contact us at privacy@osember.ai.

OB Labz
osember.ai

← Back to login