Introduction

We at Elements, Inc. ("Elements," "we," or "us") are strongly committed to respecting your privacy and keeping secure any information you share with us. This Privacy Policy explains how we collect, use, disclose, and process your personal data when you use Elements's software, platform, APIs, documentation, and related tools, including the website at cicely.ai (the "Service"). It also tells you how you can access and update your personal information and describes the data protection rights that may be available under your country's or state's laws.

Please read this Privacy Policy carefully. By accessing or using the Service, you acknowledge you have been informed of and consent to our practices with regard to your personal information and data.

Our order process is conducted by our online reseller Polar.sh. Polar.sh is the Merchant of Record for all our orders. Elements handles responsibilities regarding content access and complaints for Cicely AI. For inquiries, please contact contact@elements.im.

1. Personal Data We Collect

We collect the following categories of personal data:

A. Personal data you provide to us directly

We collect personal data if you create an account to use our Service or communicate with us. This includes:

Account Information: We collect identifiers such as your name and email address when you sign up for an account or to receive information about our Service.
Payment Information: We do not collect or store your payment information. All payment processing is handled entirely by our merchant of record, Polar.sh, and is subject to their terms and privacy policy. We only receive confirmation of your subscription status; we never have access to your card numbers, billing addresses, or other financial details.
Inputs and Outputs: The Service allows you to submit content ("Inputs"), which generate AI responses ("Outputs") based on your Inputs. We do not collect or store your Inputs or Outputs on our servers. Inputs are processed in real time by our AI model providers to generate Outputs and are not retained after the response is delivered, except as described in Section 2.
Communication Information: If you communicate with us, we collect your name, contact information, and the contents of any messages you send.
Feedback: While using the Service, you may provide feedback, including ideas and suggestions for improvement ("Feedback"). If you provide Feedback, we may store the exchange as part of your Feedback.

B. Anonymized behavioral analytics

We use Mixpanel to collect anonymized behavioral data about how the Service is used. This includes aggregated interaction patterns such as feature usage frequency, session counts, and navigation flows. All data collected through Mixpanel is fully anonymized and cannot be linked back to any individual user.

We do not collect device information, IP addresses, browser fingerprints, or any form of personal usage data through analytics.

C. Data we do not collect

Elements does not collect, store, or access any of the following:

Prompts, messages, or conversations with the AI
Documents and files processed through the Service
Files added during chat sessions
Local files on your devices
Chat histories or conversation logs

Additionally, Elements does not knowingly collect sensitive or special category personal information, such as genetic data, biometric data for the purpose of uniquely identifying a natural person, health information, or religious information.

Elements does not knowingly collect information from or direct any of our Service or content to children under the age of 18. If we learn or have reason to suspect that a user is under the age of 18, we will investigate and, if appropriate, delete the personal data and/or the account.

2. Data Storage and Processing

All file data added or used by you in the Service is never uploaded to our servers. We do not collect your local files, the documents that you open, or the files you add to AI sessions.

All your data stays on your local device. The data is only accessible on your specific device, as we do not upload it to our cloud servers. We do not utilize semantic RAG or embedding technology, and therefore do not store any chunk of your data, text, or chat on our servers.
AI Data Processing. All AI systems operate in data centers based in the United States. Providers in other regions, especially in China, are not used at all.

3. How We Use Personal Data

We may use personal data for the following purposes:

To provide and maintain the Service, including optional features that enhance functionality and user experience.
To create, manage, and administer your account, including facilitating payments and responding to inquiries.
To improve and develop the Service and conduct research, including debugging and identifying or repairing issues that impair functionality.
To communicate with you, including sending updates, information about the Service, and events.
To prevent, detect, and investigate fraud, abuse, security incidents, and violations of our Terms of Service.
To comply with legal obligations and protect the rights, safety, privacy, and property of users, Elements, or third parties.
To investigate and resolve disputes or security issues.
To enforce our Terms of Service and other applicable agreements.

We do not use Inputs or Outputs to train our models, or permit third parties to use them for training, unless: (1) they are flagged for security review (in which case we may analyze them to improve our ability to detect and enforce our Terms of Service), (2) you explicitly report them to us (for example, as Feedback), or (3) you've explicitly agreed to their use for such training purposes. By default, your Inputs and Outputs are never used for model training. We may introduce an optional mode in the future that allows you to contribute data to help improve our models; participation will always be opt-in and clearly disclosed.

We may aggregate or de-identify personal data so that it no longer identifies you, and use that information for the purposes described above, such as analyzing how the Service is used, improving or adding features, and conducting research. We will maintain de-identified information in its de-identified form and will not attempt to reidentify it, except as required by law.

4. How We Share Personal Data

We may disclose your personal data in the following circumstances:

Sub-Processors: We use the following third-party service providers to operate the Service. Each processes data only as necessary to perform services on our behalf, consistent with our and your instructions and applicable law.

Provider	Purpose	Data Processed
Polar.sh	Payment merchant of record	All payment and billing information (Elements has no access)
Anthropic / OpenAI	AI model providers	Processed Inputs sent in real time to generate Outputs; not retained after response delivery
MongoDB	Database	Weekly usage limits and usage records (no conversation content)
WorkOS	Authentication	Authentication tokens only; no personal data or content transferred
Loops	Transactional email	Email address (for onboarding and transaction emails)
Mixpanel	Anonymized behavioral analytics	Fully anonymized interaction patterns; no personal data
Sentry	Error monitoring	Code-level error logs only; no personal data or user content
Langfuse	LLM observability	Agent tool usage and performance metrics only; no personal data or user content
AWS S3	Cloud storage	Internal application data only; no user files or personal data
Tavily / Firecrawl	Web search and crawling	AI-generated search queries only; no user Inputs or personal data are transmitted

Business Transfers: In the event of a merger, acquisition, restructuring, bankruptcy, or other corporate transaction, personal data may be disclosed to counterparties and advisers as part of due diligence or transferred as part of the transaction.
Legal Compliance and Protection of Rights: We may disclose personal data to government authorities or other third parties if we believe doing so is necessary to: (i) comply with applicable laws, regulations, or legal processes; (ii) respond to lawful requests or investigations; (iii) protect the safety, rights, or property of any person; (iv) prevent fraud, security incidents, or other unlawful activity; (v) enforce our Terms of Service or other legal rights; or (vi) protect Elements against legal liability.
Affiliates: We may share personal data with affiliates, meaning an entity that controls, is controlled by, or is under common control with us. They may use personal data in a manner consistent with this Privacy Policy.
Third-Party Services and Integrations: The Service may include integrations with or links to third-party websites, applications, or services. If you choose to interact with these third parties, your personal data may be disclosed to them directly and governed by their own terms and privacy policies.
With Your Consent: We may disclose personal data when you give us explicit permission to do so.

5. Retention

Elements retains your personal data only for as long as necessary to operate the Service effectively and to support legitimate business needs such as legal compliance, safety, dispute resolution, and enforcement of our agreements. The appropriate retention period varies depending on the purpose for which the personal data was collected, its sensitivity, potential risks associated with its use or exposure, and any applicable legal requirements.

When personal data is no longer needed, Elements and its service providers will follow procedures to delete, erase, de-identify, or anonymize it in compliance with applicable laws. Upon account deletion, we will delete all forms of your data immediately.

6. Security

We implement commercially reasonable technical and organizational measures designed to protect personal data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. These measures include:

Encryption: All passwords are encrypted for storage and management. Encrypted communication (TLS) is used to safely transmit personal information on the network.
Access Controls: We limit the number of employees who handle personal information and grant separate credentials which are updated regularly.
Infrastructure Protection: We use intrusion prevention systems to control unauthorized access and employ up-to-date security measures to prevent leakage or damage to personal information.

However, please remember that no method of transmission over the Internet or method of electronic storage is completely secure. We are not responsible for any circumvention of privacy settings or security features on the Service or on third-party websites linked through the Service.

7. Your Rights and Choices

Depending on where you live and the laws that apply in your country of residence, you may have certain rights in relation to your personal data. These may include the right to access, delete, correct, or transfer your personal data; to object to or restrict how we process it; or to withdraw your consent where processing is based on consent. You may also have the right to lodge a complaint with your local data protection authority.

To exercise any of these rights, you or your authorized agent may contact us at contact@elements.im. We may request information to verify your identity before processing your request. If we deny your request, you may appeal by emailing the same address. Elements will not discriminate against you for exercising any privacy rights available under applicable law.

The rights available to you may include:

Right to know what categories of personal data we collect, the purposes for which we use it, and the types of third parties with whom we share it.
Access and portability, meaning you can request a copy of the personal data we hold about you and, where applicable, ask us to provide it in a portable format.
Deletion of personal data collected from you in connection with your use of the Service, subject to certain exceptions.
Correction of inaccurate personal data we maintain about you.
Objection to certain types of processing. Where applicable, we will stop processing unless we have legitimate legal grounds to continue.
Restriction of our processing of your personal data in limited circumstances, such as while a correction request is pending.
Withdrawal of consent, where the legal basis for our processing is based on your consent. Withdrawal does not affect the lawfulness of prior processing.
Local data deletion: You can delete file data within the Service at any time by deleting the application installed on your local device, or by individually removing files within the Service. Since all file data remains on your device, this is no different from deleting files on your own computer.

No sale or targeted advertising: We do not "sell" or "share" personal data for cross-contextual behavioral advertising, and we do not process personal data for "targeted advertising" purposes as those terms are defined under applicable US state privacy laws. We also do not process sensitive personal data for the purposes of inferring characteristics about a consumer.

8. Jurisdiction-Specific Disclosures

Some jurisdictions require specific disclosures regarding how we handle your personal data. Elements processes your personal data for the purposes described in this Privacy Policy on servers located in various jurisdictions, including in the United States. While data protection laws vary by country, we apply the protections outlined in this policy to your personal data regardless of where it is processed, and we only transfer data in accordance with legally valid transfer mechanisms.

9. Privacy Policy Changes

We may update this Privacy Policy from time to time. When we do, we will publish an updated version and effective date at the top of this page, unless another type of notice is legally required. For material changes that significantly affect your rights, we will notify you at least 30 days in advance via email or an in-product notification. Your continued use of the Service after any change in this Privacy Policy will constitute your acceptance of such change.

10. Contacting Us

We encourage you to contact us if you have any questions about this Privacy Policy.

Elements, Inc.
Teheran-Rd 79-6, 3rd Fl., Seoul, Korea
Email: contact@elements.im

Introduction

Please read this Privacy Policy carefully. By accessing or using the Service, you acknowledge you have been informed of and consent to our practices with regard to your personal information and data.

1. Personal Data We Collect

We collect the following categories of personal data:

A. Personal data you provide to us directly

We collect personal data if you create an account to use our Service or communicate with us. This includes:

Account Information: We collect identifiers such as your name and email address when you sign up for an account or to receive information about our Service.
Payment Information: We do not collect or store your payment information. All payment processing is handled entirely by our merchant of record, Polar.sh, and is subject to their terms and privacy policy. We only receive confirmation of your subscription status; we never have access to your card numbers, billing addresses, or other financial details.
Inputs and Outputs: The Service allows you to submit content ("Inputs"), which generate AI responses ("Outputs") based on your Inputs. We do not collect or store your Inputs or Outputs on our servers. Inputs are processed in real time by our AI model providers to generate Outputs and are not retained after the response is delivered, except as described in Section 2.
Communication Information: If you communicate with us, we collect your name, contact information, and the contents of any messages you send.
Feedback: While using the Service, you may provide feedback, including ideas and suggestions for improvement ("Feedback"). If you provide Feedback, we may store the exchange as part of your Feedback.

B. Anonymized behavioral analytics

We do not collect device information, IP addresses, browser fingerprints, or any form of personal usage data through analytics.

C. Data we do not collect

Elements does not collect, store, or access any of the following:

Prompts, messages, or conversations with the AI
Documents and files processed through the Service
Files added during chat sessions
Local files on your devices
Chat histories or conversation logs

2. Data Storage and Processing

All file data added or used by you in the Service is never uploaded to our servers. We do not collect your local files, the documents that you open, or the files you add to AI sessions.

All your data stays on your local device. The data is only accessible on your specific device, as we do not upload it to our cloud servers. We do not utilize semantic RAG or embedding technology, and therefore do not store any chunk of your data, text, or chat on our servers.
AI Data Processing. All AI systems operate in data centers based in the United States. Providers in other regions, especially in China, are not used at all.

3. How We Use Personal Data

We may use personal data for the following purposes:

To provide and maintain the Service, including optional features that enhance functionality and user experience.
To create, manage, and administer your account, including facilitating payments and responding to inquiries.
To improve and develop the Service and conduct research, including debugging and identifying or repairing issues that impair functionality.
To communicate with you, including sending updates, information about the Service, and events.
To prevent, detect, and investigate fraud, abuse, security incidents, and violations of our Terms of Service.
To comply with legal obligations and protect the rights, safety, privacy, and property of users, Elements, or third parties.
To investigate and resolve disputes or security issues.
To enforce our Terms of Service and other applicable agreements.

4. How We Share Personal Data

We may disclose your personal data in the following circumstances:

Provider	Purpose	Data Processed
Polar.sh	Payment merchant of record	All payment and billing information (Elements has no access)
Anthropic / OpenAI	AI model providers	Processed Inputs sent in real time to generate Outputs; not retained after response delivery
MongoDB	Database	Weekly usage limits and usage records (no conversation content)
WorkOS	Authentication	Authentication tokens only; no personal data or content transferred
Loops	Transactional email	Email address (for onboarding and transaction emails)
Mixpanel	Anonymized behavioral analytics	Fully anonymized interaction patterns; no personal data
Sentry	Error monitoring	Code-level error logs only; no personal data or user content
Langfuse	LLM observability	Agent tool usage and performance metrics only; no personal data or user content
AWS S3	Cloud storage	Internal application data only; no user files or personal data
Tavily / Firecrawl	Web search and crawling	AI-generated search queries only; no user Inputs or personal data are transmitted

Business Transfers: In the event of a merger, acquisition, restructuring, bankruptcy, or other corporate transaction, personal data may be disclosed to counterparties and advisers as part of due diligence or transferred as part of the transaction.
Legal Compliance and Protection of Rights: We may disclose personal data to government authorities or other third parties if we believe doing so is necessary to: (i) comply with applicable laws, regulations, or legal processes; (ii) respond to lawful requests or investigations; (iii) protect the safety, rights, or property of any person; (iv) prevent fraud, security incidents, or other unlawful activity; (v) enforce our Terms of Service or other legal rights; or (vi) protect Elements against legal liability.
Affiliates: We may share personal data with affiliates, meaning an entity that controls, is controlled by, or is under common control with us. They may use personal data in a manner consistent with this Privacy Policy.
Third-Party Services and Integrations: The Service may include integrations with or links to third-party websites, applications, or services. If you choose to interact with these third parties, your personal data may be disclosed to them directly and governed by their own terms and privacy policies.
With Your Consent: We may disclose personal data when you give us explicit permission to do so.

5. Retention

6. Security

Encryption: All passwords are encrypted for storage and management. Encrypted communication (TLS) is used to safely transmit personal information on the network.
Access Controls: We limit the number of employees who handle personal information and grant separate credentials which are updated regularly.
Infrastructure Protection: We use intrusion prevention systems to control unauthorized access and employ up-to-date security measures to prevent leakage or damage to personal information.

7. Your Rights and Choices

The rights available to you may include:

Right to know what categories of personal data we collect, the purposes for which we use it, and the types of third parties with whom we share it.
Access and portability, meaning you can request a copy of the personal data we hold about you and, where applicable, ask us to provide it in a portable format.
Deletion of personal data collected from you in connection with your use of the Service, subject to certain exceptions.
Correction of inaccurate personal data we maintain about you.
Objection to certain types of processing. Where applicable, we will stop processing unless we have legitimate legal grounds to continue.
Restriction of our processing of your personal data in limited circumstances, such as while a correction request is pending.
Withdrawal of consent, where the legal basis for our processing is based on your consent. Withdrawal does not affect the lawfulness of prior processing.
Local data deletion: You can delete file data within the Service at any time by deleting the application installed on your local device, or by individually removing files within the Service. Since all file data remains on your device, this is no different from deleting files on your own computer.

8. Jurisdiction-Specific Disclosures

9. Privacy Policy Changes

10. Contacting Us

We encourage you to contact us if you have any questions about this Privacy Policy.

Elements, Inc.
Teheran-Rd 79-6, 3rd Fl., Seoul, Korea
Email: contact@elements.im

Privacy Policy

Introduction

1. Personal Data We Collect

A. Personal data you provide to us directly

B. Anonymized behavioral analytics

C. Data we do not collect

2. Data Storage and Processing

3. How We Use Personal Data

4. How We Share Personal Data

5. Retention

6. Security

7. Your Rights and Choices

8. Jurisdiction-Specific Disclosures

9. Privacy Policy Changes

10. Contacting Us

What took hours in Excel. Now takes a prompt.

Privacy Policy

Introduction

1. Personal Data We Collect

A. Personal data you provide to us directly

B. Anonymized behavioral analytics

C. Data we do not collect

2. Data Storage and Processing

3. How We Use Personal Data

4. How We Share Personal Data

5. Retention

6. Security

7. Your Rights and Choices

8. Jurisdiction-Specific Disclosures

9. Privacy Policy Changes

10. Contacting Us