This Privacy Policy describes how Sofie Wiki ("we," "us") collects, uses, and protects your personal information when you use our AI-powered wiki platform ("the Service").
1. Information we collect
1.1 Account information
- Name and email address (when you register)
- Account credentials (securely stored, never in plain text)
- Organization or workspace details (if applicable)
1.2 Wiki content and conversation history
- Text content you create, edit, or chat about in the wiki
- Files and attachments you upload
- Full conversation history: by default, your chat messages and the assistant's responses are stored automatically so you can browse and resume past conversations. You can turn this off at any time in Settings
- Metadata: page titles, version history, timestamps, and edit logs
1.3 Usage data
- Pages visited and search queries
- Features used and interaction patterns
- Browser type, device information, and IP address
1.4 AI interaction data
Metadata about AI interactions (timestamps, provider used, success/failure). Your chat messages and the assistant's responses are stored as conversation history by default, regardless of the AI provider you use; you can disable this in Settings, in which case your messages are not retained after the session. For BYOK, message bodies are also sent to your provider for processing; for Pro and Enterprise managed AI, prompts and responses may be additionally logged by the provider for support and abuse prevention.
2. How we use your information
We use your information to:
- Provide the Service: create, edit, search, and manage your wiki content.
- AI processing: process your chat inputs to generate and update wiki entries using AI models.
- Improve the Service: analyze usage patterns to improve features, performance, and reliability.
- Security: detect and prevent unauthorized access, fraud, and abuse.
- Communication: send service-related notifications (e.g., account updates, security alerts).
- Support: respond to your support requests and inquiries.
3. AI and data processing
- Your wiki content and chat messages are processed by AI models to generate and update pages.
- In the Free tier (BYOK), you provide your own AI API key, and prompts are sent directly to the AI provider you configure (e.g., OpenAI, Google Gemini). Your conversation messages are stored on our servers as conversation history; the AI API call content is processed by your provider and not separately stored beyond the conversation history retained for you.
- In Pro and Enterprise tiers, AI processing may be handled through our managed AI service. In these cases, content is transmitted to and processed by third-party AI providers under data processing agreements.
- We do not use your wiki content to train AI models.
4. Data sharing and third parties
We do not sell your personal information. We may share data only in the following cases:
- AI providers: content is transmitted to third-party AI providers strictly for processing your requests (e.g., OpenAI, Anthropic, Google Gemini).
- Infrastructure providers: data is hosted on secure cloud infrastructure providers (e.g., Vercel, database hosts) under strict data processing agreements.
- Legal requirements: we may disclose information if required by law, regulation, or legal process.
- Business transfers: in the event of a merger, acquisition, or sale of assets, your data may be transferred with notice to you.
5. Data retention
- Active accounts: your wiki content and account data are retained as long as your account is active.
- After account deletion: data is retained for a limited period (up to 30 days) to allow export, after which it is permanently deleted.
- Backup copies: residual backup copies may exist for a limited time and are purged on a rolling basis.
- AI logs: interaction logs with AI providers may be retained by those providers subject to their own policies.
- Conversation history: your chat conversations are retained as long as your account is active. You can disable automatic saving of new conversations at any time in Settings; conversations already saved remain until you delete them. You can delete individual conversations from the chat panel at any time; deleted conversations are removed immediately, though residual backup copies may persist briefly as described above.
6. Data security
We implement industry-standard security measures:
- Encryption in transit (TLS 1.2+)
- Encryption at rest for stored data
- Secure authentication and access controls
- Regular security assessments
- Incident response procedures
No method of transmission or storage is 100% secure. We encourage you to use strong passwords and protect your account credentials.
7. Your rights
Depending on your jurisdiction, you have the right to:
- Access: request a copy of the personal data we hold about you.
- Correction: request correction of inaccurate data.
- Deletion:request deletion of your personal data ("right to be forgotten").
- Portability: request your data in a commonly used, machine-readable format.
- Objection: object to processing of your data for certain purposes.
- Restriction: request restriction of processing in certain circumstances.
To exercise these rights, contact us at info@sofie.wiki.
8. GDPR compliance (EU users)
For users in the European Economic Area (EEA), United Kingdom, and Switzerland:
- We process data based on contractual necessity (providing the Service), legitimate interest (improving the Service, security), and consent (where applicable).
- Data may be processed outside the EEA. Where this occurs, we ensure adequate safeguards (e.g., Standard Contractual Clauses) are in place.
- You have the right to lodge a complaint with your local data protection authority.
9. CCPA compliance (California users)
For California residents under the California Consumer Privacy Act (CCPA):
- We do not sell personal information.
- You have the right to know what personal information we collect, use, and disclose.
- You have the right to request deletion of your personal information.
- You have the right to opt out of the sale of personal information (though we do not sell it).
- We will not discriminate against you for exercising your rights.
10. Cookies and tracking
- We use essential cookies for authentication and session management.
- We may use analytics tools to understand usage patterns.
- We do not use third-party advertising trackers.
11. Children's privacy
The Service is not intended for users under the age of 16. We do not knowingly collect personal information from children.
12. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be communicated through the Service or by email. Continued use after changes constitutes acceptance.
13. Contact
For questions or requests regarding this Privacy Policy or your personal data, email us at info@sofie.wiki.