Prysai Lab

Privacy and Compliance

Privacy Policy

This policy explains how PrySai Lab handles data across the website, AI Chat, plans, projects, research workflows, Studio team features, and related support flows. It is written to match the real product boundary of the current PrySai environment rather than making broader promises than the service can truthfully support.

AI Chat local-first by default Saved workspaces are server-backed Third-party model APIs process requests
Open AI Chat Terms of Service

Effective date: May 13, 2026

Overview

PrySai Lab does not claim that it stores no user data at all. Instead, the service is built around a privacy-first boundary for standard AI Chat: ordinary prompts, outputs, and drafts stay in the browser by default unless you deliberately use a feature that requires server-side persistence.

The live AI Chat runtime currently sends requests to the following third-party model APIs when required by the user-selected workflow: OpenAI API, Google Gemini API, Anthropic API, DeepSeek API.

Local by default

Ordinary AI Chat history is intended to stay in browser storage until you clear, export, replace, or move it into a saved feature.

Server storage is scoped

PrySai stores account, plan, billing, entitlement, anti-abuse, and saved-workflow records only where the feature requires it.

Model APIs still process requests

If you use AI features, the selected provider may process prompt text, files, and structured request data needed to answer you.

  • Standard AI Chat sessions are browser-local by default.
  • PrySai stores minimum account, billing, access-control, anti-abuse, and operational metadata needed to run the service.
  • Saved features such as Projects, Studio team spaces, saved research reports, redeem/plan records, and support flows create server-side records.
  • When AI inference is requested, prompts, attachments, and model inputs are sent to third-party model APIs selected by the active runtime.

Scope and structure

This policy applies to prysai.com, PrySai AI Chat, account flows, plans, redeem flows, saved projects, Studio team spaces, research features, support/contact flows, and related product surfaces unless a more specific notice clearly overrides it.

  • Browser-local data means state stored on your device by your browser, such as drafts, local sessions, UI preferences, and ordinary unsaved chat history.
  • Server-backed data means records PrySai keeps because the feature cannot work without persistence, such as accounts, plans, team membership, saved projects, or saved research reports.
  • Provider processing means the third-party AI service that receives request payloads when you use a model-powered feature.

This document is an operational disclosure. It is designed to help users understand what is stored locally, what is stored by PrySai, what is sent to providers, and what controls are available.

Categories of information we may process

The exact categories depend on the page, feature, plan tier, and workflow you use. Across the service, the main categories are:

  • Account and identity data: name, email address, avatar, account ID, workspace role, invite status, authentication state, and related account metadata.
  • Plan and billing data: plan tier, credits, usage ledger records, redeem activity, billing status, entitlement windows, and fair-use enforcement data.
  • Product usage data: model selection, provider selection, request timing, error states, token or usage summaries, and operational diagnostics.
  • Browser-local data: unsaved AI Chat history, drafts, local session titles, theme, language, interface preferences, and local storage keys used to restore your experience.
  • Prompt and workflow content: prompt text, files, extracted document text, images, research briefs, generated outputs, and structured conversation state when you use AI features.
  • Support and contact data: information you intentionally submit through contact or support channels.

How information reaches us

  • Directly from you: when you create an account, edit a profile, buy or redeem a plan, submit a prompt, upload a file, create a project, or contact PrySai Lab.
  • From your browser or device: through local storage, session state, interface preferences, and normal technical request metadata needed to serve the site.
  • From integrated service providers: such as authentication, payment, analytics, hosting, and AI model providers, but only to the extent required for the feature you use.
  • From administrators or teammates: when a Studio workspace invites or provisions your access.

AI Chat local-first storage

Standard AI Chat content is designed to remain in browser storage by default. This includes normal conversation history, drafts, local session preferences, and other device-local chat state used to restore your experience in the browser where you used the product.

  • Browser-local data may include session titles, prompt and response text, drafts, preset selections, theme and language preferences, and local session linkage metadata.
  • Browser-local data can be exported, imported, or cleared through AI Chat data-management controls.
  • If you use AI Chat on multiple browsers or devices, ordinary local chat history does not automatically sync between them unless you explicitly save work into a server-backed feature.

Cookies, analytics, and local storage

PrySai uses browser storage and related client-side techniques to keep the site usable. That includes theme settings, translation UI state, local AI Chat state, sign-in continuity, and feature gating. Some public pages may also use analytics or performance tooling to understand site reliability and usage patterns.

  • Local storage and similar browser storage may be used to remember theme, language, AI Chat drafts, local session references, and certain interface choices.
  • Security, anti-abuse, or session-continuity cookies may be used where required to operate account or sign-in features safely.
  • Analytics or measurement scripts may appear on some public pages to help understand performance, traffic, and product usage, subject to the site configuration in effect at that time.
  • Third-party widgets or authentication flows may set or read their own cookies or local storage under their own policies when those features are invoked.

If you disable browser storage entirely, some parts of AI Chat, theme persistence, session continuity, and account convenience features may not work correctly.

What PrySai stores on its own servers

PrySai retains only the minimum categories of server-side data required for service operation, account management, access control, financial accuracy, anti-abuse, and support. Typical categories include:

  • Account identifiers such as username, email address, profile display fields, authentication state, invite and member identifiers, and related account metadata.
  • Credit, plan, and entitlement data such as balances, ledger events, reservation/settlement records, redeem-code activity, plan source, plan expiry, and fair-use counters.
  • Operational metadata such as selected model ID, provider ID, token/usage totals, request timing, error traces, abuse-prevention signals, and runtime diagnostics needed to keep the service available and safe.
  • Support and contact records when you deliberately submit a request through customer support or contact channels.

PrySai does not retain ordinary AI Chat prompt-and-response content on its own servers by default after request completion unless the workflow itself is a persistent feature.

Third-party AI API processing

When you ask AI Chat to analyze text, images, files, or research material, the service must send the necessary request payload to the third-party model API that powers the selected workflow. Depending on the feature, this can include prompt text, structured conversation state, image inputs, file extracts, retrieval results, research instructions, and tool-related request parameters.

  • Third-party model providers process request data to return model outputs, apply safety controls, monitor abuse, and operate the underlying AI service.
  • PrySai cannot guarantee that third-party providers process data only in the same jurisdiction as the user.
  • If you do not want a prompt or file to be processed by a third-party model API, do not submit that content through AI Chat.
  • The effective provider can vary by selected model, plan tier, research mode, attachment type, fallback path, or runtime readiness.

Provider-specific processing disclosures and official policy links are listed in the appendix below.

Saved and team-backed features

Some AI Chat features are intentionally persistent. When you use them, PrySai stores additional server-side records because those features cannot function as browser-local only tools.

Projects

Project summaries, notes, pinned prompts, linked-session references, and activity timestamps may be stored server-side so you can reopen that workspace later.

Studio

Team records, invite links, membership roles, plan entitlements, and related administration metadata are stored server-side to support shared team access.

Research and saved apps

Saved research briefs, generated reports, and explicit workflow saves may create additional server-backed records when you choose those persistent features.

Plan records, redeem events, and usage enforcement data may also be stored server-side to support plan access, fair-use controls, and credit integrity across Plans and team entitlements.

Billing, plans, credits, and fraud controls

PrySai stores transaction-related and entitlement-related data needed to keep credits, subscriptions, and access logic accurate. This is important both for product integrity and to prevent misuse.

  • Plan and credit systems may store ledger entries, reservation and settlement events, consumption estimates, refunds, redeems, plan changes, expiry dates, and entitlement decisions.
  • Commerce or payment service providers may process their own payment details under their own privacy terms. PrySai may receive confirmation data, status fields, partial billing metadata, or subscription state required to activate or maintain your plan.
  • Operational logging, rate limits, abuse signals, and fraud-prevention checks may be used to protect plans, credits, and account systems from misuse or unauthorized access.

Why we process information

The purpose depends on the feature you use, but the main reasons include:

  • to provide the website, account systems, AI Chat, saved workspaces, and Studio collaboration features;
  • to authenticate users, enforce plan access, and keep usage, credit, and billing records accurate;
  • to respond to prompts and generate AI outputs through the selected provider path;
  • to secure the service, investigate abuse, prevent fraud, and keep the platform reliable;
  • to support users, answer contact requests, and maintain product operations; and
  • to understand product performance and improve safety, usability, and reliability.

Depending on the jurisdiction and context, the applicable rationale may include contract performance, consent, legitimate interests, legal compliance, fraud prevention, or other lawful grounds available under applicable law.

Retention and deletion

PrySai aims to keep retention proportional to feature scope.

  • Browser-local standard chat data remains on your device until you clear it, your browser removes it, or you import/export and replace it.
  • Billing, credits, plan, and anti-abuse records may be retained as long as necessary for accounting, access-control enforcement, fraud prevention, disputes, legal compliance, or legitimate business operations.
  • Saved projects, team records, and persistent research records are retained until deleted by the user, removed by an administrator, or retired under the applicable service lifecycle, subject to backups and legal obligations.
  • Temporary uploads, transient invite/join tokens, and stale research polling payloads may be cleaned on a rolling basis to reduce unnecessary storage and operational exposure.

User controls and rights

  • You can clear or export browser-local AI Chat data from the AI Chat data-management controls.
  • You can manage account-facing details through your AI Chat account and broader site account pages when available.
  • For access, correction, deletion, or privacy questions relating to server-side records, contact PrySai Lab through the official contact page.
  • If you submit data that belongs to another person, you are responsible for having a lawful basis or authorization to do so.
  • Depending on where you live, applicable law may give you rights such as access, correction, deletion, portability, restriction, objection, or withdrawal of consent where consent is the basis for processing.
Account Contact PrySai Lab

Security and incident response

PrySai uses technical and organizational measures intended to reduce unauthorized access and misuse, but no internet-based system can guarantee absolute security. Users should avoid submitting unnecessary sensitive personal data to AI Chat or any third-party model API unless they have evaluated the downstream risk.

  • Abuse monitoring, fraud prevention, and rate limiting may require limited operational logging.
  • Access controls, entitlement checks, request validation, and operational monitoring may be used to reduce account misuse, prompt abuse, and infrastructure attacks.
  • Where a feature depends on a third-party provider, that provider’s own legal terms and privacy disclosures also apply to the portions of data processed by that provider.

If PrySai determines that a security incident has affected personal data in a way that triggers notification duties under applicable law, PrySai will respond according to the legal and operational obligations that apply at that time.

International processing

AI infrastructure, support tooling, hosting, analytics, and provider operations may involve processing across multiple jurisdictions. That means personal data and request payloads may be accessed or processed outside the country where the user is located.

  • AI provider requests may be processed in multiple regions depending on the active provider and its subprocessors.
  • Saved workspace and account operations may also rely on service providers that operate globally.
  • PrySai cannot promise that all data will stay in one country or one legal region.

Provider expansion may be added later through the same adapter and policy framework.

Children and age limits

PrySai is not designed as a child-directed service. Do not use the service if you are too young to do so under the laws that apply to you, and do not submit personal data about young children through AI Chat, research features, or support forms unless you are authorized to do so and it is legally appropriate.

  • PrySai does not knowingly build ordinary product flows around the collection of personal data from children under 13.
  • If PrySai becomes aware that personal data from a child has been collected in a way that requires deletion or other action under applicable law, PrySai will take appropriate steps.

Sensitive data guidance

AI tools are not the right place for every category of information. Unless you have a clear reason and have evaluated the downstream provider risk, do not submit highly sensitive personal data through PrySai.

  • Avoid uploading government identifiers, precise financial account credentials, health records, biometric identifiers, highly sensitive employment files, or confidential legal evidence unless you understand the consequences.
  • If you act on behalf of a business, team, or client, you are responsible for deciding whether the data you upload is appropriate for third-party AI processing.
  • If a prompt contains personal data about another individual, you are responsible for having the right to submit it.

California privacy notice

If California privacy law applies to you, the categories described in this policy are intended to function as PrySai's high-level notice of collection and use. The exact categories collected depend on the feature you use, your plan, and whether you choose a browser-local or server-backed workflow.

  • PrySai is not a data broker and does not operate a marketplace for selling personal information for money.
  • Public pages may use analytics or similar measurement technologies. If PrySai's data practices materially change in a way that requires additional California disclosures or opt-out controls, this policy and the relevant notices will be updated.
  • California users may contact PrySai regarding applicable rights requests, including requests to know, delete, or correct information, subject to verification and lawful exceptions.

Provider appendix

This appendix summarizes the third-party model providers that are currently active or architecturally prepared for future support in PrySai AI Chat. It is intended as a practical processing map rather than a replacement for each provider’s official terms.

OpenAI API

Status: Currently enabled

Role: Model inference and optional background research processing for AI Chat and saved research workflows.

Training/data-use baseline: API customer data is not used to train models by default under current API data controls.

Abuse monitoring / retention baseline: Safety and abuse-monitoring logs may be retained for limited periods for misuse prevention and service protection.

Files and images: Prompts, structured conversation payloads, and uploaded files/images may be sent when needed to fulfill a user request.

Cross-border note: Requests may be processed in regions where the provider or its subprocessors operate.

Google Gemini API

Status: Currently enabled

Role: Model inference for AI Chat requests, attachments, and supported multimodal workflows.

Training/data-use baseline: Data handling and training boundaries follow the Gemini API terms, logs policy, and usage policies in effect for the API tier in use.

Abuse monitoring / retention baseline: Requests may be subject to logging, abuse detection, and policy enforcement according to Gemini API logging and abuse-monitoring policies.

Files and images: Prompt text, structured content parts, and supported file/image inputs may be transmitted to complete the requested task.

Cross-border note: Processing may occur on systems operated by Google or its subprocessors in multiple jurisdictions.

Anthropic API

Status: Currently enabled

Role: Model inference for supported AI Chat requests, streaming replies, and approved multimodal workflows.

Training/data-use baseline: Commercial API retention and training boundaries depend on the Anthropic API terms and product tier in effect for the active workspace.

Abuse monitoring / retention baseline: Requests may be subject to limited safety logging, abuse monitoring, and policy enforcement needed for reliability and misuse prevention.

Files and images: Prompts, files, and supported multimodal inputs may be transmitted when required to complete the user-requested task.

Cross-border note: Processing may occur in regions where Anthropic and its subprocessors operate.

DeepSeek API

Status: Currently enabled

Role: Model inference for supported AI Chat requests and reasoning-capable chat workflows.

Training/data-use baseline: API data handling follows the DeepSeek API privacy and data-use terms in effect for the active service tier.

Abuse monitoring / retention baseline: Requests may be subject to logging and monitoring needed for safety, reliability, and abuse prevention.

Files and images: Prompt and supported file payloads may be routed when necessary to complete the user-requested task.

Cross-border note: Processing may occur in jurisdictions where DeepSeek or its subprocessors operate.

Changes to this policy

PrySai may update this policy when product behavior, provider integrations, saved-feature scope, analytics configuration, legal requirements, or security practices change. The current version is the one published on this page.

  • If a change is material, PrySai may also provide additional notice inside the product or through the account interface where appropriate.
  • Your continued use of the service after an updated policy takes effect means the updated version will govern future use, to the extent allowed by law.

Contact

If you have questions about this policy, need help understanding how a saved feature stores data, or want to request action on server-side records, please use the official contact path.

Need help?

Use the contact page for privacy requests, rights requests, or questions about the AI Chat data boundary.

Contact AI Chat