Legal

Privacy Policy & Cryptographic Guarantees

Last updated: March 30, 2026

The Zero-Knowledge Promise

Most privacy policies consist of promises that a company will not look at your data. At Balon AI, we are building an architecture designed to ensure that we cannot look at your data where encryption is active.

Our infrastructure is built on a Zero-Trust Architecture (ZTA) utilizing Client-Side End-to-End Encryption. Your data is encrypted inside your browser using a Master Encryption Key (MEK) derived from your password via PBKDF2 (utilizing 100,000 iterations and a unique cryptographic salt generated via a Secure Pseudo-Random Number Generator). We never receive your password in plaintext, and we never receive your MEK. We only store computationally unreadable ciphertexts protected by AES-256-GCM.

This approach implements "Privacy by Design" as mandated by GDPR Article 25. By ensuring that decryption keys never touch our infrastructure, we remove the possibility of insider threats or unauthorized access resulting from server-side compromise.

Model Provider Privacy

To provide AI intelligence, Balon AI routes requests to high-performance model providers (including Together AI and others via our unified API). We maintain strict privacy standards for these integrations:

  • TLS Enforced: All prompts are transmitted via TLS 1.3 with Perfect Forward Secrecy.
  • Zero Data Retention (ZDR): We prioritize providers that offer Zero Data Retention policies, ensuring that your prompts and generated outputs are never used to train underlying foundation models.
  • Metadata Striping: We strip all personally identifiable metadata (such as your email or organization ID) from requests sent to third-party model providers.

Data Sovereignty and Residency

Your data resides in a physically secure, monitored environment:

  • Primary Storage: All encrypted data is stored within the AWS US-East-1 region.
  • Encryption at Rest: Beyond client-side E2EE, our underlying storage layer utilizes Amazon S3 Server-Side Encryption (SSE-S3) for a second layer of defense-in-depth.
  • High Availability: Encrypted backups are maintained across multiple availability zones within the primary region to ensure data durability.

What Is Encrypted (Active E2EE)

The following data is actively protected by client-side end-to-end encryption. Balon AI cannot read this data:

  • Chat Transcripts: Messages and chat titles are encrypted in your browser. The stored ciphertext uses AES-256-GCM and is unreadable without your encryption key.
  • Custom Presets: Your custom system prompts, agent instructions, preset names, and descriptions are encrypted in your browser.
  • User Identity: Your human name (first and last name) is encrypted for password-authenticated accounts. Our servers only retain your email address for authentication and billing.
  • Organization Metadata: Workspace names are encrypted and only visible to authorized members.
  • User API Keys: API key labels are encrypted. The keys themselves are shown once and never stored in plaintext — only a one-way cryptographic hash is retained.
  • Cryptographic Material: Your MEK and RSA private keys are wrapped using your password-derived key and never transmitted in plaintext.

Note on Social Login: Users who sign in exclusively via Google or GitHub OAuth do not have a password from which to derive an encryption key. Their data is protected by infrastructure-level encryption (TLS 1.3 and S3 SSE) rather than client-side E2EE. Full E2EE can be enabled by setting an encryption passphrase in account settings.

If we are served with a subpoena or warrant for the above data, we can only provide encrypted ciphertexts, which are useless without your password.

Infrastructure Security

For data categories not yet covered by client-side E2EE (such as uploaded file contents), we utilize industrial-grade infrastructure security:

  • Heightened TLS: All data in transit is protected by modern TLS cipher suites (TLS 1.3) with Perfect Forward Secrecy, ensuring secure transmission between your device and our servers.
  • Amazon S3 SSE: Files are stored using Server-Side Encryption (SSE-S3) at the storage layer, providing robust protection at rest.

Full client-side E2EE for these remaining categories is currently on our development roadmap.

What We Can See (Operational Metadata)

To operate the service, route requests, process billing, and manage organizations, we do have access to certain unencrypted metadata:

  • Account Information: Your email address and basic profile details.
  • Billing Data: Subscription tiers, Stripe customer IDs, and token usage counts.
  • Access Logs: Login timestamps. Balon AI does not log your IP address or browser user agent.
  • API Key Uniformity: We store all API keys using a standardized format. System keys used for background automation are securely encrypted, while user keys are filled with random cryptographic noise. This camouflage ensures that no single key stands out as a high-value target in our database.
  • Organization Structure: Who belongs to which organization and their assigned roles.

Device-Level Security

While your data is secure in transit and at rest on our servers, it is briefly decrypted within your browser's memory to provide a seamless application experience. Our privacy guarantees end at your device's boundary. It is your responsibility to ensure your local environment is free from malware, keyloggers, and unauthorized physical access.