Legal

Privacy Policy & Cryptographic Guarantees

Last updated: March 24, 2026

The Zero-Knowledge Promise

Most privacy policies consist of promises that a company will not look at your data. At Balon AI, we are building an architecture designed to ensure that we cannot look at your data where encryption is active.

Our infrastructure is being built on a Zero-Trust Architecture (ZTA) utilizing Client-Side End-to-End Encryption. Where active, your data is encrypted inside your browser using a Master Encryption Key (MEK) derived from your password via PBKDF2 (100,000 iterations). We never receive your password in plaintext, and we never receive your MEK. Encryption coverage is expanding and may not apply to all features at this time. For data protected by active E2EE, we only store computationally unreadable ciphertexts.

What Is Encrypted (Active E2EE)

The following data is actively protected by client-side end-to-end encryption. Balon AI cannot read this data:

  • Chat Transcripts (after delivery): Messages are encrypted in your browser after each AI response is received and streamed. The stored ciphertext is unreadable without your encryption key.
  • User API Keys: The plaintext of any API key you generate is shown exactly once and never stored — only a one-way SHA-256 hash is retained.
  • Encryption Key Material: Your Master Encryption Key (MEK) and RSA private keys are wrapped with a key derived from your password and never transmitted or stored in plaintext.

If we are served with a subpoena or warrant for the above data, we can only provide encrypted ciphertexts, which are useless without your password.

What Is Not Yet Encrypted

The following data is currently stored in plaintext on our servers. We are actively expanding encryption coverage to include these:

  • Chat Transcripts (during streaming): While a message is being generated and streamed, it briefly exists in plaintext on our servers before your browser encrypts and re-stores it. This window is typically under a few seconds.
  • Preset System Prompts: Your custom agent instructions and system prompts are stored in plaintext. Encryption for presets is on our roadmap.
  • Files and Attachments: Uploaded files are stored with standard server-side encryption (AWS SSE-S3) but not client-side E2EE. Client-side file encryption is on our roadmap.

What We Can See (Operational Metadata)

To operate the service, route requests, process billing, and manage organizations, we do have access to certain unencrypted metadata:

  • Account Information: Your email address and basic profile details.
  • Billing Data: Subscription tiers, Stripe customer IDs, and token usage counts.
  • Access Logs: IP addresses, browser user agents, and login timestamps.
  • System API Keys: Symmetrically encrypted tokens required for our backend to process autonomous tasks (padded with dummy data to protect user keys).
  • Organization Structure: Who belongs to which organization and their assigned roles.

Device-Level Security

While your data is secure in transit and at rest on our servers, it is briefly decrypted within your browser's memory to provide a seamless application experience. Our privacy guarantees end at your device's boundary. It is your responsibility to ensure your local environment is free from malware, keyloggers, and unauthorized physical access.