Privacy Policy

Effective Date: March 27, 2026 · Last Updated: March 27, 2026

VaultScaler Inc. (“Company,” “we,” “us”) operates the HyperLev platform. This Privacy Policy explains what data we collect, how we use it, and your rights.

1. What We Collect

Data Type	Examples	Purpose
Account information	Email, company name, password hash	Authentication, account management
Conversation data	Messages you send to ARIA, product descriptions	AI processing, code generation
Build records	Build status, compute type, timestamps, generated code metadata	Product management, monitoring
Product metadata	Product names, architecture decisions, deployment URLs	Dashboard, workspace functionality
Payment data	Processed by Stripe — we do not store card numbers	Billing
Usage data	Feature usage, page visits, API calls	Service improvement
AWS configuration	AWS Account ID, IAM Role ARN	Cross-account deployment

2. What We Do NOT Collect

HyperLev does not access, read, store, or process:

Runtime data flowing through your deployed applications
Database contents of your deployed products
Request/response bodies of your application traffic
User data of your end users
AWS credentials (we use IAM role assumption, not stored keys)

Our monitoring is limited to operational health: HTTP status codes, response times, and uptime. We check health endpoints only.

3. How We Use Your Data

AI Processing: Your conversation messages are sent to Amazon Bedrock (Anthropic Claude) for code generation and architectural reasoning. These messages are processed under Amazon’s data handling policies and are not used to train models.
Knowledge Graph: Product metadata, build records, and relationship data are stored in Amazon Neptune (graph database) to provide persistent memory and intelligent responses.
Service Operation: Account data is used for authentication, billing, communication, and customer support.
Platform Intelligence: Aggregate, anonymized usage patterns may be used to improve the platform. We do not sell individual customer data.

4. Where We Store Data

All HyperLev infrastructure runs in AWS us-east-1 (N. Virginia). Your data is stored in:

Amazon Neptune Analytics (knowledge graph)
Amazon S3 (build artifacts, Terraform state)
Amazon ECS (runtime application state, in-memory only)

Data is encrypted in transit (TLS) and at rest (AWS-managed encryption).

5. Third-Party Services

Service	Purpose	Data Shared
Amazon Bedrock (Anthropic Claude)	AI reasoning and code generation	Conversation messages, product descriptions
Stripe	Payment processing	Email, payment method (handled by Stripe)
AWS (your account)	Infrastructure deployment	Generated code, Terraform configurations
GitHub	Code repository operations	Generated code (if GitHub integration enabled)

6. Data Retention

Active accounts: Data is retained for the duration of your subscription.
After cancellation: Account data is retained for 30 days, then permanently deleted.
Build artifacts: Generated code and Terraform state in S3 are deleted within 30 days of account closure.
Deployed infrastructure: Resources in your AWS account remain after cancellation. You are responsible for removing them.

7. Your Rights

You have the right to:

Access: Request a copy of the data we hold about you.
Correction: Update or correct inaccurate data.
Deletion: Request deletion of your account and associated data.
Export: Request an export of your product data and conversation history.
Revoke AWS access: Delete the IAM role at any time to immediately revoke our access to your AWS account.

To exercise any of these rights, contact privacy@vaultscaler.com.

8. Security

We implement industry-standard security measures including TLS encryption, IAM role-based access (no stored AWS credentials), isolated tenant data in Neptune, and secure secret management via AWS Secrets Manager. No system is perfectly secure, and we cannot guarantee absolute security.

9. Cookies

HyperLev uses a single authentication cookie (aria_token) to maintain your session. We do not use third-party tracking cookies, advertising cookies, or analytics cookies.

10. Children

HyperLev is not intended for use by individuals under 18 years of age. We do not knowingly collect data from children.

11. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email or through the Service. The “Last Updated” date at the top reflects the most recent revision.

12. Contact

For privacy-related questions or requests: privacy@vaultscaler.com

VaultScaler Inc.
Las Vegas, Nevada, United States