EdgeKeeper ("we", "us", "our") respects your privacy and is committed to being transparent about how we handle your data. This policy explains what personal information we collect, why we collect it, how we use and protect it, and what rights you have over it.
By using EdgeKeeper, you agree to the practices described in this policy. If you do not agree, please do not use the Service.
The short version: Your conversation content is yours. We do not sell it, share it beyond what's necessary to run the platform, or use it to train AI models. The only third parties who receive any of your data are the infrastructure providers that power the platform — listed in full below.
EdgeKeeper is operated by EdgeKeeper Ltd, registered in Nigeria. For the purposes of data protection law, we are the data controller for personal information processed through the platform.
Data protection contact: privacy@edgekeeper.io
We collect only what is necessary to operate the Service:
Payment processing is handled entirely by Polar.sh. We store only your subscription status (plan tier and renewal date). We never receive, see, or store your card number, bank account details, or any raw payment instrument data.
We process your personal data on the following legal bases:
| Purpose | Legal basis |
|---|---|
| Providing mentor sessions and maintaining conversation memory | Performance of contract |
| Account creation and authentication | Performance of contract |
| Billing and subscription management | Performance of contract |
| Sending transactional emails (billing receipts, password resets) | Performance of contract |
| Enforcing plan usage limits | Performance of contract |
| Detecting abuse and maintaining platform security | Legitimate interests |
| Proactive mentor outreach (if enabled in Settings) | Consent (opt-in, revocable) |
| Compliance with legal obligations | Legal obligation |
We do not use your conversation content or behavioral data to train AI models — ours or anyone else's. We do not sell, rent, or trade your personal data for any commercial purpose.
Your messages are transmitted to OpenAI's API to generate mentor responses in real time. Only the conversation content required to produce a response is sent — your name, email address, and payment information are never included. Transmission occurs over TLS. OpenAI's Privacy Policy and API data processing terms govern their handling of this data.
Voice sessions are processed by ElevenLabs. Your voice is not used — the AI mentor's synthesised speech is streamed to you in real time. No audio is stored by EdgeKeeper. ElevenLabs' Privacy Policy applies.
We share only the minimum data necessary with the following providers to operate the platform:
| Provider | Data shared | Purpose |
|---|---|---|
| Supabase | All stored data (encrypted at rest on AWS) | Database, authentication, and storage |
| OpenAI | Conversation messages per request | AI mentor text generation |
| ElevenLabs | Text to be synthesised (no personal data) | Voice session audio synthesis |
| Polar.sh | Email address, subscription events | Payment processing and billing |
| Resend | Email address, email content | Transactional email delivery |
All providers are required to process your data only for the purpose we specify and to maintain appropriate security measures. We do not authorise any provider to use your data for their own independent purposes.
EdgeKeeper uses a single session cookie:
ek_session — an HttpOnly, SameSite=Strict cookie that holds your authenticated session token. It cannot be read by JavaScript, browser extensions, or third-party scripts. It expires after 7 days of inactivity.We do not use advertising cookies, tracking cookies, or analytics cookies. We do not embed any third-party tracking scripts on the platform.
Your data is stored in Supabase's PostgreSQL database on AWS infrastructure. Data is encrypted at rest and in transit (TLS). Row-level security policies in the database ensure your data can only be accessed by authenticated server-side operations acting on your behalf — no other user can access your data.
We implement rate limiting, input validation, HTTPS enforcement, and HTTP security headers (HSTS, CSP, X-Frame-Options) on all endpoints. Despite these measures, no system is perfectly secure. We will notify you promptly in the event of a data breach that affects your personal information.
We retain your personal data for as long as your account remains active. If you close your account:
You may request deletion of your data at any time — even without closing your account — by emailing privacy@edgekeeper.io. We will confirm deletion within 30 days.
EdgeKeeper is operated from Nigeria. Our infrastructure providers (Supabase/AWS, OpenAI, ElevenLabs, Polar.sh, Resend) may process or store your data in the United States or other countries. Where data is transferred outside your country of residence, we ensure that appropriate safeguards are in place — including relying on providers that have executed Standard Contractual Clauses or equivalent mechanisms where required by applicable data protection law.
Depending on your jurisdiction, you may have the following rights:
To exercise any of these rights, email privacy@edgekeeper.io with the subject line "Privacy Request." We will respond within 30 days. We may ask you to verify your identity before actioning a request.
If you are located in the EU or UK and believe we have not handled your data lawfully, you have the right to lodge a complaint with your local supervisory authority (e.g. the ICO in the UK, or your national DPA in the EU).
EdgeKeeper is not directed at, and does not knowingly collect data from, individuals under the age of 18. If we become aware that we have collected personal data from a person under 18, we will delete it promptly. If you believe we have received data from a minor, contact privacy@edgekeeper.io immediately.
We may update this policy as the Service evolves. When we make material changes, we will notify you by email and update the "Last updated" date above at least 14 days before the changes take effect. Continued use of the Service after changes take effect constitutes your acceptance of the revised policy.
Prior versions of this policy are available on request.
For all privacy-related queries, requests, and concerns:
privacy@edgekeeper.io
For general enquiries:
hello@edgekeeper.io