Privacy Policy

Last Updated: 8 November 2025

Xiora Technologies (“Xiora”, “we”, “our”, or “us”) respects your privacy and is committed to handling personal information responsibly. This Privacy Policy explains how we collect, use, disclose, and protect information in connection with our VR applications and related services (the “Services”).

Xiora provides Services for adults (18+) only. By using the Services, you confirm that you are at least 18 years old.

1. Information We Collect

We collect only the minimum information needed to operate the Services.

1.1 At Registration (on our website)

  • Username (account ID)
  • Nickname (display name in app)
  • Email address
  • Password (stored only as a salted hash)
  • Age confirmation (18+ checkbox)
  • Consent records (Terms of Service / this Privacy Policy)
  • Marketing opt‑in (optional)
  • Email verification code (one‑time; deleted after use)

1.2 During Use

  • Subscription plan (Free / Standard / Pro) and plan expiration date
  • Daily conversation allowance / remaining time
  • API token (issued only after verification)
  • Abuse‑prevention data including reCAPTCHA (subject to the provider’s Privacy Policy and Terms)
  • User-registered bookmarks (URL and title) saved on our servers and associated with your account
  • Crash/diagnostic events (non‑content technical telemetry only, if needed to improve reliability)

1.3 What We Do Not Collect

  • Credit-card information (payments are processed directly by Stripe, PayPal, or Wise; we do not store or have access to full card details)
  • Conversation content on our servers (conversation history is stored only on your device)
  • Raw microphone audio sent to third parties
  • Contacts, photos, precise GPS location, or device advertising identifiers

2. How Conversations Are Processed (Third‑Party AI Processors)

When you press talk and speak, your audio is captured only while you are speaking. The audio is sent securely to our server solely to perform real-time speech-to-text (STT). We do not store the audio after processing.
The transcribed text (and only that text) is sent to third-party AI inference providers acting as our processors to generate a reply. The reply is returned to your device; your conversation history is saved only on your device (unless you clear it).

If you enable the optional context-sharing feature, the current scene or web page view may be captured as a temporary screenshot and securely transmitted to our server to provide contextual understanding for the AI assistant. These screenshots are used only to generate the immediate response, are not stored on our servers, and are automatically deleted after processing.

We use industry-standard encryption (TLS) for data in transit. Where available, we contractually require our processors to (a) use the data only to generate the requested reply, (b) not use it for model training, and (c) delete temporary copies after processing. We do not sell conversation content or build advertising profiles.

3. Purposes of Use

We use the information we collect to:

  • Provide, maintain, and improve the Services (including speech processing and reply generation)
  • Verify and manage subscription plans and usage limits
  • Prevent abuse, secure accounts, and enforce our terms
  • Send transactional notices (verification, security alerts, service updates)
  • With your optional consent: send marketing emails about updates and promotions

We do not use personal information for interest‑based advertising.

4. Storage, Retention, and Deletion

Registration/account data is stored on our servers and kept while your account is active.
All users worldwide can request deletion of their registration/account data at any time. Submit a request via our Data Deletion page (https://xiora.com/data-deletion) or the contact methods listed below. We will delete such data within 30 days after verifying your request, unless a longer retention period is required by law or for fraud‑prevention, accounting, or other legitimate business purposes.

Verification codes are deleted after use.
Billing/usage records may be retained as required for legitimate business, tax, or legal purposes and deleted when no longer necessary.
Unverified accounts may be removed after a short grace period.
Consent records may be retained as required by law.

Bookmark data (URLs and titles) are stored securely on our servers and can be viewed or deleted by the user at any time from https://xiora.com/bookmarks.

Conversation history is stored only on your device. You can clear it in the app at any time; because it never leaves your device, we cannot access or restore it after you clear or uninstall the app.

We will not discriminate against you for exercising your privacy rights.

5. Disclosure to Third Parties

We do not share personal information except:

  • With your consent
  • To service providers acting on our behalf and under contract (e.g., payments, hosting, email delivery, abuse‑prevention including reCAPTCHA, and AI inference processors as described above)
  • When required by law or to protect rights, safety, or the integrity of the Services

We never sell personal data.

6. Security

We apply industry‑standard security measures, including encryption in transit (TLS), appropriate protections at rest, strict access controls, password hashing with salt, and vendor due diligence with contractual safeguards for processors. No system is perfectly secure; if you believe your account has been compromised, please contact us immediately.

7. Your Rights (Available to All Users Worldwide)

All users globally have the right to:

  • Delete their registration/account data at any time
  • Access and receive a copy of their registration/account data
  • Correct inaccurate registration/account data
  • Object to or restrict certain processing
  • Withdraw marketing consent at any time

How to exercise your rights:

8. Cookies and Similar Technologies

We may use cookies or similar technologies for secure login persistence, session management, and fraud prevention. You can manage cookies through your browser settings; core features may not work without them.

9. International Transfers

We may process information on servers and with processors located outside your country. In such cases we apply appropriate safeguards (e.g., contractual data protection terms) and process data only as described in this Policy.

10. Children

The Services are intended for adults (18+) only. We do not knowingly collect information from children. If you believe a minor has provided information to us, please contact us via https://xiora.com/contact and we will delete it.

11. Changes to This Policy

We may update this Policy from time to time. We will post the updated version here with a revised “Last Updated” date. Material changes will be communicated as required by law.

12. Contact Us

Xiora Technologies
Contact: https://xiora.com/contact
Data deletion requests: https://xiora.com/data-deletion
Website: https://xiora.com

Scroll to Top