Privacy Policy

We collect information in the following ways:

• Account information: When you create an account on Liberra, we collect your name, email address, and password (stored as a secure hash, never in plain text).
• AWS connection: When you connect your AWS account, we store the ARN of your IAM Role, a non-secret identifier, not a credential. We do not store any AWS access keys or secrets. We use this ARN to request temporary access via AWS STS, which issues short-lived tokens that expire every hour and are never persisted.
• Usage data: We collect information about how you interact with our services, including pages visited, features used, and conversation history with the AI assistant.
• Technical data: Browser type, device information, IP address, and similar technical data collected automatically when you visit our site.

• To provide and operate Liberra and its features
• To execute cloud management actions on your behalf
• To improve our services and develop new features
• To communicate with you about your account or our services
• To ensure security and prevent abuse

Your AWS connection is treated with the highest level of security:

• Connected via IAM Role using AWS STS. Your long-term credentials never touch our servers
• STS issues a temporary token that auto-expires every hour
• Never logged, displayed, or exposed in any output
• Used only to execute actions you explicitly request or approve
• Can be disconnected at any time from your settings

We do not sell your personal information. We may share data with:

• AI providers: Conversation content is sent to our AI provider (Anthropic) to generate responses. We do not send your cloud credentials to AI providers.
• Infrastructure providers: We use third-party services for hosting and database storage (MongoDB Atlas).
• Legal requirements: We may disclose information if required by law or to protect our rights.

We retain your data for as long as your account is active. You can request deletion of your account and associated data at any time by contacting us. Conversation history and infrastructure data are deleted when you disconnect your cloud provider or delete your account.

We implement industry-standard security measures including encrypted storage, secure authentication (JWT with token blacklisting), rate limiting, and a 6-layer guardrail system that validates every action before execution. However, no method of transmission over the internet is 100% secure.

Each user's infrastructure data and Cloud Index is architecturally isolated. One user's data cannot be accessed by, or bleed into, another user's session, queries, or AI context.

In the event of a data breach that affects your personal information or cloud credentials, we will notify you within 72 hours of becoming aware of the breach.

Our landing page (liberraai.com) does not use cookies or tracking. The Liberra platform uses essential cookies for authentication and session management. We do not use advertising or third-party tracking cookies.

Depending on your location, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Object to or restrict processing of your data
• Data portability

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children.

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page with an updated date.

If you have questions about this Privacy Policy, contact us at contact@liberraai.com.