Legal

Privacy Policy

How CeremonyAI collects, uses, and protects your information

Last Updated: February 28, 2026

1. Introduction

Thili.ai ("we," "us," or "our") operates the CeremonyAI platform available at app.thili.ai and app.ceremonyai.io, and the website at www.ceremonyai.io (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this policy carefully. By using CeremonyAI, you consent to the practices described in this Privacy Policy.

2. Information We Collect

2.1 Account Information

When you create an account, we collect your name, email address, and authentication credentials. If you sign up using a third-party provider (e.g., Google), we receive your name and email from that provider.

2.2 Project Data

When you use CeremonyAI's workflow (Brainstorm, Kickoff, Deep Dive, Sprint Forge, Code Forge, Governance Gate), you provide project descriptions, requirements, and related content. This data is stored in our database to enable the Service and allow you to revisit and export your projects.

2.3 Usage Data

We automatically collect information about how you interact with the Service, including pages visited, features used, credit consumption, timestamps, browser type, and device information.

2.4 Payment Information

Payment processing is handled by our third-party payment provider (Razorpay). We do not store your full credit card number. We receive only a transaction confirmation and the last four digits of your card for reference.

2.5 Cookies and Similar Technologies

We use session cookies to authenticate your login and maintain your session. We may use analytics cookies to understand usage patterns and improve the Service.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the CeremonyAI platform
  • Process your AI-powered workflow requests (charter generation, architecture planning, sprint planning, code generation)
  • Manage your account, credits, and subscription
  • Send transactional communications (account verification, billing, feature updates)
  • Monitor usage to prevent abuse and ensure platform security
  • Analyze usage patterns to improve features and user experience
  • Comply with legal obligations

4. AI Processing and Third-Party Models

CeremonyAI uses third-party large language model (LLM) providers, including Google Gemini and Anthropic Claude, to process your project data and generate outputs. When you run a workflow step, your project data is sent to these providers for processing.

  • We send only the data necessary for the specific workflow step
  • We do not share your personal account information (name, email) with LLM providers
  • Third-party LLM providers process data according to their own privacy policies and data handling agreements
  • We do not use your project data to train our own or third-party AI models

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your data with:

  • Service Providers: Third-party vendors who help us operate the platform (cloud hosting, payment processing, AI model providers, analytics)
  • Collaborators: If you use CeremonyAI's collaboration features, project data is shared with team members you explicitly invite
  • Export Destinations: When you export to JIRA, Notion, or GitHub, your project data is sent to those platforms using credentials you provide
  • Legal Requirements: When required by law, regulation, or legal process
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

6. Data Storage and Security

Your data is stored on secure cloud infrastructure hosted on Google Cloud Platform (GCP). We implement industry-standard security measures including:

  • Encryption of data in transit (TLS/HTTPS)
  • Encryption of data at rest
  • Session-based authentication with secure token management
  • Role-based access controls for internal systems
  • Regular security assessments

While we strive to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your account information and project data for as long as your account is active. When you delete a project, it is soft-deleted and may be retained for up to 30 days before permanent deletion. If you close your account, we will delete your personal data within 90 days, except where retention is required for legal or compliance purposes.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your personal data
  • Portability: Request your data in a portable format
  • Objection: Object to processing of your data for certain purposes
  • Withdraw Consent: Withdraw consent where processing is based on consent

To exercise any of these rights, contact us at askthili@thili.ai.

9. Children's Privacy

CeremonyAI is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal data, we will take steps to delete it.

10. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence, including the United States and India. By using the Service, you consent to the transfer of your data to these countries.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last Updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Email: askthili@thili.ai
Website: www.thili.ai