Legal

Privacy Policy

Last updated 2026-07-10

Lex Aureon is built and operated by Emmanuel King (Aureonics Systems), an independent, unfunded researcher — not a company with a dedicated legal or privacy team. This policy describes what data the site actually collects and what happens to it, in plain language. It is not a substitute for professional legal advice, and if you need a formal compliance assessment for your own use of the site (e.g. under GDPR or CCPA), consult your own counsel.

1. What we collect

Prompts and governance data. When you use the console, chat, or public API, your prompt text and the model's response are sent to Lex Aureon's servers to be governed and, where you've asked to keep a session, stored so the constitutional state (C, R, S) can persist across turns. This is stored in our database (Turso/libSQL).

Audit receipts. Every governed turn generates a cryptographic receipt — a SHA-256 hash of the input, a hash of the output, and the resulting constitutional state and health band. Receipts are retained permanently by design (the system is append-only, for auditability) and a subset are publicly viewable at /audit. Receipts do not display your prompt or response text — only hashes, scores, and metadata (session ID, turn number, timestamp, intervention flag).

Email address. If you submit your email (e.g. via the homepage signup), it's sent to our server and stored, and also saved in your browser's local storage. We use it to notify you about things you signed up for (like benchmark result publication) — nothing else, unless you're on a paid plan (next paragraph).

Payment verification, for paid plans only. If you upgrade to a paid tier via cryptocurrency payment, we also store the transaction ID, payment amount, and coin type against your email, to verify the on-chain payment and issue an API key. We do not process or store card numbers or other traditional payment credentials — verification is done by checking the public blockchain transaction you provide, not by collecting financial account details from you directly.

Usage analytics. The site uses Vercel Analytics and Vercel Speed Insights for aggregate traffic and performance monitoring. These are privacy-oriented by design (no cross-site tracking cookies) and we don't layer any additional tracking on top.

Local storage. Your browser may store small preference values locally (e.g. theme choice, whether you've already signed up) — this stays on your device and isn't something we can read server-side.

2. Who processes it

Generating a governed response requires sending your prompt to an underlying language model. Depending on availability, this is one of: Groq, Google (Gemini), or Mistral AI. Each operates under its own privacy policy and terms for API usage; we don't control how they log or retain requests on their end beyond what their own policies state.

Our database is hosted by Turso. Our application is hosted by Vercel. Neither has access to your data beyond what's necessary to run the service.

3. Why we collect it

To generate and govern responses (the core function of the product), to let you resume a session with constitutional memory intact, to maintain the audit trail the whole project is built around, to verify payment and issue access for paid plans, and — for email signups — to send you the specific update you asked for.

4. Retention

Audit receipts and constitutional-state records are retained indefinitely — this is a deliberate design choice (see the Constitution, Article IV: Audit and Continuity), not an oversight. If you want a specific session's data reviewed or removed, contact us (below) and we'll do what's reasonably possible, though receipts already written to the append-only audit log may not be fully erasable without breaking the audit chain for other sessions.

5. Your rights

Depending on where you're located, you may have rights to access, correct, or request deletion of your personal data. Since this is a solo-operated project, the practical way to exercise any of these is to email us directly (below) and we'll respond as promptly as we can.

6. Children

Lex Aureon isn't directed at children, and we don't knowingly collect data from anyone under 13 (or the relevant minimum age in your jurisdiction).

7. Changes to this policy

If what we collect or how we use it changes materially, we'll update this page and the "Last updated" date above. We don't currently have a mailing list for policy changes specifically.

8. Contact

Questions, requests, or concerns about any of the above: lexaureon@gmail.com.

© 2026 Aureonics Systems · Built in Lagos