Privacy Policy

1. Your Personal Workspace

We believe your browsing environment should remain under your control while enabling powerful AI assistance. Dex, our privacy-first AI assistant, processes only the minimal data necessary to deliver intelligent, contextually-aware responses that enhance your productivity.

When you interact with Dex, only data relevant to your specific request (like your question or current tab context) is briefly sent to our servers and securely transmitted to our certified AI partners solely to generate your response. Our AI partners are contractually prohibited from storing or training models on your data once processing is complete.

2. Information We Collect

Personal Information We Collect

Personal information you provide to us directly

• Contact and account credentials, such as your name, email address, and password when you sign up for an account or request information about our Services.
• User-Provided Content (Inputs/Prompts): When you interact with the AI agent, we collect the data, text, files, images, or other content you submit to the agent (“Inputs”). These Inputs are determined solely by you and may, at your discretion, include personal or sensitive information (such as names, contact details, or other identifiers). Like a web browser or search engine, the AI agent does not filter content or Inputs. We do not require or encourage the inclusion of sensitive data in Inputs, and you are responsible for ensuring that any Inputs comply with applicable laws. When providing Inputs, please be respectful of the right, including privacy, of others.
• Generated Content (Outputs): Our system processes your Inputs to generate responses (“Outputs”). These Outputs may include, reflect, reproduce, or infer personal information from Inputs, including information related to you or to others.
• Payment information, needed to complete any transactions with us, including your name, payment card details, and billing address. This information is processed by our third-party payment processor, Stripe. Please refer to Stripe's website for more information about how Stripe handles your information.
• Feedback or correspondence, such as information you provide when you contact us with questions, feedback, or otherwise correspond with us online.
• Marketing information, such as your preferences for receiving communications about our Services, and details about how you engage with our communications.
• Third-party Log-in: If you create an account or log into the Services using third-party services, such as Google or GitHub, we will receive your name and email address and/or phone number as permitted by your profile settings on the third-party service in order to authenticate you. The information we receive when you authenticate through a third-party service depends on the settings, permissions and privacy policies of the third-party service. You should always check the privacy settings and notices in the relevant third-party services to understand what data may be disclosed to us or shared with our Services.

Automatic data collection

When you visit, use, or interact with the Services, we automatically log certain information about your visit, use, or interactions. This information includes:

• Usage data, such as how long was spent on the AI agent, usage history, navigation paths, account and profile settings, information about activity on the AI agent, page or screen, access times, and duration of access, and whether marketing emails were opened or links within them clicked.
• Device data, such as the computer or mobile device's operating system type and version, manufacturer and model, browser type, screen resolution, device type (e.g., phone, tablet), IP address, unique identifiers, language settings.
• General location information, such as city, state or geographic area. We may determine the general area from which your device accesses our Services based on information like its IP address for security reasons and to make your product experience better, for example to protect your account by detecting unusual login activity or to provide more accurate responses.
• Cookies and similar technologies: We and our third-party providers use cookies, local storage, and other similar technologies to collect information automatically. These technologies may store information on your device to remembering your preferences, enabling functionality, and helping us understand user activity and patterns.

3. How We Use Personal Information

We use personal information for the following purposes:

To operate our Services

We use Inputs, including any personal information in them, to provide, operate, maintain, and secure our Services in accordance with our Terms of Service. This includes using your personal information to:

• Create, maintain, and administer your account on the Services and manage your subscriptions, transactions, and payments.
• Provide the features of the Services you use.
• Processing your Inputs to complete tasks such as filling out forms or placing orders.
• Communicate with you about our Services, including by sending you announcements, updates, security alerts, and support and administrative messages.
• Respond to your requests, questions, and feedback.

To develop and improve our Services

It is in our legitimate business interests to improve and keep our Services safe for our users, which includes:

• Better respond to your queries
• Personalize your experience and remember your preferences
• Send you technical notices and support messages
• Detect, prevent, and address technical issues or abuse
• Comply with legal obligations
• Product Development: To identify opportunities for new features or products and to enhance the performance of our AI agent.

4. How We Disclose Personal Information

• Service providers: Your data—including Inputs and Outputs—may be disclosed to third-party providers of artificial intelligence and large language model (LLM) that power our Services. We disclose personal information to service providers that help us operate the Services, such as hosting services, cloud services, information technology services, email communication software and email newsletter services, marketing services, payment processors, user relationship management and user support services, and web analytics services.
• Professional advisors: We may disclose personal information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.
• For compliance, fraud prevention and safety: We may disclose personal information for the compliance, fraud prevention, and safety purposes described above.
• Business transfers: We may sell, transfer or otherwise share some or all of our business or assets, including personal information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution.

5. Your Rights & Choices

Depending on your location, you may have the following rights:

• Access, correct, or delete your personal data
• Object to or restrict certain processing activities
• Data portability — receive your data in a structured format
• Withdraw consent at any time for consent-based processing
• Lodge a complaint with your local data protection authority

To exercise these rights, contact us at privacy@thirdlayer.inc

6. Data Retention

We retain personal information for as long as necessary in order to provide our Services to you, or for other legitimate business purposes such as resolving disputes, safety and security reasons, or complying with our legal obligations.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information (such as whether we need to retain the data to provide our Services), and whether we can achieve those purposes through other means, and the applicable legal requirements.

7. Data Security & Encryption

We use commercially reasonable technical and organizational measures to protect your data. However, no internet transmission is 100% secure.

All data transmitted between your device and our servers is secured using TLS 1.2 or higher. Data stored on our infrastructure is encrypted at rest using 256-bit AES encryption.

Access to personal data is restricted to authorized personnel who require it for operational purposes. All access is protected by multi-factor authentication and is logged for auditing.

8. Children's Privacy

Our Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately and we will delete it.

9. Changes To This Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the website. If you are a registered user, we will notify you using the email address you gave us when you signed up if we make material changes made to the Privacy Policy.

10. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at: