LeemerChat
LeemerChat

Privacy & Data Protection

How we collect, use, and safeguard your data when you use LeemerChat's unified intelligence workspace

Last updated: November 27, 2025

Your Privacy Matters

At LeemerChat, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our unified intelligence workspace. We believe in transparency—your data is yours, and you should know exactly how it's being handled.

AI Provider Data Handling

When you use LeemerChat, your prompts and responses go through different AI providers. We work exclusively with providers that prioritize data privacy and security. Here's how your data is handled:

Google Gemini Models (Enterprise)

We use Google's Gemini API with an enterprise account. Under Google's enterprise terms, your prompts and completions are NOT logged, stored, or used for model training. Enterprise API requests are processed in real-time and discarded immediately after response generation. Zero data retention policy applies.

OpenRouter (Most Models)

For Claude, DeepSeek, GPT-4o, and many other models, we route through OpenRouter. OpenRouter does NOT store your prompts or responses unless you explicitly opt in to prompt logging (which we have disabled by default).

  • OpenRouter samples a small number of prompts for categorization (for model ranking), but this is done completely anonymously with zero-data-retention models.
  • Metadata (tokens used, latency, etc.) is stored for billing and reporting, but not the actual content of your conversations.
  • We use OpenRouter's privacy settings to restrict routing to providers that do NOT train on your data.
  • Each provider has different data retention policies—we only route to privacy-respecting providers. See OpenRouter's privacy documentation for full details.

Other AI Providers

  • Groq: Zero data retention for prompts and completions. Used for ultra-fast inference.
  • Perplexity: Processes queries with web search. Standard data retention policies apply (typically 30 days).
  • OpenAI (Voice): Realtime voice API follows OpenAI's standard data policies. Audio is processed and not retained.

Important: While we carefully select privacy-respecting providers, each AI provider operates independently. We recommend reviewing each provider's terms if you have specific compliance requirements.

Information We Collect on LeemerChat

We collect only what's necessary to provide you with an excellent AI workspace experience:

Chat Messages & Conversations

Your messages, prompts, and conversations are stored in our database for conversation history and continuity. You can delete any conversation at any time.

File Uploads

Documents, images, PDFs uploaded for analysis are stored securely via UploadThing and linked to your conversations.

Account Information

Email address, profile information, and authentication data managed securely via Clerk.

Usage Metadata

Models selected, features used, time spent, device type, IP address—for analytics and billing purposes.

Session & Security Data

Device fingerprinting, session tokens, concurrent session tracking, and generation locks for account protection.

Email Agent Data

When you use the email agent feature, we collect and store email content (subject, body text, HTML), sender/recipient addresses (to, cc, bcc), email attachments, thread metadata, and AI-generated responses. This data is stored to enable conversation continuity and service provision.

Payment Data: We Don't Touch It

LeemerChat does NOT collect, store, or process payment information. All payment processing is handled by Autumn.js and Stripe. We only receive subscription status updates.

How We Use Your Information

We use your information for the following purposes:

  • To provide and improve our AI workspace service
  • To process your chat requests and deliver AI model responses
  • To understand how users interact with our platform and different AI models
  • To personalize and enhance your experience
  • To monitor and analyze usage patterns and trends
  • To detect, prevent, and address technical issues
  • To enforce account sharing protection and session management
  • To provide background processing for research reports, podcasts, and other async features
  • To send email notifications for completed research reports, podcasts, and other services
  • To process inbound emails and generate AI-powered email responses via the email agent feature
  • To store email threads, messages, and attachments for conversation continuity in email agent interactions

Data Sharing and Disclosure

We may share your information in the following circumstances:

  • AI Model Providers: Your chat messages and prompts are shared with third-party AI providers to generate responses. We utilize services from companies including:
    • OpenAI: For GPT models and realtime voice assistant
    • Google: For Gemini models with search grounding and file handling
    • Anthropic: For Claude models via OpenRouter
    • OpenRouter: For access to multiple AI models including Claude, DeepSeek, GPT-4o, and others
    • Groq: For fast inference models
    • Perplexity: For research and web search capabilities
    • Other AI Providers: As needed to fulfill your requests
  • Service Providers: With third-party service providers who help us operate, improve, and analyze our service. Specifically, we use services from:
    • Vercel: Our hosting and infrastructure provider
    • Clerk: For user authentication and account management
    • UploadThing: For secure file upload and storage
    • Resend: For transactional email delivery, inbound email processing, and email agent functionality. Resend processes and stores email content, attachments, and metadata as necessary for email agent service provision.
    • QStash: For background job processing
    • Firecrawl: For web scraping and content extraction in research features
    • Lemonfox: For text-to-speech in podcast generation
    • Payment Processors: We use Autumn.js for billing and usage tracking. These providers handle all payment data directly and have their own privacy policies governing payment information.
  • Compliance with Laws: When required by applicable law, regulation, legal process, or governmental request.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets.
  • Collaboration Features: When you use collaboration features, your messages and activity may be shared with other participants in the collaboration session.

Payment Data: When you make a payment, your payment information is transmitted directly to our payment processors and billing services and is not stored on our servers. We only receive confirmation of successful payments and subscription status updates.

Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit and at rest
  • Secure authentication via Clerk
  • Session management with device fingerprinting
  • Account sharing protection with device limits
  • Regular security assessments and updates

However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

Data Retention

We retain your chat messages, conversations, and uploaded files for as long as your account is active or as needed to provide our services. You can delete your chats and messages at any time through the platform. We may retain certain information for legal, regulatory, or business purposes even after account deletion.

Email Agent Data: Email threads, messages, attachments, and metadata are retained for as long as your account is active to enable conversation continuity. Email attachments may be stored on third-party storage services (e.g., UploadThing) as necessary for the service. You can request deletion of email agent data by contacting us.

Your Rights

Depending on your location, you may have the right to:

  • Access the personal information we hold about you
  • Request correction or deletion of your personal information
  • Export your chat data and conversations
  • Object to or restrict certain processing activities
  • Data portability
  • Withdraw consent where applicable
  • Delete your account and associated data

To exercise these rights, please contact us using the information provided below.

Account Sharing Protection

LeemerChat includes built-in protection against unauthorized account sharing:

  • Maximum 3 devices can be registered per account
  • Maximum 2 concurrent active sessions
  • Only 1 device can generate AI responses at a time (other devices can browse)
  • Session tracking with device fingerprinting and IP detection
  • Automatic session timeout after 30 minutes of inactivity

This ensures fair usage while allowing legitimate multi-device access.

Children's Privacy

Our service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. By using our service, you consent to the transfer of your information to these countries.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

Questions? Contact Us

If you have any questions about this Privacy Policy or how we handle your data, we're here to help:

Email us directly

dev@leemerchat.com

By using LeemerChat, you agree to our Privacy Policy and our Terms of Service.