Skip to main content

Privacy Policy

Effective Date: July 13, 2026 · Last Updated: July 13, 2026

Diana Intelligence Corp. (“Diana,” “we,” “us,” or “our”) operates the Diana AI assistant, which helps adult children and their aging parents stay organized, supported, and connected through WhatsApp, iMessage, and text message (SMS). This Privacy Policy describes how we collect, use, store, and protect information when you use Diana (the “Service”).

1. Information We Collect

Information You Provide

  • Account Information: When you sign up for Diana, we collect your name and phone number, and, if you choose to provide it, your email address. Because Diana is designed to help families, you may also provide information about the family members you connect with Diana — such as the name and phone number of a parent or an adult child — so that Diana can assist them.
  • Messages to Diana: When you interact with Diana through WhatsApp, iMessage, or text message, we receive the content of the messages you send to Diana.
  • Integration Credentials: If you connect third-party services (e.g., calendar, photos, or contacts) through Diana, we store encrypted OAuth tokens necessary to access those services on your behalf.
  • Preferences and Configuration: Settings you configure for Diana, including assistant behavior preferences, reminder schedules, and notification settings.

Information We Receive Automatically

  • Messaging Platform Metadata: We receive metadata from the messaging platforms you use to reach Diana (WhatsApp, iMessage, and SMS), such as phone numbers, message timestamps, and delivery status. We do not store your broader message history or your conversations with people other than Diana.
  • Usage Data: We collect aggregate, non-identifying usage metrics such as the number of tasks processed and feature usage patterns to improve the Service.

Information We Do Not Collect

  • We do not access or store your message history or conversations with contacts other than Diana.
  • We do not read or receive messages that you do not send to, or share with, Diana.
  • We do not collect personal information beyond what you provide when signing up for and interacting with Diana.

2. How We Use Your Information

We use the information we collect to:

  • Provide the Service: Process your requests, execute tasks, and deliver responses over WhatsApp, iMessage, and text message.
  • Maintain Assistant Memory: Store contextual information from your interactions with Diana to provide continuity across conversations. This memory is isolated to your account (and the family members linked to it) and can be viewed and deleted at any time.
  • Improve the Service: Analyze aggregate usage patterns to improve reliability, performance, and features. We do not use individual message content for analytics.
  • Communicate With You: Send service-related notifications (e.g., billing, security alerts, product updates).
  • Ensure Security: Detect and prevent fraud, abuse, and security incidents.

We do not use your data for advertising, profiling, or selling to third parties.

3. AI and Language Models

Diana uses third-party large language models (LLMs), including Anthropic Claude and OpenAI GPT, to process tasks and generate responses. Important details about how your data interacts with these models:

  • No Model Training: Your conversations, files, and personal information are never used to train third-party AI models. Both Anthropic and OpenAI operate under commercial API agreements that explicitly prohibit using customer data for model training.
  • Real-Time Processing Only: Task prompts and responses are processed in real time by the LLM provider and are not retained by the provider after the API response is returned.
  • Data Tenancy:Diana operates a multi-tenant architecture with strict logical isolation. Each user's data is segregated by authentication and account identifiers. There is no cross-account data access.
  • AI-Generated Content Disclaimer: Diana uses AI to generate responses and perform tasks. While we strive for accuracy, AI-generated content may occasionally contain errors or inaccuracies, and you should verify critical information independently. Diana is not a medical, legal, financial, or emergency service, and it is not a substitute for professional advice or care. In an emergency, contact your local emergency services directly.

4. Data Retention

  • Active Account Data: We retain your data for as long as your Diana account is active and as needed to provide the Service.
  • Assistant Memory: Conversation context and assistant memory are retained while your account is active. You can view and delete assistant memory at any time through the Diana dashboard.
  • Integration Credentials: OAuth tokens for connected services are retained while the integration is active and are revoked and deleted when the integration is disconnected or the account is deleted.
  • Aggregate Analytics: De-identified, aggregate usage data may be retained indefinitely for service improvement purposes.
  • Post-Deletion: Upon account deletion, we delete all associated customer data from active production systems within 14 days. Encrypted backups containing residual data are purged within 14 days.

5. Data Storage and Security

  • Hosting: All data is hosted in the United States using Cloudflare (compute and edge infrastructure), Supabase (managed PostgreSQL database), and Vercel (web application).
  • Encryption: All data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption.
  • Access Controls: Access to production systems is restricted to authorized personnel and protected by multi-factor authentication.
  • Isolation:Each account's assistant execution runs in sandboxed environments (Cloudflare Durable Objects and Containers) with no cross-account access.

6. Data Sharing

We do not sell, rent, or share your personal information with third parties except as follows:

  • Sub-Processors: We use third-party service providers (sub-processors) to help deliver the Service. Each sub-processor is contractually bound to process data only as instructed and to maintain appropriate security measures.
  • Linked Family Members: If you connect Diana with a family member (for example, an adult child linking a parent, or vice versa), certain information and assistant activity may be shared among the linked accounts as necessary to coordinate care and support. We recommend that all linked family members review this Policy.
  • Third-Party Integrations:When you connect external services through Diana, data is shared with those services as necessary to perform the requested tasks, subject to those services' own privacy policies.
  • Legal Requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction, subject to the same privacy protections.

7. Your Rights and Choices

You have the following rights regarding your data:

  • Access: You can request a copy of the personal data we hold about you.
  • Deletion: You can request deletion of your data at any time by contacting us at privacy@getdiana.com or by deleting your Diana account. Data is deleted from production systems within 14 days and from backups within 14 days.
  • Correction: You can request correction of inaccurate personal data.
  • Data Portability: You can request an export of your data in a machine-readable format.
  • Opt-Out: You can disconnect integrations or delete your account at any time. For text-message (SMS) communications, you can reply STOP at any time to stop receiving messages, or HELP for assistance. Message and data rates may apply.

To exercise any of these rights, contact us at privacy@getdiana.com.

California Residents (CCPA)

If you are a California resident, you have additional rights under the CCPA, including the right to know what personal information we collect and how it is used, the right to request deletion, and the right to non-discrimination for exercising your privacy rights.

European Residents (GDPR)

If you are located in the European Economic Area, you have rights under the GDPR including access, rectification, erasure, restriction of processing, data portability, and the right to object. Our legal basis for processing is performance of a contract (providing the Service) and legitimate interests (improving and securing the Service).

8. Children's Privacy

Diana is intended for adults and is not directed to individuals under the age of 18. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected data from a person under 18, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy and updating the “Last Updated” date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Diana Intelligence Corp.
Email: privacy@getdiana.com
Security Issues: security@getdiana.com

Get on the phone with an expert -
we automate your business for free.

Book a free call and our automation expert will audit your recurring busywork, build your automations, and launch everything in Slack within 7 days. We do all the work.

Free expert-led setupNo contract requiredBuilt with your team in Slack