Privacy Policy

"AYO" is a desktop AI companion made by [LEGAL ENTITY NAME] ("AYOLAB", "we", "us", "our"). Our website is https://heyayo.com. Our contact email is hello@heyayo.com. Our registered address is [COMPANY ADDRESS].

This Privacy Policy explains what data AYO and the AYO website handle, where that data lives, who it is shared with, and how you can control or delete it. It applies to:

• the AYO desktop application;
• the AYO website at heyayo.com and any subdomains;
• the AYO early-access waitlist;
• the AYO Free and Pro subscription plans, including the early-access founders discount.

The following data is captured, processed, and stored locally on your computer. It does not leave your machine unless you deliberately ask AYO a question that needs it.

• Microphone audio buffers. When wake-word listening is on, a small rolling buffer of microphone audio is scored locally against an on-device wake-word model. The buffer is discarded continuously. Nothing is recorded or sent anywhere unless the wake word fires and you ask something.

• Wake-word model activity. The wake-word listener runs as a local process on your machine and only produces a yes/no signal. It does not transcribe or transmit audio.

• Screen captures. When AYO needs to understand what you are looking at, it takes a screenshot locally. The screenshot is processed on-device (OCR, accessibility tree, active window). The raw screenshot is never written to disk and never uploaded unless you explicitly ask AYO to "see this" or "summarize this" — in which case a compressed image is sent to the vision model for that one request and then discarded on our side. It is never retained as a file.

• Text extracted from your screen. Extracted text stays on your machine. Only a short summary of the relevant context (not the raw text) may be included with a deliberate request so the answer is grounded.

• Workspace data. Notes, tasks, reminders, outputs, and saved modes created by you or by AYO live locally. You can edit or delete any of them from the Workspace. If you uninstall the app, local data goes with it.

• Memory map. The short summaries AYO keeps about your activity live locally and are visualized in the Memory Map / Lore Web. You can delete any entry — or wipe the whole map — at any time.

• Persona preference and UI settings. Stored locally (in the app's settings, and on the website in localStorage under the key heyayo-web-persona).

When you deliberately send a request to AYO — by voice or by typing — the following data may leave your machine for that single request:

• Your request. The text of your question or command.

• A short context summary. A compact, natural-language description of what you were looking at (for example: "editing main.ts in VS Code") — not your raw screen text.

• Voice audio. If you used voice, the audio for that turn is uploaded to our speech-to-text provider (see Section 4 "Sub-processors") and discarded after transcription.

• An image of your screen. Only if the request is a vision request (for example: "summarize this" or "what does this error mean") — a compressed image of the active window is sent to the vision model for that single request.

• Agent tool inputs. If you ask AYO to perform a task (search the web, read or edit a file, run a command, browse to a page), the specific inputs that task needs are sent to the agent runtime and, where applicable, to the target service (a search engine, a web page, etc.).

We do not train models on your requests. We do not sell any of this data. The literal payload that leaves your machine on a typical turn looks like:

{ "question": "help me fix this error",
  "context_summary": "editing main.ts in VS Code" }

AYO routes your deliberate requests through a small set of third-party providers. Each one only receives the data it needs to do its job.

• OpenAI — processes your text requests (gpt-4o-mini) and transcribes your voice audio (Whisper API). May also process a screenshot for vision requests. https://openai.com/policies/privacy-policy

• Fish Audio — generates the spoken voice AYO replies with, from the text of AYO's reply. Never receives your audio. https://fish.audio

• Anthropic — powers the agent runtime (via OpenClaw) for agentic tasks you trigger (edit a file, run a command, browse). https://www.anthropic.com/legal/privacy

• Amazon Web Services (AWS Bedrock) — alternative path for short context summarization (amazon.nova-lite-v1). https://aws.amazon.com/privacy/

• Supabase — authentication, the Workspace sync tier, and the early-access waitlist. Hosted in a region we select. https://supabase.com/privacy

• Vercel — hosts the heyayo.com website and the /api/waitlist endpoint. https://vercel.com/legal/privacy-policy

• Paddle — our merchant of record for paid subscriptions. Paddle handles checkout, payment processing, sales tax and VAT calculation, invoicing, and refunds. When you subscribe, Paddle receives the data needed to process the transaction (your name, email, billing country, payment method details, transaction amount). Paddle issues the receipt and is the entity named on your card statement. AYOLAB never sees or stores your full card or bank-account number. https://www.paddle.com/legal/privacy

• Plausible or Vercel Analytics — privacy-friendly, cookie-free analytics for heyayo.com. No cross-site tracking. No Google Analytics. https://plausible.io/privacy https://vercel.com/legal/privacy-policy

If we add or change a sub-processor, we will update this section and date the change at the top.

Your clipboard is often holding something important — a one-time password, a link, a paragraph you are writing. AYO has one rule about it: we never write to your clipboard unless you specifically ask us to.

You have to say or type the copy request out loud (for example "summarize this and copy it", or "bullet points and put them on my clipboard"). Only then, for that one message, AYO places the result on your clipboard. Opening the app, reading a long thread, or receiving a summary does not touch your clipboard.

AYO only uses microphone and screen access after your operating system grants permission. You can revoke those permissions at any time in your OS settings, which will immediately stop the related features.

• Wake-word listening can be toggled off entirely. When off, no audio is captured at all — not even locally.

• Privacy mode silences wake-word listening, the edge glow, and all screen capture at once.

• Gaming mode is a quieter state: capture is minimized and AYO will not speak unprompted, but the wake word can still fire if you call it.

• You can uninstall AYO at any time. Uninstalling removes the app and all locally stored data.

The marketing website and the account system collect a small set of data:

• Waitlist signups. When you join the early-access waitlist we store your email address, an assigned position number, the time you signed up, and — if the link you came in on had them — your UTM source and referrer. We use this list only to email you about early access and launch. You can ask us to delete your waitlist entry at any time by emailing hello@heyayo.com. If you later become a paid subscriber, your waitlist entry rolls over into your account.

• Account data. When you create an AYO account, we store your email address, a hashed sign-in credential (managed by Supabase Auth), the plan you are on (Free or Pro), and timestamps for sign-up and last sign-in. If you joined via the early-access waitlist and are eligible for the founders discount, that eligibility flag is stored on your account.

• Billing data. When you start a paid subscription we store, on our side, only what we need to operate the subscription: your plan, the founders-discount flag if applicable, the renewal date, the subscription status (active, paused, cancelled), and a reference token to the corresponding Paddle transaction. The full payment method (card, bank, wallet), full billing address, and raw invoice data are held by Paddle as the merchant of record. We do not see or store your full card number, your CVC, or your bank-account number.

• Persona preference. If you click a persona chip in the hero (Chill Smart, Excited Inventor, Lazy Sleepy), your choice is stored in your browser's localStorage under the key heyayo-web-persona. It never leaves your browser.

• Analytics. We use privacy-friendly, cookie-free analytics to count page views and see which sections people reach. We do not set tracking cookies, do not share data with ad networks, and do not use Google Analytics.

• Microphone on the hero "Say AYO" mic. Clicking the in-hero mic button asks the browser for microphone access so a local waveform can render. Audio never leaves the browser. Nothing is recorded, nothing is uploaded.

If you are in a jurisdiction that grants you privacy rights (for example the EEA, the UK, California), those rights apply to the limited data we process:

• Access — you can ask for a copy of the personal data we hold about you (in practice: your waitlist entry).

• Rectification — you can ask us to correct inaccurate data.

• Erasure — you can ask us to delete your waitlist entry. Data AYO stores locally on your computer is deleted by you directly (inside the Memory Map, the Workspace, or by uninstalling the app).

• Portability — you can ask us to export your waitlist entry in a machine-readable format.

• Objection — you can object to processing or withdraw consent at any time.

Our legal bases for processing are: (a) performance of the service you asked us to deliver (responding to your requests, running the waitlist), and (b) our legitimate interest in running and improving the product.

To exercise any of these rights, email hello@heyayo.com. We will respond within 30 days.

Some of our sub-processors (for example OpenAI, Anthropic, AWS, Vercel) may process data in the United States or other regions outside your country. Where required, we rely on standard contractual clauses and the sub-processors' own transfer frameworks to protect the data in transit and at rest.

• Per-request data (your question, context summary, voice audio, vision image). Used to produce that one response and then dropped. Sub-processors may retain transient copies for the short windows specified in their own privacy policies (typically to abuse-detect and then delete).

• Workspace data, memories, outputs. Stored locally on your computer until you delete them or uninstall the app.

• Waitlist email and metadata. Kept until you ask us to delete it, until you opt out, or until we retire the waitlist after public launch — whichever comes first.

• Account data. Kept for as long as your account is active. If you delete your account, we delete or anonymize the data within 30 days, except for records we are legally required to retain (see billing records below).

• Billing and tax records. Kept for the period required by applicable accounting and tax law (typically up to seven years), as held by AYOLAB and by Paddle as the merchant of record. These records consist of invoice metadata (amount, date, plan, jurisdiction) — not your full card or bank-account number.

• Operational logs (website requests, API errors). Kept for up to 30 days, scrubbed of personal identifiers where possible, used only to keep the service running.

• All traffic between the AYO app or the website and our servers runs over TLS 1.2 or higher.

• Waitlist, account, and subscription-status data live in Supabase behind row-level security. Only a small number of people on the team can read it, and only to run the service and provide support.

• Card and bank-account data is handled by Paddle and never reaches our servers.

• Audio, screenshots, and raw screen text are never persisted on our servers.

• We follow reasonable, industry-standard practices for credential management and access control. No system is perfect — if we ever suffer a breach that affects your personal data, we will notify you by email and on the site as required by law.

AYO is not directed at children. We do not knowingly collect data from anyone under the age of 16 (or 13 in the United States). If you believe a child has signed up for the waitlist, email hello@heyayo.com and we will remove the entry.

AYO uses a small, on-device model to estimate whether your voice sounds frustrated, tired, or focused, so it can adjust how it responds. This estimate runs locally, is never uploaded, and is not a medical or psychological diagnosis. It is a tone heuristic and nothing more.

The website does not use tracking or advertising cookies. We use strictly necessary browser storage (localStorage for your persona choice, and Supabase's auth storage if you are signed in). No third-party cookies are set for ad retargeting or cross-site tracking.

We may update this policy from time to time. When we make a material change we will update the "Last updated" date at the top and, for anyone on the waitlist or with an AYO account, email a short notice describing the change. Continuing to use AYO after a change means you accept the updated policy.

Questions, requests, or complaints:

Email: hello@heyayo.com Entity: [LEGAL ENTITY NAME] Address: [COMPANY ADDRESS]

If you are in the EEA or the UK and are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.

— End of Privacy Policy —