Privacy Policy.

Effective Date: January 1, 2026. Last Updated: January 1, 2026.

This Privacy Policy describes how AI Bradaa (“we,” “us,” or “our”) collects, uses, stores, and protects your personal information when you use the AI Bradaa application, website (aibradaa.com), and related services (collectively, the “Service”). By accessing or using the Service, you agree to the collection and use of information in accordance with this policy. This policy is designed to comply with the Personal Data Protection Act 2010 (PDPA) of Malaysia and applicable international data protection standards.

1.1 Information You Provide

When you create an account, we collect your name, email address, and any profile information you choose to provide. When you subscribe to a paid plan, we collect payment information through our third-party payment processor - we do not store your full credit card number or payment credentials on our servers.

1.2 Conversation Data

AI Bradaa stores your conversation history to enable the Bond System, persistent memory, and personalized responses. This includes the text of your messages and the responses generated by the system. Conversation data is associated with your account and is used to improve your experience within the Service.

1.3 Automatically Collected Information

We automatically collect certain technical information when you use the Service, including your IP address, device type, operating system, browser type, app version, session duration, and general usage patterns. This information is used for analytics, performance optimization, and security purposes.

1.4 Cookies and Similar Technologies

Our website and web application use cookies and similar tracking technologies to maintain session state, remember preferences, and analyze usage patterns. You may configure your browser to refuse cookies, though this may limit certain functionality of the Service.

We use the information we collect for the following purposes:

• To provide, operate, and maintain the Service, including generating AI responses through our model routing system and 84-Mentor Council.
• To personalize your experience through the Bond System, which uses conversation history to evolve the relationship between you and your AI companion.
• To process transactions and manage your subscription.
• To communicate with you about service updates, security alerts, and administrative messages.
• To monitor and analyze usage trends and improve the performance, security, and functionality of the Service.
• To detect, prevent, and address security incidents, fraud, and technical issues.
• To comply with legal obligations and enforce our Terms of Service.

Your data is stored on secure servers with industry-standard encryption in transit (TLS 1.2 or higher) and at rest (AES-256). We implement a multi-layered security architecture that includes content filtering, safety enforcement, access controls, and data isolation.

Access to personal data is restricted to authorized personnel who require it to operate, develop, or improve the Service. We conduct regular security reviews and maintain incident response procedures. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

AI Bradaa uses third-party large language model (LLM) providers to generate responses through our model routing system. The specific providers and their data handling practices are evaluated and selected carefully. When your query is routed to a provider, the text of your message is sent for processing.

We select providers that maintain appropriate data handling practices and we work to minimize the amount of personal information included in API requests. However, please be aware that third-party LLM providers have their own privacy policies and data handling practices. We recommend reviewing the privacy policies of these providers if you have concerns about how your data is processed downstream.

We also use third-party services for payment processing, analytics, and infrastructure hosting. These services receive only the minimum data necessary to perform their function.

Under the Personal Data Protection Act 2010 (PDPA) of Malaysia and other applicable data protection laws, you may have the following rights regarding your personal data:

• Access: You may request a copy of the personal data we hold about you.
• Correction: You may request that we correct inaccurate or incomplete personal data.
• Deletion: You may request that we delete your personal data, subject to certain legal and operational exceptions.
• Data Portability: You may request a machine-readable copy of your data where technically feasible.
• Objection: You may object to certain processing of your personal data, including processing for direct marketing purposes.
• Withdrawal of Consent: Where processing is based on consent, you may withdraw that consent at any time without affecting the lawfulness of processing prior to withdrawal.
• Lodge a Complaint: You have the right to lodge a complaint with the Personal Data Protection Department of Malaysia if you believe your rights have been violated.

To exercise any of these rights, please contact us at hello@aibradaa.com. We will respond to your request within 30 days as required under PDPA.

We retain your personal data for as long as your account is active or as needed to provide you with the Service. Conversation data is retained to maintain the Bond System and persistent memory features. If you delete your account, we will delete or anonymize your personal data within 90 days, except where retention is required by law or for legitimate business purposes such as fraud prevention and legal compliance.

Aggregated, anonymized data that cannot be used to identify you may be retained indefinitely for analytics, research, and service improvement purposes.

AI Bradaa is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected personal data from a child under 13, we will take steps to delete that information as promptly as possible. If you are a parent or guardian and believe your child has provided personal information to us, please contact us at hello@aibradaa.com.

AI Bradaa operates from Malaysia and may process your data in jurisdictions outside your country of residence, including through our third-party LLM providers and infrastructure partners. By using the Service, you consent to the transfer and processing of your data in these jurisdictions. We take reasonable steps to ensure that your data is treated securely and in accordance with this Privacy Policy regardless of where it is processed.

AI Bradaa is committed to complying with the Personal Data Protection Act 2010 (Act 709) of Malaysia. Below is how we align with the key PDPA principles:

For more information about PDPA, visit the Personal Data Protection Department of Malaysia.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by posting the updated policy on this page and updating the “Last Updated” date above. We may also notify you via email or through the Service for significant changes. Your continued use of the Service after the effective date of the revised policy constitutes your acceptance of the changes.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: