Privacy Policy
Eve AI (“Eve,” “we,” “us,” or “our”) operates setup.eveai.toolsand related services (collectively, the “Service”). This Privacy Policy explains what personal information we collect, how we use it, and the choices you have.
By using the Service you agree to the practices described here. If you disagree, please do not use the Service.
1. Who we are
Eve H is a product of AfterAdam LLC, a US company. Our data infrastructure is hosted on Hetzner Online GmbH servers located in Germany (EU). We are not yet registered as a data controller under GDPR; if you have EU/EEA data rights, please contact us at privacy@eveai.tools and we will respond within 30 days.
2. Information we collect
2.1 Account information
When you sign in via Google or Microsoft OAuth, we receive your name, email address, and profile picture. We store your email address and name in our database to identify your account.
2.2 OAuth tokens and third-party access
To deliver the Service, you grant Eve access to your connected accounts. Depending on which services you connect, we may store OAuth access tokens and refresh tokens for:
- ·Google: Gmail (read, send, modify), Google Calendar (read, create events), Google Contacts — and, where granted, Drive, Docs, Sheets, Tasks, Photos, YouTube, and Google Meet.
- ·Microsoft: Outlook mail (read, send), Outlook Calendar, Contacts, Tasks, OneDrive Files.
- ·IMAP / SMTP: Email credentials you provide for non-Google / non-Microsoft accounts (e.g. Yahoo, iCloud, custom domains). Stored encrypted at rest.
Tokens are stored encrypted. We access your third-party data only to fulfill your instructions (e.g. “draft a reply to my last email”) and to generate proactive digests you have requested. We do not sell, rent, or share your email or calendar content with third parties for advertising.
2.3 Messaging and voice
If you connect iMessage (via Sendblue) or enable voice (via Telnyx), we process the content of messages and calls you exchange with Eve to generate responses. Message content is sent to our AI provider(s) (see §4) solely to generate your reply and is not retained by those providers beyond the API call, per their terms.
Your phone number is stored in our database to route messages to your Eve instance.
2.4 Conversation history
Messages between you and Eve are stored in our database to provide continuity across sessions. You can delete your entire conversation history and account data at any time (see §7).
2.5 Usage and technical data
We collect standard server logs (IP address, browser type, pages visited, timestamps) for security and debugging. We use Sentry for error monitoring; error reports may contain stack traces and request metadata but are scrubbed of message content before transmission.
2.6 Payment data
Payments are processed by Stripe. We receive a Stripe customer ID and subscription status; we never see or store your full card number. Stripe’s privacy policy governs payment data.
2.7 Information you provide voluntarily
This includes your preferred agent name and personality, device type, timezone, and any preferences you share during setup or in conversation. Eve stores persistent memory you ask her to retain (e.g. “remember I prefer aisle seats”).
3. How we use your information
- ·To operate the Service — authenticate you, provision your Eve instance, and route messages.
- ·To generate AI responses — your messages and connected account context are sent to AI model APIs to produce Eve's replies.
- ·To send proactive communications — morning digests, onboarding nudges, and feature announcements you have not muted.
- ·For billing — to manage your subscription and enforce plan limits.
- ·For security and fraud prevention — to detect abuse, unauthorized access, and API misuse.
- ·For product improvement — aggregated, anonymized usage patterns (never individual message content) may inform feature development.
- ·To comply with law — if required by court order, subpoena, or applicable regulation.
4. AI model providers and subprocessors
Eve uses large language models to generate responses. Depending on your plan, your messages may be processed by one or more of the following:
| Provider | Location | Used for |
|---|---|---|
| Anthropic (Claude) | USA | Paid plans (Pro/Max) — primary reasoning model |
| DeepSeek | China | Free plan economy model (opt-out available in dashboard) |
| Together.ai | USA | Free plan alternative model (Gemma) |
| Google Gemini | USA | Free plan alternative model |
| ElevenLabs | USA | Text-to-speech for voice channel |
| Deepgram | USA | Speech-to-text for voice channel |
| Tavily | USA | Web search enrichment |
Important: If you use the Free plan with the default DeepSeek model, your messages are processed on servers located in China. You can switch to a US-hosted model in your dashboard at any time. Paid plan users are always routed to Anthropic (USA).
We do not permit any AI provider to train on your personal data. All providers are contractually bound to process data only for the purpose of generating your API response.
5. Data sharing and disclosure
We do not sell your personal data. We share data only as follows:
- ·Service providers: Stripe (payments), Hetzner (hosting), Sentry (errors), SendGrid/AgentMail (email delivery), Sendblue (iMessage), Telnyx (voice/SMS) — each bound by data processing agreements.
- ·Legal requirements: If required by valid legal process. We will notify you where legally permitted.
- ·Business transfers: If we merge with or are acquired by another company, your data may transfer subject to equivalent privacy protections. You will be notified in advance.
- ·With your consent: For anything else, we will ask first.
6. Data retention
We retain your data for as long as your account is active. If you delete your account, we delete your personal data, conversation history, OAuth tokens, and Eve instance within 30 days. Aggregated, anonymized analytics may be retained indefinitely. Stripe transaction records are retained as required by financial regulations (typically 7 years).
Backups may retain deleted data for up to 90 days before being purged.
7. Your rights and choices
- ·Delete your account: Available in your dashboard. Immediately stops all processing and queues full deletion within 30 days.
- ·Disconnect a service: Available in Settings → Connections. Revokes our token; we delete stored tokens within 24 hours.
- ·Opt out of proactive messages: Settings → Connections → Stop nudges. Mutes all proactive outreach.
- ·Access your data: Email privacy@eveai.tools. We will provide an export within 30 days.
- ·Correct your data: Most preferences are editable directly in the app. For account-level corrections, contact us.
- ·Portability (GDPR): EU/EEA residents may request a machine-readable export of their personal data.
- ·Model opt-out: Free plan users can switch from DeepSeek to a US-hosted model in the dashboard.
8. Security
We implement industry-standard security measures: TLS in transit, encrypted storage for OAuth tokens and credentials, per-user isolated Docker containers, and least-privilege access controls. No system is perfectly secure. If you discover a vulnerability, please report it responsibly to security@eveai.tools.
In the event of a data breach affecting your personal information, we will notify you by email within 72 hours of becoming aware, as required by GDPR Article 33.
9. Children
The Service is not directed to children under 13 (or 16 in the EU/EEA). We do not knowingly collect personal information from children. If you believe a child has provided us data, contact privacy@eveai.tools and we will delete it promptly.
10. International transfers
Our servers are in Germany (EU/EEA). If you are located outside the EU, your data is transferred to and processed in Germany. If you are in the EU and use the DeepSeek free model, your message content is transferred to China; you can avoid this by switching models or upgrading to a paid plan.
US-based subprocessors (Anthropic, Stripe, Sentry, etc.) are covered by Standard Contractual Clauses or equivalent transfer mechanisms.
11. Changes to this policy
We may update this policy. Material changes will be notified via the in-app “What’s New” popup and by email at least 14 days before taking effect. Continued use after the effective date constitutes acceptance.
12. Contact
Questions, requests, or complaints: privacy@eveai.tools
AfterAdam LLC
New York, NY
afteradam.com · afteradam.ai