Back to home

Privacy Policy

Last updated: December 19, 2025

1. Introduction

Somara ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI assistant platform and related services (the "Service").

By using Somara, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

Key Commitments:
  • We do NOT sell your personal data
  • We do NOT use your data for marketing purposes
  • Your conversation data is stored securely but not used beyond providing the Service

2. Information We Collect

2.1 Information You Provide

When you use Somara, you may provide us with:

  • Account Information: Email address, name, and password when you create an account
  • Profile Information: Organization name, workspace settings, and preferences
  • Payment Information: Billing details processed securely through Stripe (we do not store full payment card details)
  • Conversation Data: Messages, prompts, and content you submit to AI assistants
  • Uploaded Content: Files, documents, and data you upload for RAG (Retrieval-Augmented Generation) features
  • Support Communications: Information you provide when contacting our support team

2.2 Information Collected Automatically

When you access our Service, we automatically collect:

  • Device Information: Browser type, operating system, and device identifiers
  • Usage Data: Pages visited, features used, and interaction patterns
  • Log Data: IP address, access times, and referring URLs
  • Performance Data: Error logs and crash reports to improve service stability

3. How We Use Your Information

We use the information we collect to:

  • Provide the Service: Process your requests, deliver AI responses, and enable platform features
  • Maintain Your Account: Manage your subscription, credits, and billing
  • Improve Our Service: Analyze usage patterns to enhance features and user experience
  • Ensure Security: Detect and prevent fraud, abuse, and security threats
  • Provide Support: Respond to your inquiries and resolve issues
  • Comply with Law: Meet legal obligations and respond to lawful requests
What We Do NOT Do:
  • We do NOT use your data to send marketing communications
  • We do NOT sell, rent, or trade your personal information to third parties
  • We do NOT use your conversation content to train our own AI models

4. Data Sharing with AI Model Providers

Somara provides access to over 120 AI models from various providers. When you use these models, your input data (prompts and messages) is transmitted to the respective AI provider to generate responses.

4.1 How It Works

  • Your requests are sent directly to the AI provider you select (e.g., OpenAI, Anthropic, Google, etc.)
  • Each provider has their own privacy policy and data handling practices
  • We recommend reviewing the privacy policies of providers you use

4.2 Provider Data Practices

Different AI providers have different policies regarding data retention and model training. Some providers may use API data for model improvement, while others (especially enterprise tiers) do not. We encourage you to:

  • Review each provider's terms of service and privacy policy
  • Consider using providers that offer data opt-out options if privacy is a concern
  • Contact us if you need guidance on provider data practices
Note: Somara does not control how third-party AI providers process your data. We act as a platform facilitating access to these services.

5. Third-Party Services & Analytics

We use trusted third-party services to operate and improve Somara:

5.1 Analytics

We use analytics tools to understand how users interact with our Service. This helps us improve functionality and user experience. Analytics data is aggregated and anonymized where possible.

5.2 Service Providers

  • Stripe: Secure payment processing
  • Supabase: Database and authentication infrastructure
  • Vercel: Hosting and deployment
  • Error Tracking: Anonymous crash and error reporting to improve stability

These providers are contractually obligated to protect your data and use it only for the purposes we specify.

6. Data Storage & Security

6.1 Storage

Your data is stored on secure servers with encryption at rest and in transit. We use industry-standard security measures including:

  • TLS/SSL encryption for all data transmission
  • Encrypted database storage
  • Regular security audits and monitoring
  • Access controls and authentication requirements

6.2 Data Location

Our primary infrastructure is hosted in the United States. By using our Service, you consent to the transfer and processing of your data in the United States.

7. Data Retention

We retain your data as follows:

  • Account Data: Retained while your account is active and for a reasonable period after deletion
  • Conversation History: Retained until you delete it or close your account
  • Billing Records: Retained as required by tax and accounting laws (typically 7 years)
  • Analytics Data: Aggregated and anonymized data may be retained indefinitely

You can delete your conversation history at any time through your account settings. When you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law.

8. Your Rights

Depending on your location, you may have the following rights:

8.1 General Rights

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data
  • Data Portability: Receive your data in a structured, machine-readable format

8.2 GDPR Rights (EEA Residents)

If you are in the European Economic Area, you also have the right to:

  • Object to processing of your personal data
  • Restrict processing of your personal data
  • Withdraw consent at any time
  • Lodge a complaint with a supervisory authority

8.3 CCPA Rights (California Residents)

California residents have the right to:

  • Know what personal information is collected
  • Know whether personal information is sold or disclosed
  • Opt-out of the sale of personal information (we do not sell your data)
  • Request deletion of personal information
  • Non-discrimination for exercising privacy rights

To exercise any of these rights, please contact us at hello@somara.ai.

9. Cookies & Tracking Technologies

We use cookies and similar technologies to:

  • Keep you signed in to your account
  • Remember your preferences and settings
  • Analyze how our Service is used
  • Improve performance and user experience

You can control cookies through your browser settings. Note that disabling cookies may affect the functionality of our Service.

10. Children's Privacy

Somara is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at hello@somara.ai.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

Continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

We will respond to your request within 30 days.