Privacy Policy

Antaris Analytics LLC

Effective March 2026

Overview
What We Build
Data Collection & Phases
Data Safety & Legal Basis
User Control & Consent
Contact Us

Overview

Antaris Analytics LLC ("we," "us," "our") is the infrastructure provider for the antaris-suite, an open-source AI memory system used by products like Forge (powered by WealthHealth AI).

This privacy policy explains how we collect, use, and protect data when our infrastructure processes AI memory improvements.

                Core Principle: We collect only anonymous, non-personal statistical data. No human ever reads your conversations, and no conversation content is ever transmitted to our systems.
            

What We Build

The antaris-suite is an AI memory system designed to improve search quality over time. It works by learning which words and concepts tend to appear together in user conversations, without ever accessing the content of those conversations.

All collected data passes through a multi-layered filtering system that structurally prevents identifying information from entering our databases. This includes allowlist-based word validation, automated pattern detection for names and identifiers, and daily automated scans that verify no personal data exists in stored records.

We operate in three distinct phases, each with different data collection and consent requirements.

Data Collection & Phases

PHASE 1, OPT-IN REQUIRED

Co-occurrence Indexing

Co-occurrence data collection requires explicit user consent through the host application (e.g., Forge). This feature is off by default. Users must actively opt in through their account settings before any data is transmitted to Antaris Analytics.

With consent, the system collects anonymous word-pair frequency statistics to improve search quality for all users. Data is anonymized and aggregated: no personal content, no conversation text.

Technical safeguards: Before any word pair is stored, it must pass through the following automated filters:

Allowlist validation: only confirmed English dictionary words and approved technical terms are accepted. Unknown words are rejected by default.
Name filtering: a database of common first names is maintained and automatically blocks any name from entering the dataset.
Identifier detection: automated pattern matching rejects user handles, account identifiers, session tokens, encoded strings, and other non-word data.
Stopword filtering: common function words that carry no semantic value are excluded.
Daily automated scans: a scheduled process runs every 24 hours to verify that no identifying information exists in the stored dataset and automatically removes any that is found.

Opt-in: Yes. Requires explicit user consent through the host application. Can be disabled at any time in account settings.

PHASE 2, OPT-IN (future)

Enhanced Semantic Analysis

With explicit user consent, we can collect anonymized semantic phrases (short de-identified context snippets) to build deeper understanding of conversation patterns.

Example: {"phrase": "reschedule meeting", "topic": "work_admin", "frequency": 3}

What's transmitted: Only de-identified phrase patterns. All personal information (names, emails, dates, identifiers) is stripped before transmission.

Why: To improve semantic ranking, understanding not just words, but concepts.

Opt-in: Yes. Requires explicit user consent in account settings. Can be disabled anytime.

PHASE 3, OPT-IN (future)

Crowdsourced Semantic Models

With explicit user consent, anonymized usage statistics contribute to improvements that benefit all users. The same anonymized data as Phase 1: no additional data collected.

Why: To create a shared semantic index that benefits all users over time.

Opt-in: Yes. Requires explicit user consent. Can be disabled anytime.

What We Never Collect

Raw conversation content or messages
Full sentences or message text
User IDs, names, emails, or account information
Timestamps or dates linked to users
IP addresses or device identifiers
Any identifying metadata

In addition to these policy commitments, our infrastructure enforces these restrictions technically. The ingestion pipeline uses an allowlist-based validation system that rejects any word not present in a curated dictionary of approved terms. This means that even if identifying information were accidentally included in transmitted data, it would be automatically rejected before reaching our database.

Data Safety & Legal Basis

Why This Is Legally Safe

All phases now require explicit opt-in consent through the host application. Combined with the technical safeguards described above, our data collection meets the highest standard of anonymization under applicable privacy regulations.

GDPR (European Union)

Data collection is based on explicit consent (GDPR Article 6(1)(a)). Word-pair frequency counts pass through allowlist validation that structurally prevents personal data from being stored. The resulting dataset meets the anonymization threshold described in Recital 26, as no stored data can identify a natural person directly or indirectly. Users may withdraw consent at any time per Article 7(3).

CCPA (California)

"Personal information" under CCPA requires the ability to link data back to a consumer. Our statistics have no such linkage, they are purely aggregate.

COPPA, BIPA, and State Laws

Same principle applies: aggregate statistical data and de-identified semantic data are exempt under these regulations.

Infrastructure & Encryption

Storage: Supabase (PostgreSQL), hosted in EU (Frankfurt, Germany, eu-central-1)
Transmission: TLS 1.3+ for all data in transit
Access: No human access to individual user data; only automated systems process statistics
Retention: Word-pair and semantic data retained indefinitely in aggregate form, never linked to individual users
Filtering: All ingested data passes through allowlist-based validation, automated name detection, identifier pattern matching, and daily PII scans before and after storage
Audit logging: Rejected data is logged for review and automatically purged after 30 days to prevent accumulation of potentially sensitive information

Sub-processors

We use the following third-party service providers to process data on our behalf (per GDPR Article 28):

Provider	Purpose	Location	Data Processed
Supabase Inc.	Database hosting (PostgreSQL)	EU (Frankfurt, Germany)	Anonymized usage statistics only
Cloudflare Inc.	CDN and DDoS protection	Global (edge nodes)	Transit encryption only; no data stored

User Control & Consent

All Phases: Opt-In Required

All data collection phases require explicit opt-in consent through the host application. No data is collected or transmitted until the user actively enables the feature in their account settings. All phases are off by default.

Revoke Consent

To revoke consent for any phase:

Log in to your account
Go to Settings → Privacy & Data
Toggle off "Co-occurrence," "Semantic," or "Crowdsourced"
Confirm revocation

Important: Because all data is permanently anonymous, previously transmitted statistics cannot be identified or deleted. However, all future transmission stops immediately upon revoking consent.

Data Export & Deletion

Since we do not collect personally identifiable information, data export and deletion requests are not applicable under GDPR and CCPA. We have no way to identify which aggregate statistics came from which user.

If you have questions about this, contact us.

Contact Us

Questions about this privacy policy or our data practices?

Email: privacy@antarisanalytics.ai

Dispute Resolution

If you believe we have violated your privacy rights, you have the right to lodge a complaint with your local data protection authority (in GDPR jurisdictions) or the appropriate regulatory body in your jurisdiction.

Last updated: March 2026

← Back to Home

Contents