Creomind Foundation — Privacy Policy

1. Introduction

Creomind Foundation ("Creomind," "we," "us," or "our") is committed to protecting the privacy and security of every individual who interacts with our services, our website, and the consciousness preservation systems we build. This Privacy Policy explains how we collect, use, store, share, and protect personal information — including the deeply sensitive data involved in the creation of AI mind clones.

We treat the data we work with as among the most personal information that has ever existed. This policy reflects that responsibility.

By accessing our website, joining our waitlist, or engaging Creomind for preservation services, you acknowledge that you have read and understood this Privacy Policy.

2. Scope of This Policy

This Privacy Policy applies to:

• Visitors to our website (creomind.ai and any associated subdomains)
• Individuals who join our waitlist or submit inquiries
• Clients who engage Creomind for preservation services ("Family Members")
• Individuals whose minds are preserved through our services ("Subjects")
• Any other person whose personal information we collect in connection with our operations

This policy does not apply to third-party websites, services, or applications that may be linked from our platform.

3. Information We Collect

We collect information in the following categories:

3.1 Information You Provide Directly

Waitlist and inquiry information: When you join our waitlist or contact us, we collect your name, email address, the relationship of the proposed Subject, the Subject's living status, your timeline, and any additional information you choose to share.

Account and onboarding information: If you become a client, we collect billing information, identity verification documents, contact details for designated family representatives, and emergency contact information.

Consent documentation: For every Subject, we collect formally documented and recorded consent, including video and written records establishing the Subject's authorization to be preserved.

3.2 Subject Source Material

For Subjects whose minds we preserve, we collect — exclusively with documented consent — the following categories of personal data:

• Audio recordings (interviews, voice notes, voicemails, ambient conversations)
• Video recordings (interviews, family footage, behavioral observations)
• Written materials (text messages, emails, journals, letters, social media archives, written reflections)
• Photographs
• Biographical information (life events, relationships, opinions, values, beliefs)
• Behavioral and personality data (decision patterns, idiosyncrasies, communication styles)
• Family-submitted memories and contextual information

This material constitutes some of the most sensitive personal data possible, and we treat it accordingly.

3.3 Information Collected Automatically

When you use our website, we may collect:

• Device information (browser type, operating system, device identifiers)
• Usage data (pages viewed, time spent, navigation paths)
• IP address and approximate geographic location
• Cookies and similar tracking technologies (see Section 11)

3.4 Information from Third Parties

We may receive information from:

• Family members submitting source material on behalf of a Subject
• Service providers and processors who support our operations
• Public sources, only when explicitly relevant to a preservation project and with consent

4. How We Use Information

We use the information we collect for the following purposes:

4.1 Service Delivery

• To build, maintain, and refine the AI mind clone of each Subject
• To facilitate access for designated Family Members
• To provide updates, continuity services, and ongoing maintenance
• To deliver customer support and respond to inquiries

4.2 Operations

• To process applications and manage the waitlist
• To verify identity and prevent unauthorized access
• To process payments and manage billing
• To comply with legal obligations and respond to lawful requests

4.3 Research and Improvement

We may use aggregated, fully de-identified data to improve our methodologies and publish research findings. We never use any individual Subject's data to train external models, third-party AI systems, or any system outside of that Subject's private clone. This is a foundational commitment.

4.4 Communications

• To send service updates, onboarding communications, and policy changes
• To respond to your inquiries and provide support
• To send waitlist updates and availability notifications

You may opt out of non-essential communications at any time.

5. Legal Basis for Processing

Where applicable under the EU General Data Protection Regulation (GDPR), the UK GDPR, or similar legislation, we process personal information on the following legal bases:

• Consent: For Subject source material and sensitive personal data, we rely exclusively on explicit, informed, documented consent.
• Contract: To deliver services to clients who have engaged Creomind.
• Legal obligation: Where processing is required to comply with applicable law.
• Legitimate interest: For routine business operations, security, and service improvement, only where such interests are not overridden by your fundamental rights.

6. The Consent Framework

Consent is the foundation of our work. The following principles are non-negotiable:

Subject consent is mandatory. No mind clone is constructed without the formally documented, recorded, and verified consent of the Subject (where the Subject is living). For deceased Subjects, we require documented evidence of the Subject's prior consent or, in its absence, formal authorization from the Subject's legal estate or designated representatives, in accordance with applicable law.

Consent is informed. Subjects are provided with full information about what data will be collected, how it will be used, who will have access, how long it will be retained, and what their rights are.

Consent is revocable. Living Subjects may withdraw consent at any time, in which case ongoing data collection will cease and existing data will be handled according to the Subject's documented wishes.

Consent governs continuity. Subjects determine, in advance, what happens to their preserved mind after their death — including who may access it, whether it may be updated, and under what circumstances it should be retired.

7. Data Sharing and Disclosure

We do not sell, rent, or trade personal information. We share information only in the following limited circumstances:

7.1 Authorized Family Members

Subject mind clones are accessible only to family members or representatives explicitly designated and authorized by the Subject (or, where applicable, by the Subject's estate).

7.2 Service Providers

We engage carefully selected service providers to support our operations, including cloud infrastructure, encryption services, payment processors, and email services. These providers are contractually bound to protect your information and use it solely to deliver services to Creomind.

7.3 Legal Requirements

We may disclose information when required to do so by law, court order, or valid legal process. Where legally permitted, we will notify affected individuals before disclosure.

7.4 Safety and Security

We may disclose information when we reasonably believe disclosure is necessary to protect the safety of any person, prevent fraud, or address security threats.

7.5 Business Transfers

In the event of a merger, acquisition, restructuring, or transfer of assets, personal information may be transferred to the successor entity, subject to the same protections set out in this policy. We will notify affected individuals of any such transfer in advance.

We will never sell personal data, including Subject source material, under any circumstance, to any third party.

8. International Data Transfers

Creomind operates globally and may transfer personal information across international borders to deliver our services. When we transfer data outside of the country where it was collected, we implement appropriate safeguards, including:

• Standard Contractual Clauses approved by relevant data protection authorities
• Adequacy decisions where applicable
• Additional technical and organizational measures, including end-to-end encryption

You may request information about the specific safeguards applicable to your data by contacting us at the address listed in Section 16.

9. Data Security

We implement industry-leading security measures to protect personal information, including:

• End-to-end encryption for all Subject source material, both in transit and at rest
• Isolated infrastructure for each Subject's clone, with no shared training environments
• Access controls restricting data access to authorized personnel under a need-to-know principle
• Multi-factor authentication for all internal systems
• Regular security audits and penetration testing
• Physical security controls for all infrastructure handling Subject data
• Incident response procedures to detect, contain, and respond to security threats

Despite these measures, no system is completely impenetrable. In the unlikely event of a data breach affecting your information, we will notify you and the relevant regulatory authorities in accordance with applicable law.

10. Data Retention

We retain personal information only as long as necessary for the purposes for which it was collected, or as required by law.

Subject source material and mind clones: Retained for the duration specified by the Subject's documented consent and continuity instructions. By default, mind clones are designed to be preserved for the lifetime of the engaging family — and beyond, where authorized.

Waitlist and inquiry data: Retained for up to 24 months from your last interaction, unless you request earlier deletion.

Account and billing data: Retained for the duration of your engagement with Creomind plus the period required by tax, accounting, and regulatory obligations (typically 7 years).

Website usage data: Retained for up to 13 months in identifiable form.

You may request deletion of your information at any time, subject to limitations described in Section 12.

11. Cookies and Tracking Technologies

Our website uses a minimal set of cookies and similar technologies to operate the site, analyze usage, and improve performance. We do not use advertising or behavioral tracking cookies.

The categories we use:

• Essential cookies: Required for the website to function (e.g., session management).
• Analytics cookies: Help us understand how visitors use our site, in aggregated and de-identified form.
• Preference cookies: Remember your settings and preferences.

You may control cookie preferences through your browser settings or our cookie consent banner. Disabling certain cookies may limit functionality.

12. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Right of access: To request a copy of the personal information we hold about you.
• Right of rectification: To correct inaccurate or incomplete information.
• Right to erasure: To request deletion of your information, subject to legal and contractual constraints.
• Right to restrict processing: To request that we limit how we use your information.
• Right to data portability: To receive your information in a structured, machine-readable format.
• Right to object: To object to certain types of processing, including for direct marketing.
• Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time.
• Right to lodge a complaint: With the relevant data protection authority.

To exercise any of these rights, please contact us using the information in Section 16. We will respond within the timeframe required by applicable law (typically 30 days).

Special note on Subject data: For mind clones built on behalf of a Subject, the rights above are exercised by the Subject (during life) or by the Subject's authorized representatives (after death), in accordance with the Subject's documented consent and continuity instructions.

13. Children's Privacy

Creomind does not knowingly collect personal information from individuals under the age of 18 without the explicit consent of a parent or legal guardian. The preservation of a minor's consciousness requires additional ethical review, including informed consent from both the minor (where age-appropriate) and their legal guardians, and is undertaken only in carefully evaluated circumstances.

If we become aware that we have collected information from a minor without proper authorization, we will take prompt steps to delete it.

14. Sensitive Personal Information

We recognize that the data we process — including biometric data (voice prints), behavioral data, and detailed personal histories — constitutes "sensitive personal information" under most data protection regimes (including GDPR Article 9, the California Privacy Rights Act, and similar laws).

We process this data exclusively under the explicit consent of the Subject or their authorized representatives, with elevated security controls, and never for any purpose outside the Subject's preservation.

15. Posthumous Data

A core element of our work involves data that continues to be processed after the Subject's death. We treat posthumous data with the same — and in many cases heightened — care that we apply to data of living Subjects:

• The Subject's documented continuity instructions govern all posthumous use
• Designated family representatives are bound by the Subject's stated wishes
• Posthumous mind clones are not used for any purpose beyond the Subject's authorization
• Families may not modify, share, or repurpose a Subject's clone in violation of the Subject's documented intent

16. How to Contact Us

For any questions, concerns, or requests related to this Privacy Policy or your personal information:

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or the evolution of our services. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Notify affected individuals by email or through prominent notice on our website
• Where required by law, obtain renewed consent for changes that materially affect how we process personal data

We encourage you to review this Privacy Policy periodically.

18. Jurisdiction-Specific Disclosures

18.1 California Residents (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act and the California Privacy Rights Act, including the right to know what personal information we collect, the right to delete personal information, the right to correct inaccurate information, the right to opt out of the sale or sharing of personal information (we do not sell or share personal information for cross-context behavioral advertising), and the right to limit use of sensitive personal information.

To exercise these rights, contact info@creomind.ai.

18.2 European Economic Area, United Kingdom, and Switzerland

Individuals in the EEA, UK, and Switzerland have rights under the GDPR, UK GDPR, and Swiss Federal Act on Data Protection respectively. The legal basis for our processing is described in Section 5. You have the right to lodge a complaint with your local supervisory authority.

18.3 Other Jurisdictions

We comply with data protection laws applicable in the jurisdictions where we operate. Where local law provides additional rights, those rights are respected.

19. Closing Statement

The work we do at Creomind Foundation is unprecedented. We are building systems that preserve the most intimate dimensions of a person — their voice, their thinking, their memory, their identity. We understand that the trust required to do this work is profound, and we have designed every aspect of our operations to be worthy of it.

If at any point you feel we have fallen short of the standards described in this policy, we want to hear from you. Our work depends on it.

— Creomind Foundation