Privacy Policy
How Virgo Command protects your data. Written for humans, not lawyers.
🇬🇧
Detected: United Kingdom
Your data is automatically protected under:
GDPR
Data stored in EU
British Pound (£)
1. What We Collect
We only collect what is necessary to operate your account and deliver the service:
- Name, email address, and country (at signup)
- Data you create inside Virgo — notes, tasks, calendar entries, preferences
- Usage patterns to improve Lily AI responses (anonymised)
- Payment information is processed by Stripe — we never store card details
2. How We Use Your Data
- To operate your Virgo Command account and deliver personalised features
- To power Lily AI — your data trains your personal assistant, not a public model
- To send essential account notifications (password resets, billing)
- To improve the product based on anonymised, aggregated usage data
We do not sell your data. We do not share it with advertisers. Ever.
3. Where Your Data Lives
Your data is stored in the region closest to you, and never transferred without your consent:
- EU users — London, United Kingdom (EU-West)
- US users — Virginia, United States (US-East)
- Asia-Pacific users — Singapore (AP-Southeast)
All data is encrypted at rest (AES-256) and in transit (TLS 1.3).
4. Country-Aware Compliance
Virgo Command automatically detects your country and applies the correct legal framework:
- GDPR — European Union and United Kingdom
- CCPA/CPRA — California, United States
- LGPD — Brazil
- DPDP — India
- PDPA — Singapore
- POPIA — South Africa
No fine print games. Your rights are applied automatically.
5. Your Rights
Regardless of where you are, you always have the right to:
- Export all your data with one click
- Delete your account and all associated data permanently
- Request a copy of everything we hold about you
- Correct inaccurate personal information
- Withdraw consent at any time
- Be forgotten — full data erasure on request
6. Third-Party Services
- Stripe — payment processing (PCI-DSS compliant)
- AWS — infrastructure and storage (ISO 27001 certified)
- Google OAuth — optional sign-in (we only receive name and email)
- Resend — transactional email delivery
We do not use analytics trackers, advertising pixels, or social media SDKs.
7. Cookies
We use only essential cookies required for authentication and session management. No tracking cookies. No third-party cookies. See our Cookie Policy for details.
8. Data Retention
Your data is retained for as long as your account is active. When you delete your account, all personal data is permanently erased within 30 days. Anonymised usage data may be retained for product improvement.
9. Contact
For privacy questions, data requests, or concerns:
Email: privacy@virgocommand.com
We respond to all privacy requests within 72 hours.
Last updated: 20 May 2026