← Home

Personal Data Processing Agreement

Version dated February 25, 2026

1. General Provisions

This Agreement defines the procedure for processing personal data of users of the ASI Biont service (hereinafter referred to as the "Service", "Operator") in accordance with Federal Law No. 152-FZ of July 27, 2006 "On Personal Data".

2. Data Controller

The controller is an individual — the developer of the Service. Contact for personal data inquiries: @aleksandrinsider.

3. What Data We Process

• Telegram ID (user_id) and username — when registering via Telegram bot
• Discord ID (user_id) and username — when connecting a Discord account
• Email address — for logging into the web interface and for use by the AI agent when performing tasks
• Phone number — for use by the AI agent when performing tasks (e.g., in email signatures, business proposals)
• Content of tasks, reminders, and messages you send to the bot
• Timezone and notification preferences
• Payment history (without card data — payment data is processed by YooKassa and NowPayments)
• IP address when accessing the web interface for region detection
• OAuth2 access and refresh tokens — for Google, GitHub, Slack, Notion services when connected via OAuth2. Stored encrypted individually for each user
• Webhook data — content of events received from external services via /api/webhooks/{service}. Temporarily stored in the event queue (up to 1000 per user)
• KYC verification data (when using the Project Exchange): full name (as in document), document type and number, document photo, selfie with document, proof of address, incorporation documents (for legal entities)
• Investment data (when using the Project Exchange): history of project token purchases/sales, investment volume, transaction dates
• Geolocation data (when using the Project Exchange): country of residence for jurisdictional restriction checks

4. Purposes of Data Processing

• Providing Service functions: task management, reminders, delegation
• Use of contact data (name, email, phone, position, company) by the AI agent when performing user tasks: sending emails, drafting business proposals, email signatures
• Payment processing and token accrual
• Sending notifications via Telegram
• Technical security and Service operability
• Determining display mode (language, payment currency) by IP address
• KYC verification (Project Exchange only): identity verification, sanctions list screening, compliance with limits and jurisdictional restrictions
• Compliance and audit: monitoring of Project Exchange operations to prevent fraud, money laundering, and terrorist financing (AML/CFT)
• Data storage for tax reporting: Project Exchange transaction history is stored for possible provision upon request of authorized authorities

5. Legal Basis for Processing

Processing is carried out on the basis of:

• Consent of the personal data subject (starting to use the Service means acceptance of this Agreement)
• Performance of a contract to which the user is a party (provision of services)

6. Storage and Protection of Data

Data is stored on secure servers. Task content is encrypted. Only the Operator has access to the data. Data is not transferred to third parties, except:

• Payment systems — only the necessary minimum for processing payments
• Partner search function — when search is activated, your name, skills, and city may be shown to other Service users as a potential match. The bot may notify another user that you have similar interests or tasks. This function works only within the Service and only between its registered users
• OAuth2 providers (Google, GitHub, Slack, Notion) — when authorizing via OAuth2, your token is requested from the provider and stored on the server to make API requests on your behalf
• KYC providers (when using the Project Exchange) — KYC documents and data may be transferred to third-party identity verification services (SumSub, Jumio, Passbase or similar) for document authenticity verification
• Law enforcement authorities — upon a reasoned request in accordance with applicable law

7. Data Retention Period

Data is stored for the entire period of using the Service. When an account is deleted, data is deleted within 30 days. To delete your account, contact the Operator: @aleksandrinsider.

8. User Rights

You have the right to:

• Obtain information about the processed personal data
• Request correction of inaccurate data
• Withdraw consent to processing with subsequent deletion of data
• File a complaint with Roskomnadzor

To exercise your rights, send a request: @aleksandrinsider.

9. Cookies and Analytics

The web interface uses Yandex.Metrica for traffic analysis. Metrica may set cookies. You can disable data collection using your browser settings or a Yandex Browser extension.

10. Changes to the Agreement

The Operator has the right to make changes to this Agreement. The current version is always available at /privacy. Continued use of the Service after the publication of changes means acceptance of the changes.