Trust & Policy
Privacy Notice
Upcube privacy policy covering Upcube products, websites, and services.
Privacy Policy
A privacy page shaped for clarity without invented legal commitments.
UpcubeAI is being built as a connected product family across AI workspaces, voice, education, commerce, discovery, cloud infrastructure, entertainment, and future computing. Privacy matters across every part of that ecosystem. A workspace may involve prompts, files, artifacts, research, sources, and tool activity. A voice product may involve real-time interaction. A learning platform may involve course progress. A commerce product may involve product discovery. A cloud product may involve infrastructure usage. Future operating-system experiences may involve deeper device context. Because those surfaces can touch sensitive information, privacy language should be careful, specific, and reviewed. This page exists so the UpcubeAI portal can link to a truthful privacy-policy surface while final legal text, effective dates, company entity details, contact channels, retention schedules, data-use rules, and operational commitments are still being finalized. It is intentionally conservative. Not a binding privacy policy Replace only with reviewed legal copy No reviewed legal text was provided. No effective date was provided. No finalized company entity or contact channel was provided. No confirmed retention, deletion, training, or data-sharing commitment is made here.
Not a binding policy
This page is a placeholder until reviewed privacy terms are ready.
This page is not a final Privacy Policy. It is not legal advice. It is not a binding statement of all privacy practices. It should not be published as final legal copy unless reviewed and approved by qualified legal counsel. It exists to prevent the site from implying that a complete legal policy exists when the supporting source material has not been provided. Replace this content only when reviewed privacy text and operational details are checked into the repository or otherwise approved for publication.
What is missing
The current source material does not provide: The final legal entity name. The effective date. The last updated date. The business address. The official privacy contact channel. The categories of data collected. The purposes of processing. The retention schedule. The deletion process. The user rights workflow. The model-training data policy. The vendor and sub-processor list. The cookie and tracking policy. The international transfer policy. The children’s privacy policy. The enterprise data-processing terms. The jurisdiction-specific disclosures. Until those details are confirmed, public privacy claims should remain limited and clearly marked as placeholder language.
Current structure
Prepared for future reviewed legal copy.
This page is organized so final legal text can replace the placeholder sections without requiring a full redesign of the portal. The structure is intentionally plain: Placeholder status Information we may need to describe later Data handling notes AI and model-training notes Access and controls Cookies and analytics Third-party services Security direction Children and education International users Enterprise and organizations Changes to this policy Contact information Related context Publication checklist Each section below describes what should eventually be covered, while avoiding unsupported promises.
Placeholder status
Informational structure only.
This page is a privacy-policy-style surface for UpcubeAI. Reviewed legal text, effective dates, company details, and official contact channels were not provided in the repo context. Until approved copy exists in source control, this page should be treated as informational structure only. It should not be treated as a finalized privacy policy, legal notice, data-processing agreement, or compliance commitment.
Current public position
UpcubeAI should say: This page is a placeholder. Final privacy terms are still required. Privacy commitments should come from reviewed legal and operational documentation. Product pages should avoid overstating data handling, retention, deletion, security, or training practices until those details are confirmed.
What should happen next
Before publication as a binding policy, UpcubeAI should add reviewed legal copy that accurately reflects actual product behavior, infrastructure, vendors, jurisdictions, and operational processes.
Information we may need to describe later
Future policy text should explain what data is collected.
A complete privacy policy should clearly explain what information UpcubeAI collects or processes. Because final data-handling documentation was not provided, this placeholder does not claim exact categories of collection. Future reviewed copy should describe any applicable categories, such as: Account information Contact information Billing information Prompts and chat content Uploaded files or documents Generated artifacts Search and retrieval activity Tool-use activity Approval records Usage data Device and browser information IP address and approximate location Cookies and analytics data Course progress or learning activity Cloud, compute, or infrastructure usage Support messages Enterprise administrator data Voice interaction data, if any voice services are launched Product-specific metadata from Books, Earth, Games, Jobs, Ventari, Cloud, Education, or other Upcube surfaces These categories should be included only if they match the actual product behavior.
Data handling notes
Do not infer data practices from product design alone.
The current source material does not provide a finalized statement for what data is collected, how it is processed, how long it is retained, whether it is shared, or whether user content is used for model training. Those topics should be filled only from reviewed legal, privacy, infrastructure, or product documentation. They should not be inferred from marketing pages, design references, architecture direction, or placeholder copy.
Future policy questions
The final policy should answer: What data does UpcubeAI collect? Why is the data collected? How is the data used? How long is it retained? Can users delete it? Can users export it? Is user content used to train models? Can users opt out of training or improvement use? What vendors or providers process the data? What data is shared with third parties? What data is processed locally versus in the cloud? What logs are kept for safety, abuse prevention, debugging, or compliance? How are enterprise customer data and consumer user data handled differently? Until those answers are confirmed, public claims should remain limited.
AI and model-training notes
AI privacy needs especially clear language.
UpcubeAI products may involve AI features such as chat, research, artifacts, retrieval, tool flows, recommendations, voice direction, learning paths, commerce discovery, and future system intelligence. A final privacy policy should clearly explain how user content and AI interactions are handled. This placeholder does not claim whether prompts, files, artifacts, usage data, voice data, or other content are used for training, fine-tuning, evaluation, product improvement, safety monitoring, or analytics. Those commitments require reviewed documentation.
Future AI-specific topics
The final policy should clarify: Whether user prompts are stored. Whether uploaded files are stored. Whether generated artifacts are stored. Whether conversations are used for model training. Whether users can opt out of training or improvement use. Whether enterprise data is excluded from training by default. Whether third-party model providers process user content. Whether retrieval sources are stored or logged. Whether tool activity is logged. Whether approval records are retained. Whether voice audio is stored, transcribed, or deleted. Whether local device processing is used. Whether model outputs are monitored for safety, abuse, or quality. No public statement should be made in these areas unless the underlying implementation and legal review support it.
Access and controls
User rights and controls need operational backing.
A complete privacy policy should describe what controls users have over their information. The current placeholder does not document finalized workflows for user rights, administrative controls, account deletion, workspace deletion, artifact deletion, export, correction, restriction, portability, opt-out, or retention schedules. Any public commitment in these areas requires confirmed legal and operational support.
Future control areas
The final policy should describe: How users can access their data. How users can correct account information. How users can delete content or accounts. How users can export data. How users can manage cookies or tracking. How users can opt out of marketing. How users can manage AI training or product improvement use, if applicable. How enterprise administrators can manage users. How organization data is handled when a user leaves a workspace. How deletion requests are verified and completed. How long backup or log data may remain. These workflows should be described only after the product and operations teams confirm they exist.
Cookies and analytics
Tracking language should match the actual site.
A final privacy policy should explain whether UpcubeAI uses cookies, local storage, analytics tools, tracking pixels, advertising technologies, session storage, or similar technologies. This placeholder does not claim what tracking technologies are used. If the portal uses cookies, analytics, pixels, consent banners, performance tools, fraud-prevention tools, or advertising tags, the final policy should describe them accurately.
Future cookie topics
The final policy should state: What cookies or similar technologies are used. Whether they are necessary, analytics, preference, advertising, or security cookies. Whether users can disable them. Whether a consent banner is required. Whether third-party analytics providers are used. Whether cross-site tracking or advertising measurement is used. Whether “Do Not Track” or global privacy controls are honored. Do not publish cookie commitments until the actual site behavior is verified.
Third-party services
Provider and vendor language must be confirmed.
UpcubeAI products may rely on third-party services for hosting, AI models, analytics, payments, authentication, email, maps, books, jobs, game data, commerce content, cloud infrastructure, or other functions. A final privacy policy should explain which categories of third parties process data and why. This placeholder does not provide a vendor list or sub-processor list.
Future third-party topics
The final policy should describe: Hosting and infrastructure providers. AI model and inference providers. Payment processors. Authentication providers. Analytics providers. Email and communication providers. Map, book, game, job, commerce, or search data providers. Customer support tools. Security and abuse-prevention tools. Enterprise integrations. Sub-processors and vendor update cadence, if applicable. Provider claims should match actual contracts and operational reality.
Security direction
Security claims should be proof-based.
UpcubeAI should protect information with appropriate technical and organizational measures. But a privacy policy should not claim specific controls, certifications, encryption coverage, audit status, or compliance programs unless they are documented and reviewed. This placeholder does not claim SOC 2, ISO 27001, HIPAA, PCI, GDPR compliance, encryption coverage, penetration testing cadence, formal audit results, or enterprise security guarantees.
Future security topics
The final privacy policy or security page should explain: How data is protected in transit and at rest, if confirmed. How access controls are managed. How secrets are handled. How logs and audit records are protected. How incidents are detected and handled. Whether security reviews or testing are performed. Whether enterprise security documentation is available. Whether any formal certifications exist. How vulnerability reports should be submitted. Security language should be accurate, current, and supported by evidence.
Children and education
Education products require careful privacy language.
Upcube Education and future learning products may involve students, educators, course content, learning paths, progress data, or training material. A final privacy policy should clearly explain age requirements, children’s privacy, school or organization use, educator responsibilities, and any additional protections for younger users. This placeholder does not claim that UpcubeAI is approved for children, schools, regulated education use, or student data processing.
Future education privacy topics
The final policy should address: Minimum age requirements. Whether children may use the services. Whether parental or school consent is required. Whether student data is collected. Whether education records are processed. Whether school administrator controls exist. Whether learning progress is stored. Whether course activity is used for analytics or improvement. Whether jurisdiction-specific education laws apply. Do not publish child or student privacy commitments without legal review.
International users
Regional privacy rights need legal review.
UpcubeAI may be accessed from different regions, each with its own privacy requirements. A final policy should address applicable rights and disclosures for relevant jurisdictions, such as the United States, European Economic Area, United Kingdom, Canada, California, and other regions where UpcubeAI operates or serves users. This placeholder does not claim compliance with any specific regional privacy law.
Future regional topics
The final policy should address: GDPR or UK GDPR rights, if applicable. California privacy rights, if applicable. Other U.S. state privacy rights, if applicable. International data transfers. Legal bases for processing, if applicable. Data controller and processor roles. Supervisory authority rights, if applicable. Sensitive data rules. Consumer opt-out rights. Appeal processes for denied privacy requests. These disclosures should be added only after legal review.
Enterprise and organizations
Organization use may require separate terms.
Organizations may need different privacy commitments than individual users. A final policy should explain how UpcubeAI handles organization accounts, administrators, workspaces, enterprise data, billing contacts, team members, audit logs, usage records, and data-processing obligations. This placeholder does not include a Data Processing Addendum, enterprise privacy commitments, admin-control commitments, or sub-processor terms.
Future organization topics
The final policy should explain: Who controls organization data. What administrators can access. How member activity is logged. What happens when a user leaves an organization. How enterprise deletion or export works. Whether customer content is used for training. Whether separate enterprise agreements override the public policy. Whether a DPA is available. Whether sub-processors are listed. Whether audit logs and compliance evidence are available. Enterprise claims should match contracts and product capabilities.
Product-specific privacy notes
Each UpcubeAI product may need its own privacy details.
Because the UpcubeAI ecosystem spans multiple products, final privacy language may need product-specific disclosures.
UpcubeAI and Ethen
May need disclosures for prompts, conversations, artifacts, retrieval sources, tool use, approvals, memory, workspace state, and account controls.
Upcube Books
May need disclosures for book searches, saved titles, reading preferences, preview links, third-party provider data, and local browser storage.
Upcube Earth
May need disclosures for location searches, map interactions, overlays, shareable views, provider-backed data, and approximate location if used.
Upcube Games
May need disclosures for game searches, saved items, recommendations, platform preferences, and third-party game metadata.
Upcube Jobs
May need disclosures for job searches, saved roles, applications, profile data, employer interactions, third-party listings, and career preferences.
Ventari
May need disclosures for product searches, browsing history, saved products, reviews, recommendations, carts, payments, merchant links, and commerce analytics.
Upcube Cloud and Cloud VM
May need disclosures for account data, billing data, usage logs, compute metadata, networking data, storage metadata, operational logs, and support records.
Upcube Voice
May need disclosures for voice input, audio processing, transcripts, ephemeral sessions, activation controls, device data, and retention rules.
Upcube Education
May need disclosures for course activity, learning progress, certificates or credential-style programs, payment data, and education records if applicable.
Upcube OS and Mobile OS
May need future disclosures for device data, system activity, files, settings, diagnostics, permissions, local versus cloud AI processing, and user controls. No product-specific commitment should be made until each product’s actual behavior is verified.
Changes to this policy
Updates should follow product and legal review.
When final privacy copy is ready, this page should include: Effective date. Last updated date. Explanation of material changes. How users will be notified. When changes take effect. How prior versions are stored, if applicable. Until then, this placeholder should be clearly labeled as non-final.
Contact information
Contact channels were not provided.
A final privacy policy should provide official contact details for privacy questions and user rights requests. No reviewed privacy contact channel was provided in the repo context. Placeholder contact language should not be published unless the address is monitored and approved. Possible future fields: Privacy email address. Legal email address. Mailing address. Data protection officer contact, if applicable. Enterprise privacy contact. Security reporting contact. User rights request form.
Related context
Read more about current implementation boundaries.
FAQ
Common questions about current scope, placeholder pages, and product availability. View FAQ
Safety and Trust
How UpcubeAI approaches responsible product framing, visibility, approvals, security direction, and maturity boundaries. View Safety and Trust
Terms of Use
The rules that apply when using UpcubeAI services, products, previews, and websites. View Terms
AI Policy
UpcubeAI’s perspective on responsible innovation, practical regulation, trust, and human control. View AI Policy
Privacy publication checklist
Replace this page only when these items are ready.
Before publishing a final Privacy Policy, confirm: The final legal entity name. The effective date and last updated date. The official privacy contact channel. The official legal contact channel. The company address, if required. The categories of data collected. The purposes of processing. The legal bases for processing, if applicable. The retention schedule. The deletion process. The export process. The correction process. The opt-out process. The model-training data policy. The analytics and cookie policy. The vendor and sub-processor list. The payment processor disclosures. The security-control language. The enterprise data-processing language. The children’s privacy language. The education privacy language. The international transfer language. The jurisdiction-specific disclosures. The product-specific privacy sections. The process for notifying users of changes. Review by qualified legal counsel.
Final placeholder note
Privacy commitments should be earned by documentation and operations.
UpcubeAI should speak clearly about privacy, but it should not invent privacy commitments before legal and operational details are ready. This placeholder gives the portal a truthful privacy surface while the final policy is prepared. The standard is simple: Do not overstate. Do not infer. Do not publish unsupported commitments. Replace placeholder text only with reviewed policy language. Privacy should be clear, specific, and backed by the way the product actually works.