Eidos logo Eidos LGPD & privacy

LGPD & Privacy

Clear control over consent, memory, and personal data.

Eidos is built for persistent agents, so privacy cannot be an afterthought. Users should understand what is stored, export their data, and request deletion or anonymization when needed.

View rights Retention model

Data subject rights

Privacy actions should be visible, not buried in support.

These flows belong inside the product as clear, trackable actions whenever the operation allows it.

Consent

Terms and privacy acceptance are recorded with the exact document version.

Export

Account data, memory, and operational state can be exported with secrets redacted.

Deletion

User-owned personal data can be removed or anonymized according to its category.

Updates

When legal documents change, users can be asked to review and accept the current version.

Data categories

Agent memory needs clear boundaries.

Eidos separates account data, operational data, persistent memory, personal bot tokens, and billing records.

What may be stored

  • User identifiers, consent records, and product preferences.
  • Short-term, episodic, semantic, procedural, and operational memory.
  • Run history, approvals, notifications, and connector status.
  • Billing records and receipts when a user is on a paid plan.

How sensitive data is protected

  • Personal bot tokens are encrypted.
  • Desktop connector tokens remain local; the backend stores only a hash.
  • Exports redact token-like, hash-like, and secret-like fields.
  • Payment records may be retained in anonymized form when legally required.

Retention

Persistent memory does not mean infinite retention.

The MVP supports memory cleanup after 90 days of inactivity, with room to notify inactive users before removal.

1

Account becomes inactive

The system detects when there has been no relevant activity for the configured period.

2

User can be notified

Before cleanup, the product can give the user time to return or export data.

3

Memory is cleaned or anonymized

Memories and operational records are removed or dissociated from identity according to their category.

Inside the product

Privacy is an interface, not just a document.

The Eidos PWA is designed to expose legal links, current-version consent, data export, account deletion, and memory retention controls.

PWA Console

Users can review documents, accept current versions, and start privacy actions from the console.

Personal bots

Bot activation uses validation, one-time verification keys, encryption, and revocation.

Billing

Payment data follows its own retention requirements and can be anonymized when applicable.

Always-on agent work

Eidos can keep delivering value while your computer is off.

Cloud workflows such as memory updates, bot responses, scheduled jobs, usage reports, approvals, and workspace drafts can continue without the desktop connector. If a task needs files or applications on your local computer, that specific local action waits until the connector is online again.