Privacy Policy & Security

MilAssist LLC Privacy Policy

Last Updated: January 2025 | Effective Date: January 1, 2025

Information We Collect

Account Information: Username, email address, military branch, and subscription status

Document Data: Content you create using our document formatting tools (stored encrypted)

Usage Analytics: Feature usage patterns and performance metrics (anonymized)

Payment Information: Processed securely through Stripe (we never store payment details)

What We DON'T Collect: Classified information, PII beyond basic account details, location tracking, or device fingerprinting

AI Processing Requirement

Our services rely on artificial intelligence (AI) to function. By using MilAssist, you consent to AI processing as described below:

Essential Functionality

AI processing is integral to our service. Without it, core features like document formatting, military guidance, and career planning cannot function.

What AI Processing Includes

  • Automated document analysis and formatting
  • Military regulation compliance checking
  • Career guidance and recommendation generation
  • Content summarization and enhancement
  • Question answering and conversational responses

Your Rights Regarding AI Processing

  • GDPR (EU Users): Right to human review of automated decisions with legal/significant effects (Article 22)
  • CCPA/CPRA (California): Right to information about automated decision-making and profiling
  • PIPEDA (Canada): Right to explanation of AI processing effects

If you do not consent to AI processing, you cannot use this service as it is essential to our functionality.

How We Use Your Information

  • Provide and improve military document formatting services through AI processing
  • Process subscription payments and manage account access
  • Send service-related notifications (no marketing emails without consent)
  • Analyze usage patterns to enhance user experience (anonymized data only)
  • Comply with legal obligations and security requirements

Data Protection & Security

Encryption: All data transmitted via TLS 1.3 and stored using AES-256 encryption

Local Export Only Mode: Optional zero-retention processing with immediate local download

Access Controls: Multi-factor authentication and role-based access limitations

Data Minimization: We collect only essential information required for service functionality

Regular Audits: Security assessments and vulnerability testing performed quarterly

Your Privacy Rights

GDPR Rights (EU Users)

  • Right to access your data
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to data portability
  • Right to object to processing

CCPA Rights (California Users)

  • Right to know what data is collected
  • Right to delete personal information
  • Right to opt-out of data sales (we don't sell data)
  • Right to non-discrimination

Military & Government Compliance

Classification Level: UNCLASSIFIED ONLY - This system is not authorized for classified or controlled unclassified information

OPSEC Compliance: Users are responsible for ensuring no operationally sensitive information is processed

DoD Compliance: Follows DoD 8500 series cybersecurity guidelines for unclassified systems

Branch Neutral: Not affiliated with or endorsed by any military branch or government entity

Audit Trail: All user actions logged for security and compliance purposes (anonymized where possible)

Data Retention & Deletion

Account Data: Retained while account is active, deleted within 30 days of account closure

Document Data: Automatically deleted after 90 days of inactivity (Local Export Only mode: immediate deletion)

Usage Analytics: Anonymized data retained for up to 2 years for service improvement

Payment Records: Retained as required by financial regulations (typically 7 years)

User Control: Request immediate data deletion at any time via account settings

Third-Party Services & AI Processing

Core Service Providers

OpenAI: Essential AI processing for document formatting, military guidance, and career planning (GPT-4o, Vision, Whisper APIs)

Stripe: Payment processing (subject to Stripe's privacy policy)

Neon Database: Secure database hosting with encryption at rest

Replit: Application hosting and deployment platform

AI Data Processing Details

  • Your content is processed by OpenAI's models to provide AI-powered features
  • Data is sent securely via encrypted connections
  • OpenAI processes data according to their privacy policy and data processing agreements
  • We do not authorize use of your data for training AI models without explicit consent

Data Sharing: We never sell, rent, or share personal data with third parties for marketing purposes. AI processing is essential for service functionality.

Contact & Privacy Requests

For privacy-related questions, data requests, or security concerns:

Privacy Officer: contact@milassist.ai

Security Team: contact@milassist.ai

AI Processing Questions: contact@milassist.ai

General Support: contact@milassist.ai

AI Processing Rights & Requests

If you have questions about AI processing or wish to exercise applicable rights contact us at contact@milassist.ai:

  • GDPR Article 22: Request human review of automated decisions
  • CCPA/CPRA: Information about automated decision-making
  • PIPEDA: Explanation of AI processing effects

Response time: Privacy requests processed within 30 days, security issues within 24 hours, AI processing questions within 5 business days

Policy Updates

This privacy policy may be updated to reflect changes in our practices or legal requirements. Users will be notified of significant changes via email and in-app notifications. Continued use after updates constitutes acceptance of the revised policy.

© 2025 MilAssist LLC. All rights reserved.

Professional military productivity platform