Privacy Policy
Asguard.app ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information.
1. Who We Are
Asguard is operated by Fleur Lamont Ltd, a company registered in England and Wales.
Registered Address: 82A James Carter Road, Mildenhall, Suffolk, IP28 7DE, United Kingdom Contact Email: hello@asguard.app Website: https://asguard.app
For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, Fleur Lamont Ltd is the data controller for the personal data we collect and process through the Asguard service.
2. What Asguard Does
Asguard is a daily AI companion for elderly people, delivered via messaging apps. It provides medication reminders, wellbeing check-ins, warm daily conversation, cognitive stimulation activities, and a memory and story preservation system. The service is set up by a family caregiver on behalf of an elderly loved one.
This privacy policy explains how we collect, use, store, and protect the personal data of all users of the Asguard service, including:
- Caregivers — the family members who subscribe, manage medications, and receive alerts
- Elderly users — the people who converse with their AI companion via Telegram (and other supported messaging platforms)
- Family readers — additional family members who receive weekly memory digests
- Website visitors — people browsing asguard.app, including waitlist sign-ups
3. What Data We Collect
3.1 Account and Profile Data
When a caregiver creates an account, we collect:
- Full name
- Email address
- Password (stored securely using one-way hashing — we never store or see your actual password)
- Payment information (processed and stored by Stripe; we do not store card numbers)
When a caregiver sets up a profile for their elderly relative, we collect:
- The elderly person's first name and preferred name or nickname
- A chosen companion name for the AI (e.g. "Grace", "Arthur")
- Background information provided voluntarily by the caregiver, such as former occupation, hobbies, interests, family members' names, and places of significance
- Medication names, dosages, and scheduled times
- Any sensitivity notes the caregiver provides (e.g. recent bereavement, difficult topics)
3.2 Conversation Data
When the elderly user chats with their companion via Telegram, we collect and store:
- Message content — what the user writes and what the companion replies
- Timestamps — when each message is sent and received
- Telegram user ID — a numeric identifier used to link the Telegram account to the Asguard profile (we do not collect Telegram passwords or access Telegram accounts beyond the bot conversation)
3.3 Memory and Story Data
When the AI companion detects a personal memory or story during conversation, the following may be stored (subject to the elderly user's consent):
- The user's original words (verbatim)
- An AI-generated summary of the memory
- Associated metadata: era or decade, people mentioned, places mentioned, themes, and emotional tone
- A significance score (AI-assessed)
- The user's sharing preference: private (between user and companion only), or shared with family
- Whether the user has confirmed permission to store and/or share the memory
Important: memories marked as private by the elderly user are never shared with caregivers or family readers, except in a crisis escalation scenario where safety is at risk.
3.4 Health and Wellbeing Data
Asguard may collect the following special category data (health data under UK GDPR):
- Medication adherence records (taken, snoozed, missed)
- Daily wellbeing check-in responses (classified as positive, neutral, low, or concerning)
- Self-reported clinical readings shared in conversation, such as blood pressure, blood glucose, INR, weight, oxygen saturation, temperature, or peak flow readings
This data is classified as special category personal data under UK GDPR Article 9. We process it on the basis of explicit consent (Article 9(2)(a)) — the caregiver consents during setup, and the elderly user consents by voluntarily sharing health information in conversation.
Asguard is not a medical device. We do not diagnose, prescribe, or treat. We record and alert. Clinical decisions remain with the user's GP or healthcare provider.
3.5 AI Processing Data
To provide the companion service, we process conversation content through third-party AI services (currently OpenAI and Anthropic). This processing includes:
- Generating companion responses
- Detecting memories in conversation
- Classifying wellbeing signals
- Extracting entities (people, places, themes) for the memory system
- Generating text embeddings for memory retrieval (vector representations of conversation content — these are mathematical representations, not readable text)
- Generating biographical profiles and Living Memoir documents
We do not permit our AI providers to use your data for training their models. We use API-level access with data processing agreements that prohibit training on customer data.
3.6 Website and Waitlist Data
When you visit asguard.app or join our waitlist, we may collect:
- Email address
- First name (optional)
- Your stated reason for interest (optional)
- Standard web analytics data (pages visited, referral source, browser type)
3.7 Payment Data
Payments are processed by Stripe. When you subscribe, Stripe collects your payment card details. We receive from Stripe:
- Last four digits of your card
- Card type and expiry date
- Transaction amounts and dates
- Subscription status
We never receive, see, or store your full card number, CVV, or bank account details.
4. How We Use Your Data
We use your data for the following purposes:
| Purpose | Lawful Basis (UK GDPR) |
|---|---|
| Providing the Asguard companion service | Performance of a contract (Article 6(1)(b)) |
| Sending medication reminders | Performance of a contract |
| Processing and storing memories and stories | Consent (Article 6(1)(a)) — the elderly user controls sharing |
| Health and wellbeing monitoring and alerts | Explicit consent (Article 9(2)(a)) for special category data |
| Sending caregiver alerts (missed doses, low mood, inactivity) | Legitimate interest (Article 6(1)(f)) — safeguarding the elderly user |
| Processing payments and managing subscriptions | Performance of a contract |
| Sending weekly family memory digests | Performance of a contract (subscribed feature) |
| Generating the Living Memoir | Performance of a contract (subscribed feature) |
| Crisis detection and escalation | Vital interests (Article 6(1)(d)) — protecting the life of the user |
| Improving and maintaining the service | Legitimate interest |
| Responding to support enquiries | Legitimate interest |
| Sending waitlist updates and product announcements | Consent (you can unsubscribe at any time) |
We never sell your personal data. We never share your data with advertisers. We never use your personal conversations for marketing purposes.
5. Who We Share Your Data With
We share data only with the following categories of recipients, and only to the extent necessary:
5.1 Within the Asguard Service
- Caregivers receive medication adherence data, wellbeing summaries, alerts, and shared memories for the elderly users they manage
- Family readers receive weekly memory digests containing only memories the elderly user has consented to share
- Important: memories marked as private are never shared with anyone. Brain moment (cognitive puzzle) results are never shared with caregivers — they are not a clinical assessment
5.2 Third-Party Service Providers
| Provider | Purpose | Data Shared |
|---|---|---|
| Stripe | Payment processing | Payment card details, subscription data |
| OpenAI / Anthropic | AI companion responses, memory processing, embeddings | Conversation content (processed under data processing agreements; not used for model training) |
| Telegram | Message delivery to elderly users | Message content delivered via Telegram Bot API |
| Email service provider | Sending caregiver alerts and family digests | Email addresses, alert/digest content |
| Hosting provider | Infrastructure | All data is stored on servers we control |
5.3 Legal and Safety Disclosures
We may disclose personal data if required to do so by law, regulation, or legal process, or if we believe in good faith that disclosure is necessary to:
- Comply with a legal obligation
- Protect the safety of any person (including in a crisis escalation scenario)
- Protect the rights or property of Fleur Lamont Ltd
- Prevent fraud
6. Data About Third Parties
During conversations, the elderly user may mention other people — family members, friends, neighbours, former colleagues. This is natural biographical conversation, comparable to writing a diary or telling stories.
We store these mentions as part of the memory and entity system to enable the companion to remember and reference people meaningfully. This data is not used to contact, profile, or identify those individuals outside the Asguard service.
If you are a third party mentioned in an Asguard user's conversations and wish to exercise your data rights, please contact us at hello@asguard.app.
7. Where Your Data Is Stored
Your data is stored on servers located in the United Kingdom and/or the European Economic Area.
Where data is processed by third-party AI providers (OpenAI, Anthropic), processing may occur in the United States. These transfers are governed by data processing agreements that include appropriate safeguards, including the UK International Data Transfer Agreement or EU Standard Contractual Clauses.
8. How We Protect Your Data
We take the security of your data seriously. Our measures include:
- Encryption at rest: conversation data, memories, and health readings are encrypted in our database
- Encryption in transit: all data transmitted between your device, our servers, and third-party services uses TLS encryption
- Access controls: role-based access ensures caregivers only see data for the elderly users they manage, and family readers only see shared memories
- Password security: passwords are stored using one-way cryptographic hashing and are never stored in plain text
- Payment security: payment card data is handled entirely by Stripe (PCI DSS Level 1 certified) and never touches our servers
- Automated backups: regular encrypted backups protect against data loss
- Input sanitisation: all user-supplied text is sanitised before processing to prevent injection attacks
9. How Long We Keep Your Data
| Data Type | Retention Period |
|---|---|
| Account and profile data | For the life of the account, plus 30 days after account closure |
| Conversation logs | For the life of the account |
| Memories and stories | For the life of the account, plus 90 days after account closure (to allow export) |
| Health readings and medication logs | For the life of the account, plus 7 years after deletion request (in line with CQC recommendations for health records) |
| Payment records | As required by UK tax and accounting law (typically 6 years) |
| Waitlist sign-ups | Until the product launches, or until you unsubscribe, whichever is sooner |
After the applicable retention period, data is permanently and irreversibly deleted. We do not retain shadow copies.
10. Your Rights Under UK GDPR
You have the following rights regarding your personal data:
- Right of access — request a copy of the personal data we hold about you
- Right to rectification — request correction of inaccurate data
- Right to erasure ("right to be forgotten") — request deletion of your data, subject to legal retention requirements
- Right to restrict processing — request that we limit how we use your data
- Right to data portability — receive your data in a structured, machine-readable format (JSON and PDF export available)
- Right to object — object to processing based on legitimate interest
- Right to withdraw consent — where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of prior processing
Exercising Your Rights
To exercise any of these rights, contact us at hello@asguard.app. We will respond within one calendar month, as required by UK GDPR.
The Elderly User's Rights
The elderly user is a data subject in their own right. They have independent rights over their personal data, including the right to:
- Ask the companion to keep a memory private ("just between us")
- Request that we delete their data, regardless of the caregiver's subscription status
- Withdraw from the service at any time by blocking the Telegram bot
If there is a conflict between the caregiver's wishes and the elderly user's data rights, the elderly user's rights take precedence.
11. Children's Data
Asguard is not designed for or directed at children under 18. We do not knowingly collect personal data from children. If you believe a child's data has been submitted to us, please contact us at hello@asguard.app and we will delete it promptly.
12. Automated Decision-Making
Asguard uses AI to:
- Classify wellbeing check-in responses (positive / neutral / low / concerning)
- Detect crisis signals in conversation (expressions of hopelessness, self-harm ideation)
- Detect and categorise personal memories
- Generate a significance score for memories
- Generate the companion's conversational responses
These automated processes inform the service but do not make decisions that produce legal effects or similarly significant effects on users. Caregiver alerts are informational — they prompt human action, not automated intervention.
Crisis detection may trigger an immediate alert to the caregiver and display of a crisis helpline number to the user. This is a safety measure designed to protect life, processed under the vital interests lawful basis (Article 6(1)(d)).
13. Cookies and Tracking
The Asguard website (asguard.app) uses:
- Essential cookies — required for the website and dashboard to function (e.g. authentication session)
- Analytics — we may use privacy-respecting analytics to understand how visitors use our site. We do not use advertising cookies or trackers.
The Telegram-based companion does not use cookies.
14. US Users
Asguard is currently available in the United Kingdom only. Users in the United States cannot subscribe at this time due to regulatory requirements (HIPAA). US visitors who join our waitlist will be notified when service becomes available in their region.
15. Changes to This Policy
We may update this privacy policy from time to time. When we make material changes, we will:
- Update the "Last Updated" date at the top of this page
- Notify active subscribers by email
- Provide a summary of what changed
Continued use of the Asguard service after a policy update constitutes acceptance of the revised terms.
16. Complaints
If you are unhappy with how we have handled your data, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):
Information Commissioner's Office Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF Website: https://ico.org.uk Telephone: 0303 123 1113
We encourage you to contact us first at hello@asguard.app so we can try to resolve your concern directly.
17. Contact Us
For any questions about this privacy policy or your personal data:
Email: hello@asguard.app Post: Fleur Lamont Ltd, 82A James Carter Road, Mildenhall, Suffolk, IP28 7DE, United Kingdom
Last updated: 2026-03-11
For privacy inquiries, please contact us at hello@asguard.app