We set none. That is the feature.

AS OF THE DATE BELOW, THE AION WEBSITE AND THE IN-BROWSER PROTOTYPE SET NO AUTHENTICATION, SESSION, ANALYTICS, ADVERTISING, PERSONALIZATION, OR TRACKING COOKIES.

We run no analytics, tag, pixel, fingerprinting, or session-replay technology of any kind, and treat that absence as a permanent design invariant. We do not build behavioral profiles and do not sell or share personal information for cross-context behavioral advertising, so no “Do Not Sell or Share” obligation arises — there is nothing to opt out of. The only category we could ever rely on without consent is a strictly-necessarycookie (for example a CSRF token bound to a form you submit), within the meaning of ePrivacy Directive Art. 5(3) and UK PECR Reg. 6(4); none is set today.

Revision:v1.0 · 2026-05-29Scope:The live, no-account product

AION uses a small amount of on-device browser storage that is never transmitted to us: a tab-local sentinel that cleans up in-browser draft data for an unsaved Vault, and a list of public 16-character Vault identifiers only — no secret contents, no keys, no shard material. It clears when you close the tab, and the in-product Forget device session action clears it immediately. This storage delivers functionality you requested and is not read for tracking.

This Statement describes the live, no-account product. If account features ever ship — including any record written to a consent log — we will re-scope and re-date this Statement under §4 before that happens.

AION sets no third-party cookies. Separately, the providers on our Sub-Processors page process limited data when you load our pages, pay, or email us — under their own policies, which we do not control. They may set their own cookies on their own pages (for example, the Stripe-hosted payment page, which opens as a full-page redirect, not an embedded frame). We do not set, control, or read those cookies, and they are not set on the AION site. Our hosting platform records standard request metadata as an ordinary byproduct of serving public pages; that is not an AION analytics system and contains no request bodies and no vault content.

If AION ever introduces any technology that is not a strictly-necessary cookie — any analytics, advertising, personalization, or cross-context tracking — then beforeit is activated for users in any jurisdiction that requires it, we will: deploy a consent interface that obtains prior opt-in where required and offers opt-out where required; itemize each such technology, its purpose, and its retention here; and honor a global opt-out signal (e.g. Global Privacy Control) where law requires. Until all three are satisfied, no such technology runs.

Questions: mail@sealedaion.com. This Statement is governed by the laws of the State of California.