We have moved to a new domain

To provide you with a faster and more secure experience, we’ve migrated all services to our new platform. This page is no longer active.

Go to typexai.dev

Bardo – Privacy Policy & Terms of Service

Last Updated: March 24, 2026
Effective Date: April 19, 2026 (Bardo 1.0 Update)

At TypexAI, transparency isn't just a buzzword; it's the foundation of our software philosophy. We believe you have the right to know exactly how your tools work, where your data lives, and who is responsible for what. This document serves as both our Privacy Policy and Terms of Service. By using the Bardo application, you agree to these terms.

1. Zero-Knowledge Architecture & Open Source Trust

With the introduction of cloud synchronization in Bardo 1.0, we have implemented a strict Zero-Knowledge End-to-End Encryption (E2EE) architecture.

Your notes, lists, and files are encrypted locally on your device using the Aegis encryption protocol before any data is transmitted to our servers or exported. Aegis is our new default protocol that uses a binary format designed specifically for secure data handling. It is built around Argon2id key derivation, AES-256-GCM authenticated encryption, KEK/CEK key separation, chunked processing for large exports, and GZIP compression before encryption.

Decryption keys are never stored on our servers. They remain strictly on your device.

We cannot read, scan, analyze, or hand over your notes to anyone because we only store unreadable ciphertext.

Synchronization traffic is additionally protected in transit by HTTPS/TLS. As a result, data is encrypted both before upload and during transmission between your device and the synchronization infrastructure.

To build absolute trust, a significant portion of our encryption and synchronization code is open-source, allowing independent developers to verify our security claims.

2. Data Collection and Server Infrastructure

We operate on a principle of extreme data minimization:

  • Optional Account Data: Core local note-taking does not require cloud registration. However, if you enable cloud synchronization as a Bardo Plus subscriber, we process the email address you provide, authentication credentials or related authentication records, and limited account-level information necessary to operate the service.
  • Encrypted Content Storage: TypexAI and its infrastructure providers store encrypted synchronization data rather than plaintext note records. The content of your notes remains encrypted before it reaches the backend.
  • Server Location: Bardo's cloud synchronization infrastructure is operated through Supabase and hosted on AWS infrastructure in Ireland (European Union), subject to applicable European data protection standards, including the GDPR where applicable.
  • Service Metadata: To authenticate accounts, maintain service security, prevent abuse, process subscriptions, and preserve system reliability, we may process limited service metadata such as IP addresses, account identifiers, timestamps, device or app version information, subscription status, and operational logs. This metadata is handled separately from encrypted note content and is not used to read the contents of your notes.
  • No Third-Party Analytics or Advertising Trackers: We do not use third-party analytics trackers such as Google Analytics or Firebase for behavioral profiling, and we do not use the service to deliver intrusive third-party advertising.

3. Data Loss, Recovery, and Account Deletion

Because Bardo uses a Zero-Knowledge architecture, you are solely responsible for safely storing your master passwords and decryption keys.

  • No Password Reset: If you lose your password or decryption keys, TypexAI cannot recover, reset, or restore your encrypted data. We are not liable for any data loss.
  • Complete Control: You have complete control over your synchronization settings. You can enable or disable synchronization at any time.
  • Account Deletion and Retention: If you use the "Delete Account" function, encrypted note content associated with synchronization is scheduled for deletion without undue delay. Certain account records and limited service metadata may nevertheless remain in a restricted retention state for up to 30 days after the deletion request for security, fraud prevention, technical backup rotation, dispute handling, or legal compliance purposes. This retention period is intended to apply to the account record and related service metadata, not to the plaintext content of your notes, which we do not possess.

4. Bardo Plus Subscription & Refund Policy

Bardo Plus offers advanced features, including cloud synchronization.

No Refunds: All purchases of Bardo Plus subscriptions are final and non-refundable. Because we do not verify users against real-world identity documents and cannot meaningfully inspect individual note usage due to our Zero-Knowledge architecture, we cannot process prorated or full refunds after a purchase is made.

Please use the free version of Bardo to ensure the app meets your needs before upgrading to Bardo Plus. You can cancel the automatic renewal of your subscription at any time through the Google Play Store.

5. AI Integration (Lumen and Lumen+ Agent)

When you utilize AI features within Bardo, requests are encrypted and sent directly from your application to the respective AI provider APIs (OpenAI/Gemini).

Lumen+ Agent only performs local actions on your device. It does not have access to your encrypted Personal Space vault.

You can wipe the Lumen+ local memory completely at any time via Settings > Use AI.

6. Legal Requests and Required Disclosures

Due to Bardo's Zero-Knowledge design, TypexAI does not possess your plaintext notes or the decryption keys necessary to read them. Accordingly, in ordinary operation, we are not capable of disclosing readable note content because that readable content is not available to us.

If TypexAI receives a valid and binding legal request, subpoena, warrant, or other compulsory demand from a competent public authority, law-enforcement body, or regulatory authority, we may be required to disclose only the limited account or service metadata that is available to us and only to the extent required by applicable law.

This may include requests transmitted through national authorities or recognized international cooperation channels. TypexAI does not voluntarily provide user data for generalized surveillance or bulk data collection.

7. User Conduct and Limitation of Liability

Bardo is provided as a neutral utility tool for personal note-taking.

  • User Responsibility: You are entirely responsible for the content you create or store using Bardo. You agree not to use the application for any illegal activities.
  • No Moderation: Because of our Zero-Knowledge architecture, TypexAI cannot monitor or moderate user-generated content.
  • Indemnification: TypexAI (and its creators or affiliates) shall not be held liable for any direct, indirect, or consequential damages arising from the use of this app. You agree to indemnify TypexAI against any claims arising from your use of the application for illicit purposes.

Contact Us

If you have questions regarding this policy, please reach out: