Last updated: January 2026
Kadropic Labs, Inc. (“we”, “us”) built LEO Soul around a simple principle: we store zero of your conversation data. This policy explains what we do and don't collect.
soul_state (the learned state) are never persisted by us. On the hosted API we keep only your
account, aggregate turn counts for billing, and standard security logs. With the SDK or a self-hosted
deployment, your data never reaches us at all.soul_state — beliefs, calibration, the neural model, the curiosity ledger. It rides in
and out of each request and is stored only by you.When you run LEO Soul as the Python SDK or a self-hosted container, all processing happens inside your own
environment. We receive no messages, no soul_state, and no model keys.
The hosted service uses a payment processor (Stripe) for billing and infrastructure providers for hosting. Your chosen model provider (e.g. OpenAI, Anthropic) processes the requests you route to it under their own terms — that relationship is yours, not ours.
Passwords are hashed (PBKDF2-HMAC-SHA256), API keys are stored only as hashes, and traffic is served over HTTPS. Because we don't retain conversation data, the blast radius of any incident is structurally limited.
You may access, correct, export, or delete your account data at any time from your dashboard or by emailing bader@kadropiclabs.com. Deleting your account removes your account and usage records.
The Service is not directed to children under 18 and we do not knowingly collect their data.
We may update this policy; material changes will be posted here with a new date.
Kadropic Labs, Inc. — bader@kadropiclabs.com · kadropiclabs.com