Privacy Policy

1.1 Information You Provide

We collect information that you provide directly to us:

• Account Information: Name, email address, phone number, company name, job title, and password
• Payment Information: Billing address and payment method details (processed by third-party payment processors)
• Profile Information: Profile photo, preferences, and account settings
• Content Data: Text, files, documents, and other content you input into the Service
• Communications: Messages, feedback, and support requests you send to us
• Integration Data: Credentials and data from third-party services you connect to our platform

1.2 Information We Collect Automatically

When you use our Service, we automatically collect:

• Usage Information: Features used, pages viewed, time spent, API calls made, and interaction patterns
• Device Information: Device type, operating system, browser type and version, unique device identifiers
• Log Data: IP address, access times, error logs, and performance data
• Cookies and Similar Technologies: We use cookies, web beacons, and similar tracking technologies (see Section 8)
• Location Data: Approximate location based on IP address for geographical compliance
• Analytics Data: Usage patterns, performance metrics, and feature adoption statistics

1.3 Information from Third Parties

We may receive information from:

• Authentication Providers: When you sign in using third-party services (e.g., Google, GitHub)
• Integration Partners: Data from services you connect to our platform
• Payment Processors: Payment confirmation and transaction details
• Business Partners: Information from partners who offer complementary services

2.1 Provide and Maintain the Service

• Create and manage your account
• Process your requests and transactions
• Deliver AI agent services and features
• Store and process your content
• Provide customer support
• Monitor and improve Service performance

2.2 Improve and Develop the Service

• Analyze usage patterns and trends
• Develop new features and functionality
• Conduct research and testing
• Debug and fix technical issues
• Optimize performance and user experience

2.3 Communicate with You

• Send service updates and notifications
• Respond to your inquiries and requests
• Provide technical support
• Send marketing communications (with your consent)
• Conduct surveys and gather feedback

2.4 Ensure Security and Compliance

• Detect and prevent fraud, abuse, and security threats
• Enforce our Terms of Service and policies
• Comply with legal obligations
• Protect rights, property, and safety
• Monitor compliance with usage limits and policies

2.5 Business Operations

• Process payments and manage subscriptions
• Generate invoices and financial reports
• Manage business relationships
• Facilitate corporate transactions (mergers, acquisitions)

3.1 Third-Party LLM Providers

When you use third-party large language models (LLMs) through our Service, your prompts and data may be processed by those providers (e.g., OpenAI, Anthropic, Google, etc.). We use enterprise agreements with these providers that include:

• Prohibition on using customer data for model training
• Data processing agreements compliant with GDPR and other regulations
• Security and confidentiality commitments
• Data residency options where available

3.2 Geographical Compliance

Our Service allows you to select data processing regions to comply with geographical data residency requirements. We support multiple regions including:

• European Union (GDPR compliance)
• United States (CCPA and other state privacy laws)
• Asia-Pacific regions
• Other regions as specified in your subscription

3.3 Data Isolation

Enterprise customers can opt for enhanced data isolation, including:

• Dedicated infrastructure and database instances
• Virtual Private Cloud (VPC) deployment
• Custom encryption keys (BYOK - Bring Your Own Key)
• Single-tenant architecture options

4.1 Service Providers

We share information with third-party service providers who perform services on our behalf:

• Cloud infrastructure providers (hosting, storage, compute)
• LLM and AI model providers
• Payment processors
• Analytics and monitoring services
• Customer support tools
• Email and communication services

These providers are bound by contractual obligations to keep your information confidential and use it only for the purposes we specify.

4.2 Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and provide choices regarding your information.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Valid legal processes (subpoenas, court orders, warrants)
• Government or regulatory requests
• National security requirements
• Enforcement of our rights and agreements
• Protection of safety and security

4.4 With Your Consent

We may share your information with third parties when you explicitly consent or direct us to do so, such as when you authorize integrations with other services.

4.5 Aggregated and De-identified Data

We may share aggregated or de-identified information that cannot reasonably be used to identify you for research, marketing, analytics, or other purposes.

5.1 Technical Safeguards

• Encryption in transit (TLS 1.3) and at rest (AES-256)
• Network security and firewalls
• Intrusion detection and prevention systems
• Regular security assessments and penetration testing
• Secure development practices and code reviews
• Multi-factor authentication (MFA)
• Role-based access controls (RBAC)

5.2 Organizational Safeguards

• Employee background checks and security training
• Confidentiality agreements
• Incident response procedures
• Business continuity and disaster recovery plans
• Regular security audits and compliance reviews

5.3 Compliance Certifications

We maintain industry-standard security certifications including:

• SOC 2 Type II compliance
• ISO 27001 certification (in progress)
• GDPR compliance
• CCPA compliance

7.1 Access and Portability

You have the right to access your personal information and receive a copy in a portable format.

7.2 Correction and Update

You can update your account information at any time through your account settings. You can also request that we correct inaccurate information.

7.3 Deletion

You can request deletion of your account and personal information. Note that some information may be retained as required by law or for legitimate business purposes.

7.4 Opt-Out

You can opt out of marketing communications by following the unsubscribe instructions in those communications. You cannot opt out of service-related communications.

7.5 Additional Rights (GDPR)

If you are in the European Economic Area, you have additional rights including:

• Right to restriction of processing
• Right to object to processing
• Right to withdraw consent
• Right to lodge a complaint with a supervisory authority

7.6 Additional Rights (CCPA)

If you are a California resident, you have the right to:

• Know what personal information is collected
• Know whether personal information is sold or disclosed and to whom
• Opt out of the sale of personal information (we do not sell personal information)
• Non-discrimination for exercising your rights

8.1 Types of Cookies

• Essential Cookies: Required for the Service to function (authentication, security)
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Help us understand how you use the Service
• Marketing Cookies: Used to deliver relevant advertisements (with your consent)

8.2 Managing Cookies

You can control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of the Service.

8.3 Analytics and Advertising

We use third-party analytics services (e.g., Google Analytics) to understand usage patterns. These services may use cookies and similar technologies. You can opt out of these services through their respective opt-out mechanisms.