Privacy
Last updated: 15 July 2026. This summary is for Personal and Team customers at launch. It is not a substitute for a signed DPA if you later need one for Enterprise.
What we collect
- Account details: name, email, password (hashed).
- Workspace content you upload or sync (documents, conversations, agent runs).
- Usage and billing metadata (credits, plan, payment provider customer ids).
- Security logs (audit events, including IP when available).
- Support messages you send via Contact.
How we use it
- Provide the Knowledge OS (search, chat, agents, collections).
- Meter credits, process payments, and prevent abuse.
- Operate backups, security monitoring, and account deletion when requested.
Subprocessors
Depending on how your deployment is configured, these third parties may process data:
| Provider | Purpose |
|---|---|
| Hosting / VPS (your operator) | App, database, object storage, backups |
| Resend | Transactional email (reset, invites, alerts) |
| Stripe and/or Razorpay | Payments and billing portal (when enabled) |
| LLM / embedding providers (e.g. OpenRouter, OpenAI) or local Ollama | AI features when you use cloud or local models |
Retention & deletion
You can request account deletion from Settings → Account. An admin must approve; that purges your Personal workspace data. Shared Team data stays with the organization. Backups are retained according to the operator's backup schedule. Audit logs may be exported to an operator-configured sink and purged locally when retention is enabled.
Contact
Privacy questions: Contact us.