Data we process
We process account information, usage telemetry, support communications, and—when you connect integrations—content required to provide persistent intelligence features. Processing is limited to what is necessary for the service you enable.
Legal bases
Where GDPR applies, we rely on contract performance, legitimate interests (security and product improvement), and consent where required for marketing or non-essential cookies.
Retention
Retention windows depend on product tier and your admin controls. Encrypted vault tiers may retain content longer by design; deletion workflows honor tenant policies where technically feasible.
Security
We implement administrative, technical, and organizational measures including encryption in transit, access controls, and audit logging. No system is perfectly secure; report vulnerabilities responsibly.
Your rights
You may request access, correction, export, or deletion subject to law and contractual records requirements. Contact us via the contact form.