← Back to Home

Privacy Policy

Last updated: November 27, 2025

1. Introduction

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our RAG Knowledge Management Platform. Please read this policy carefully.

2. Information We Collect

2.1 Account Information:

  • Email address
  • Name
  • Password (encrypted)
  • Workspace/organization information

2.2 Content and Documents:

  • Documents and files you upload
  • Meeting transcripts and notes
  • Chat conversations with the AI assistant
  • Client information you store

2.3 Usage Information:

  • Pages visited and features used
  • Time spent on the platform
  • Search queries and AI interactions
  • Device and browser information
  • IP address and location data

2.4 Payment Information:

  • Payment information is processed and stored by Stripe, our payment processor
  • We store only your Stripe customer ID and subscription status
  • We never see or store your full credit card details

3. How We Use Your Information

We use your information to:

  • Provide and maintain the Service
  • Process your documents and generate AI responses
  • Manage your account and subscriptions
  • Send service-related communications
  • Improve and optimize the platform
  • Ensure security and prevent fraud
  • Comply with legal obligations

4. Third-Party Services

We use the following third-party services:

4.1 OpenAI: Your documents and queries are processed by OpenAI's API to provide AI-powered features. OpenAI does not use your data to train their models. See OpenAI's privacy policy for details.

4.2 Stripe: Payment processing is handled by Stripe. Stripe's privacy policy governs payment data.

4.3 Google Analytics: We use Google Analytics to understand usage patterns. You can opt out using browser plugins.

4.4 Weaviate: Document embeddings and vector storage are managed by our self-hosted Weaviate instance.

5. Data Security

We implement security measures to protect your information:

  • Passwords are encrypted using bcrypt
  • Data transmission uses HTTPS/SSL encryption
  • Multi-tenant data isolation per workspace
  • Regular security updates and monitoring
  • Restricted access to production systems

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as your account is active or as needed to provide services. When you delete your account, we will delete or anonymize your personal information within 30 days, except where we must retain it for legal compliance.

7. Your Rights

You have the right to:

  • Access your personal information
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data
  • Opt out of marketing communications
  • Object to certain processing activities

To exercise these rights, contact us at [email protected]

8. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in these circumstances:

  • With your consent
  • With service providers (OpenAI, Stripe) to operate the Service
  • To comply with legal obligations or court orders
  • To protect our rights and prevent fraud
  • In connection with a business transfer or merger (with notice)

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

10. Children's Privacy

Our Service is not intended for children under 13. We do not knowingly collect information from children under 13. If you believe we have collected such information, please contact us immediately.

11. Cookies and Tracking

We use cookies and similar technologies to:

  • Keep you signed in
  • Remember your preferences
  • Analyze usage patterns
  • Improve performance

You can control cookies through your browser settings.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. The "Last updated" date at the top indicates when changes were made.

13. Contact Us

For questions or concerns about this Privacy Policy or our data practices, contact us at: [email protected]

14. GDPR Compliance (EU Users)

If you are in the European Economic Area (EEA), you have additional rights under GDPR:

  • Right to be informed about data processing
  • Right of access to your data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Rights related to automated decision-making

15. CCPA Compliance (California Users)

California residents have rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of sale of personal information (we do not sell)
  • Right to deletion of personal information
  • Right to non-discrimination for exercising CCPA rights

By using our Service, you acknowledge that you have read and understand this Privacy Policy.