Privacy Policy
Effective 2026-05-01 · Great Arrow Digital
This Privacy Policy describes how Manito AI (“we”, “our”, “us”) collects, uses, discloses, and protects information when you use our hosted Software-as-a-Service application at great-arrow-digital.vercel.appand related APIs (the “Service”). It applies to personal information we process about you as the data controller; for content you store in your workspace (memories, files, agent outputs), we act as a processor on your behalf.
1. Information we collect
Account information
- Email address, hashed password (when you sign in with email + password), and OAuth identifier(s) when you sign in with a provider such as Google.
- Profile metadata you choose to add (display name, avatar URL).
- Workspace name(s) and the role(s) you hold in each.
Customer Content
- Memories, documents, chat sessions, agent runs, meeting transcripts, and any other content you upload, generate, or store. We process this on your behalf and do not access it beyond what is necessary to operate the Service.
- Vector embeddings derived from your text. Stored alongside the source content under the same access controls.
Integration credentials
- OAuth refresh / access tokens for third-party providers you choose to connect (Google Workspace, Microsoft 365, Slack, Notion, Atlassian, Asana, Discord, Zoom, Dropbox, GitHub, GitLab). Encrypted at rest with AES-256-GCM under a key we control or a per-workspace key (BYOK) if you provide one. Decrypted in-process only for the duration of an integration sync.
Operational data
- Audit log: every read and write against your workspace, including actor, IP address, user-agent, and resource. Used for security incident response and for the in-app audit dashboard.
- Usage metrics: token counts, model identifiers, latency, and error rates per request — used for billing, capacity planning, and SLO monitoring.
- Diagnostic data: error reports, stack traces, and performance spans (Sentry, Vercel logs). Personal information appearing in stack traces is redacted at our logger boundary where possible.
2. How we use information
- To provide and maintain the Service for you.
- To authenticate you, enforce workspace boundaries, and prevent abuse.
- To bill you, manage subscriptions, and resolve billing disputes.
- To respond to support requests, communicate Service updates, and send transactional email (invitations, password resets, health digests).
- To detect, investigate, and prevent fraud, security incidents, and abuse.
- To comply with legal obligations and respond to lawful requests by public authorities.
We do not sell, rent, or trade personal information. We do not use Customer Content to train large language models for any third party, and we do not use it for our own model training without your separately-given consent.
3. Sub-processors
We rely on the following sub-processors to operate the Service. Each operates under written terms that include confidentiality and security obligations no less protective than those in this Policy:
| Provider | Purpose | Region |
|---|---|---|
| Vercel, Inc. | Hosting, build pipeline, edge network, runtime logs | USA (multi-region edge) |
| Supabase, Inc. | Postgres database, authentication, file storage, realtime | USA |
| Vercel AI Gateway | Routing of LLM requests to Anthropic, OpenAI, Google, and embedding models | USA |
| Anthropic, OpenAI, Google | Large-language-model inference, embeddings | USA / multi-region |
| Upstash, Inc. | Distributed rate limiting (Redis) | USA |
| Sentry / Functional Software, Inc. | Error reporting, performance traces | USA |
| Resend | Transactional email (invitations, health digests) | USA |
We will provide at least thirty (30) days’ notice before adding a new sub-processor or materially changing the role of an existing one. To object, contact privacy@manito.ai.
4. Retention
- Account & profile data: retained for the duration of your account; deleted within thirty (30) days of account closure.
- Customer Content (memories, documents, chats): retained while you maintain a workspace. Deleting a workspace soft-deletes its content; hard deletion completes thirty (30) days later. Encrypted database backups may persist for up to ninety (90) days.
- Integration credentials: deleted within twenty-four (24) hours of disconnect; we attempt upstream revocation where the provider supports it.
- Audit log: retained for ninety (90) days.
- Operational logs & metrics: retained for thirty (30) days, except aggregated, non-identifying usage counters which we retain longer for capacity planning.
5. Security
- All traffic is encrypted in transit via TLS 1.2 or higher.
- Personal access tokens are stored hashed (SHA-256). The plaintext is shown to you exactly once at mint time.
- OAuth refresh tokens are encrypted at rest with AES-256-GCM. Per-workspace BYOK is available.
- Workspace data isolation is enforced by Postgres row-level security on every workspace-scoped table.
- Realtime broadcast channels use HMAC-signed names so a stranger who learns a workspace ID cannot subscribe to its events.
- We follow least-privilege for operator access; admin actions are audit-logged.
6. Your rights
Depending on your jurisdiction you may have rights to access, correct, export, delete, restrict, or object to processing of your personal information, and to lodge a complaint with a supervisory authority. To exercise these rights:
- Access & export: use the in-app export at your workspace settings, or email privacy@manito.ai.
- Correct: update profile fields from /account.
- Delete: close your account from /account; revoke a single integration from /account/connections.
- Object / restrict: email privacy@manito.ai and we will respond within the timelines required by applicable law.
7. International transfers
Data is processed in the United States during the current rollout. If you are located in the European Economic Area, the United Kingdom, or Switzerland, transfers of personal information to the United States are made under appropriate safeguards (such as the Standard Contractual Clauses approved by the European Commission). Multi-region replicas are on the roadmap; until then, please do not store data you are required by law to keep within another jurisdiction.
8. Children
The Service is not intended for, and we do not knowingly collect information from, children under thirteen (13) — sixteen (16) in the EEA / UK. If you believe we have collected such information, contact us at privacy@manito.ai and we will delete it.
9. Changes to this Policy
We may update this Privacy Policy from time to time. Material changes will be communicated by email or via the Service at least thirty (30) days before they take effect. The current revision date appears at the top of this page.
10. Contact
Privacy: privacy@manito.ai
Security: security@manito.ai
See also our Terms of Service.