At AImyOrg, we are committed to protecting your privacy and ensuring the security of your data. This Privacy Policy explains how we collect, use, store, and protect information when you use our AI agent management platform.
1. Information We Collect
Account Information
When you create an account or register your enterprise, we collect:
- Name, email address, and contact details
- Organization name and business information
- Billing and payment information (processed securely via third-party payment processors)
- Role and department within your organization
- Authentication credentials (passwords are hashed and never stored in plain text)
Usage Data
We automatically collect certain information about how you interact with our platform:
- Feature usage patterns and interaction data
- AI agent deployment and task execution metrics
- Login timestamps, IP addresses, and device information
- Browser type, operating system, and screen resolution
- Performance metrics and error logs
Enterprise Data
In the course of using our platform, your organization may upload or generate:
- Documents, files, and knowledge base content
- Task descriptions, workflows, and approval chains
- AI agent configurations, prompts, and training data
- Communication logs and collaboration data
- Integration data from connected third-party services
2. How We Use Information
We use the information we collect to:
- Provide, maintain, and improve the AImyOrg platform
- Process and route tasks to appropriate AI agents and team members
- Enable AI agent functionality, including natural language processing and task automation
- Send service-related notifications, updates, and security alerts
- Provide customer support and respond to inquiries
- Monitor platform performance, security, and reliability
- Comply with legal obligations and enforce our terms of service
- Generate aggregated, anonymized analytics to improve our services
3. Data Storage and Security
We implement industry-leading security measures to protect your data:
Multi-Tenant Isolation
Each enterprise account operates within a fully isolated environment. Your organization's data is logically separated from other tenants, ensuring that no cross-tenant data access is possible. We employ strict access controls and data partitioning at the database level.
Encryption
- In Transit: All data transmitted between your devices and our servers is encrypted using TLS 1.3
- At Rest: All stored data is encrypted using AES-256 encryption
- Key Management: Encryption keys are managed through dedicated key management services with regular rotation
Infrastructure Security
- SOC 2 Type II compliant infrastructure
- Regular penetration testing and security audits
- 24/7 monitoring and intrusion detection systems
- Automated backup and disaster recovery procedures
4. AI Data Processing and Third-Party Data Sharing
Your data is never used to train AI models. Enterprise data processed by AI agents is used solely to execute the tasks and workflows you define. We do not use your proprietary data to train, fine-tune, or improve general-purpose AI models.
What Data Is Sent to AI Services
To provide AI-powered features such as the Copilot, Agent Chat, task planning, and automated workflows, the following types of data may be sent to third-party AI service providers for processing:
- Messages and conversations you submit through Copilot or Agent Chat
- Task descriptions, instructions, and workflow details
- Documents and content from your organization's Knowledge Base that are referenced during AI processing
- Agent configurations and prompt instructions
Who Receives Your Data
Your data is sent to the following third-party AI service providers:
- OpenAI — When using GPT-based models (e.g., GPT-4o, GPT-4.1). Data sent to OpenAI is subject to OpenAI's Enterprise Privacy policy, which prohibits the use of API data for model training.
- OpenRouter — When your enterprise administrator configures alternative AI models (e.g., Claude, Gemini, Llama). Data is routed through OpenRouter's API to the selected model provider.
Your Consent
By creating an account and using AImyOrg, you explicitly consent to the transmission of the data types listed above to the third-party AI service providers identified in this section. You may withdraw consent at any time by discontinuing use of AI-powered features or by contacting us at privacy@aimyorg.app.
How AI Data Is Handled
When AI agents process your enterprise data:
- Data is processed in real-time to execute assigned tasks and generate responses
- AI agent interactions are logged for audit purposes and can be reviewed by authorized administrators
- Processing occurs within your tenant's isolated environment
- You maintain full control over what data AI agents can access through role-based permissions
- AI-generated outputs are owned by your organization
- All third-party AI providers we use provide the same or equal protection for your data as described in this policy
5. Other Third-Party Services
In addition to the AI service providers listed above, we use the following third-party services:
- Cloud Infrastructure: Our platform is hosted on enterprise-grade cloud infrastructure with industry-standard security certifications.
- Payment Processing: Billing is handled by PCI DSS-compliant payment processors. We do not store full credit card numbers on our servers.
- Analytics: We use privacy-respecting analytics tools to understand platform usage patterns. All analytics data is aggregated and anonymized.
6. Data Retention
We retain your data according to the following guidelines:
- Active Account Data: Retained for the duration of your subscription and accessible at all times
- Task and Workflow Logs: Retained for 12 months after task completion, configurable by enterprise administrators
- AI Agent Interaction Logs: Retained for 90 days by default, configurable per your enterprise policy
- Deleted Account Data: Permanently purged within 30 days of account deletion request
- Backup Data: Removed from backup systems within 90 days of deletion
- Legal Hold: Data may be retained longer if required by law or ongoing legal proceedings
7. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
Right to Access
You can request a copy of all personal data we hold about you. Enterprise administrators can export organization data at any time through the platform settings.
Right to Deletion
You can request the deletion of your personal data. For enterprise accounts, the account administrator can initiate full data deletion. We will process deletion requests within 30 days.
Right to Portability
You can request your data in a structured, machine-readable format. We support data export in standard formats (JSON, CSV) for all enterprise data, including AI agent configurations, task histories, and knowledge base content.
Right to Correction
You can update or correct your personal information at any time through your account settings or by contacting our support team.
Right to Object
You can object to certain types of data processing. Enterprise administrators can configure data processing preferences through the platform's privacy settings.
8. Cookies and Tracking
We use essential cookies to maintain your session and provide core platform functionality. We do not use third-party advertising cookies. You can manage cookie preferences through your browser settings.
9. Children's Privacy
AImyOrg is designed for business use and is not intended for children under 16 years of age. We do not knowingly collect personal information from children.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes via email or through the platform at least 30 days before they take effect.
11. Contact Information
If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us:
Email: privacy@aimyorg.app
Data Protection Officer: dpo@aimyorg.app