Privacy
Privacy policy.
Plain English version: your operating memory is yours. We do not retrain models on your data. We use your email to send the things you signed up for. We do not sell anything to anyone.
Last updated May 25, 2026. This is a working shell. Final language pending legal review.
01.
What we collect
Account info you provide (email, founder name, company name). Payment method via Stripe (we never see your card number). Usage data needed to run your instance (mission content, evidence trail, decision log). Standard web analytics on the marketing site.
02.
What we do with it
Account info: run your instance and email you. Payment: charge you. Usage data: run your instance and improve the service for you specifically. Analytics: improve the marketing site.
03.
What we do not do with it
We do not sell your data. We do not retrain shared models on it. We do not share it with third parties except subprocessors required to deliver the service (Stripe for payments, model providers for inference when you use AOS Credits).
04.
Your operating memory
Decisions, blockers, rationale, and evidence captured in your AOS instance belong to you. You can export it anytime. We retain it only as long as your instance is active or for a 90-day grace period after cancellation.
05.
Subprocessors
Stripe (payments), model providers you choose (OpenAI/Anthropic/etc. for inference under BYOK, or our credits partner for AOS Credits), our hosting provider, our email provider. List published and updated on the trust page.
06.
International transfers
Standard contractual clauses for transfers out of the EU/UK. We are not yet certified under any specific framework. Targeting SOC 2 Type 1 readiness within the first 90 days of public availability.
07.
Your rights
Access, correction, deletion, export. Email privacy at our domain and we respond within 30 days.