myndr

Myndr AI

Privacy Policy

Effective:
Last updated:

1. Introduction

Myndr (“Myndr,” “we,” “us,” or “our”) operates the Myndr AI platform, a local-first AI automation tool that enables users to build, deploy, and manage intelligent agents. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our desktop application, web services, and Myndr Cloud platform (collectively, the “Service”).

We are committed to protecting your privacy. Because Myndr AI is designed as a local-first application, the majority of your data never leaves your device unless you explicitly choose to use cloud-hosted features.

2. Scope of This Policy

Local Mode (Recommended for Maximum Privacy): When you install and run Myndr AI entirely on your local computer without signing into Myndr Cloud or connecting external AI providers, no data is transmitted to our servers. All agent creation, execution, memory, and file operations occur locally on your hardware. We have no visibility into your usage, prompts, or created agents.

Myndr Cloud & Hybrid Mode: If you create a Myndr account, deploy agents to the cloud, use our hosted orchestration, or route model inference through Myndr Cloud (including bring-your-own-key scenarios where keys are stored encrypted on our infrastructure), the data necessary to provide those features is processed by us and our subprocessors.

3. Information We Collect

3.1 Information You Provide Directly

  • Account Information: Name, email address, password (hashed), profile details when you register for Myndr Cloud.
  • Payment Information: Billing address, payment method details (processed securely by our third-party payment processors such as Stripe; we never store full card numbers).
  • API Keys & Credentials: When you choose to use external models (OpenAI, Anthropic, Grok, local LLMs via Ollama, etc.), you provide API keys. These are encrypted at rest and only used to make authorized calls on your behalf.
  • Agent & Workflow Content: Agent names, descriptions, system prompts, tool configurations, memory entries, and workflow definitions you create or upload.
  • Waitlist: If you submit your email on our waitlist form, we store that email address along with the timestamp, your IP address, and your browser user-agent so we can contact you when the product is ready and detect abuse.

3.2 Information Collected Automatically (Cloud Users Only)

  • Usage Data: Number of agent runs, token consumption per model, execution duration, error rates, and feature usage statistics (used for billing, performance monitoring, and product improvement).
  • Technical Data: Device type, operating system, app version, IP address (for security and abuse prevention), browser type (if using web components).
  • Interaction Logs: High-level summaries of agent interactions (e.g., “Agent X completed Task Y”) for debugging and support, unless you disable logging.

3.3 Information We Do NOT Collect in Local Mode

Prompts sent to local models, agent memory contents, files processed by agents, cron schedules, or any other user-generated content remain exclusively on your device. We do not receive, store, or have access to this information.

4. Anti-Spam Protection (Google reCAPTCHA)

The waitlist form on our website is protected by Google reCAPTCHA v3. reCAPTCHA collects hardware and software information — such as device and application data, browser plugins, mouse and touch movements, cookies, and IP address — and sends it to Google for analysis to determine whether you are a human or automated agent. The information collected is used to provide and improve reCAPTCHA and for general security purposes; it is not used for personalised advertising. By submitting the waitlist form you consent to this processing. Use of reCAPTCHA is subject to Google’s Privacy Policy and Terms of Service.

5. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service, including agent orchestration, cloud deployment, and cost optimization features;
  • Process payments and manage subscriptions;
  • Communicate with you about updates, security alerts, and support requests;
  • Detect and prevent fraud, abuse, or violations of our Terms of Use;
  • Analyze usage patterns (in aggregated, anonymized form) to develop new features and improve model routing recommendations;
  • Comply with legal obligations and enforce our agreements.

6. Data Sharing and Disclosure

We do not sell your personal information. We may share information in the following limited circumstances:

Service Providers & Subprocessors: Cloud hosting (e.g., AWS, GCP, Vercel), database hosting (Supabase), bot-protection (Google reCAPTCHA), payment processors, analytics (anonymized), and customer support tools. All subprocessors are bound by strict data processing agreements.

AI Model Providers:When you configure an agent to use a third-party model (e.g., Claude via Anthropic, GPT via OpenAI), your prompts and outputs are sent directly to that provider’s API. Their respective privacy policies govern that data. Myndr does not retain copies of these interactions beyond what’s necessary for billing and logging (typically 30–90 days).

Legal Requirements: We may disclose information if required by law, court order, or to protect the rights, property, or safety of Myndr, our users, or the public.

Business Transfers: In the event of a merger, acquisition, or asset sale, user information may be transferred as part of the transaction, subject to the same privacy protections.

7. Data Retention

  • Local data: You control retention entirely; delete the app or specific projects to remove data.
  • Cloud account data: Retained while your account is active. You may request deletion at any time.
  • Usage logs & billing records: Retained for 2 years for tax, legal, and abuse prevention purposes.
  • Agent execution history (cloud): 90 days by default; you can configure shorter or longer retention per project.
  • Waitlist: Held until the product launches and we have contacted you, then deleted unless you convert to an account.

8. Data Security

We implement industry-standard security measures including AES-256 encryption at rest, TLS 1.3 in transit, role-based access controls, regular security audits, and SOC 2 Type II compliance (for cloud infrastructure). In local mode, security is your responsibility — keep your device and API keys secure. We strongly recommend using hardware security keys or encrypted keystores for API credentials.

9. Your Rights and Choices

Depending on your location, you may have the following rights:

  • Access, correct, or delete your personal information;
  • Export your data (agent definitions, workflows, memory exports);
  • Opt out of marketing communications;
  • Withdraw consent for optional data processing (e.g., usage analytics);
  • For EU/UK users: rights under GDPR including data portability and the right to object to processing. For California residents: rights under CCPA/CPRA including the right to know what information is collected and to request deletion.

Local Data Control: Because most data never reaches us, exercising these rights for local usage simply means managing files on your own device.

10. International Data Transfers

Myndr is headquartered in the United States. If you are located outside the U.S., your information may be transferred to, stored, and processed in the U.S. or other countries where our service providers operate. We rely on Standard Contractual Clauses and other approved transfer mechanisms to protect your data.

11. Children’s Privacy

The Service is not directed to children under 18 (or the applicable age of majority). We do not knowingly collect personal information from children. If you believe we have collected such information, please contact us immediately for deletion.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email (if you have an account) or prominent notice in the app at least 30 days before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, requests, or concerns about this Privacy Policy or our data practices, please contact us:

Privacy Team: privacy@myndr.ai

Data Protection Officer (EU): dpo@myndr.ai

© 2026 Myndr All rights reserved.