Privacy Policy

Last Updated: February 24, 2026

1. Scope

This Privacy Policy explains how Innogath collects, uses, stores, and discloses personal data when you access our website, application, and related services (collectively, the "Service").

2. Data We Collect

We collect the following categories of data:

• Account Data: name, email address, authentication identifiers, and account preferences.
• Workspace Data: prompts, branch chats, reports, canvas elements, notes, uploaded files, and generated artifacts.
• Billing Data: subscription status, transaction metadata, and invoice references. Payment credentials are handled by our Merchant of Record and payment providers, not stored by Innogath.
• Technical Data: IP address, browser/device data, log events, timestamps, and usage diagnostics.

3. How We Use Data

We use data to:

• Operate and secure the Service.
• Process your requests, including branch chat, deep research, diagram generation, and note features.
• Improve performance, reliability, and product quality.
• Provide support, billing operations, and legal compliance.
• Detect abuse, fraud, and policy violations.

4. AI Processing and Model Use

Workspace content may be processed by model providers and infrastructure vendors acting on our behalf to deliver requested features.

Innogath does not use private customer workspace content to train public foundation models.

5. Legal Bases (Where Applicable)

Where privacy laws require legal bases, we generally rely on:

• Performance of contract (providing the Service you requested).
• Legitimate interests (security, support, reliability, and abuse prevention).
• Legal obligations (tax, accounting, compliance, and lawful requests).
• Consent where required by law.

6. Sharing and Disclosure

We share data only as needed to provide the Service and operate the business, including with:

• Cloud infrastructure and storage providers.
• Authentication, analytics, and error-monitoring providers.
• Our authorized Merchant of Record and billing processors.
• Law enforcement or regulators when legally required.

We do not sell personal data.

7. Data Retention

We retain personal data for as long as necessary to provide the Service and satisfy legal, accounting, and security obligations.

Account deletion requests trigger removal or irreversible anonymization of active workspace data, except where retention is legally required.

8. Security

We apply technical and organizational safeguards designed to protect data confidentiality, integrity, and availability. No method of storage or transmission is guaranteed to be 100% secure.

9. Your Rights

Depending on your location, you may have rights to access, correct, delete, or export your personal data, and to object to or restrict certain processing activities.

To exercise these rights, contact support@innogath.com.

10. International Transfers

Your data may be processed in countries other than your own. Where required, we implement safeguards for cross-border transfers consistent with applicable law.

11. Children

The Service is not directed to children under 13 (or older minimum age where required by local law). If you believe a child has provided personal data, contact us for removal.

12. Changes to This Policy

We may update this Privacy Policy to reflect product, legal, or operational changes. Material changes are posted on this page with an updated effective date.

13. Contact

Privacy and data requests: support@innogath.com