Effective May 7, 2026

Privacy Policy

How The AI Platform collects, uses, discloses, and protects personal information across the website, apps, workspaces, AI routing, specialists, and mini apps.

Overview

This Privacy Policy explains how Zephyr Cloud, Inc. collects, uses, discloses, and protects personal information when you use The AI Platform website, apps, hosted services, workspaces, model routing, specialists, mini apps, and related features.

Customer workspace content belongs to the customer. We process it to provide the services, keep them reliable, support requested integrations, and comply with applicable law.

Information we collect

We collect information you provide, information generated by use of the services, and information from connected services.

  • Account information, such as name, email, authentication identifiers, profile details, and organization membership.
  • Workspace content, such as messages, prompts, files, specialist instructions, mini apps, tool results, comments, tasks, and shared knowledge.
  • Provider and integration information, such as selected models, provider configuration, OAuth grants, connected tools, and metadata needed to operate integrations.
  • Billing information, such as plan, invoices, payment status, tax metadata, and billing contact details. Payment card data is handled by payment processors.
  • Usage, diagnostics, and device data, such as app version, operating system, crash logs, performance events, feature usage, download events, IP address, and approximate location inferred from IP.
  • Support and communications, such as messages you send us, feedback, bug reports, and related attachments.

How we use information

We use personal information to:

  • provide, maintain, secure, debug, and improve the services;
  • authenticate users and manage accounts, organizations, workspaces, roles, and permissions;
  • route AI requests, execute specialist workflows, call tools, and return model output;
  • process billing, enforce plan limits, and prevent fraud or abuse;
  • analyze reliability, performance, usage, and product quality;
  • send transactional notices, support replies, security alerts, and service updates;
  • comply with law, enforce terms, and protect users, us, and others.

AI processing and providers

The AI Platform can route prompts, files, messages, tool results, metadata, and related workspace content to model providers or tools selected by your workspace configuration. These providers and tools may process that content under their own terms, privacy policies, enterprise agreements, retention settings, or zero-data-retention commitments.

Workspace admins should configure providers, permissions, tools, and specialist access according to the sensitivity of the content users submit. Do not submit secrets, regulated information, or confidential third-party data unless your organization is authorized to process it through the selected services.

Cookies and analytics

We may use cookies, local storage, and similar technologies to keep users signed in, remember preferences, secure sessions, measure downloads, understand product usage, and diagnose issues.

The website and apps may use analytics providers such as PostHog to help us understand aggregate behavior and improve the product. We do not use customer workspace content for cross-context behavioral advertising.

How we disclose information

We may disclose information to:

  • service providers that host, secure, analyze, support, or operate the services;
  • model providers, tool providers, and integrations selected by users or workspace admins;
  • organization owners, admins, and members according to workspace settings and permissions;
  • payment processors and billing systems for subscriptions, invoices, taxes, and fraud prevention;
  • professional advisors, auditors, insurers, and legal authorities when needed;
  • successors in a merger, acquisition, financing, reorganization, or sale of assets;
  • others with your direction, consent, or as required by law.

Retention

We keep personal information for as long as needed to provide the services, meet legal and accounting obligations, resolve disputes, enforce agreements, maintain backups, prevent abuse, and support security. Retention periods may vary by data type, workspace settings, plan, provider configuration, and legal requirements.

Workspace admins may be able to delete or export certain workspace content. Some data may remain in backups, logs, or records for a limited period after deletion.

Security

We use reasonable technical and organizational measures designed to protect personal information. No method of transmission or storage is perfectly secure. You are responsible for protecting credentials, API keys, workspace membership, provider settings, and connected tools under your control.

Your choices and privacy rights

Depending on where you live, you may have rights to request access, correction, deletion, portability, restriction, objection, withdrawal of consent, or appeal of a privacy decision. You may also have rights to opt out of certain sale, sharing, targeted advertising, or profiling practices where applicable.

We do not sell customer workspace content. We do not use customer workspace content for targeted advertising. To make a privacy request, contact legal@theaiplatform.app. We may need to verify your identity and authority before acting on a request.

Regional notices

For users in the European Economic Area, United Kingdom, or Switzerland, our legal bases may include performance of a contract, legitimate interests, consent, and compliance with legal obligations. You may have the right to lodge a complaint with your local data protection authority.

For California residents, applicable law may require notice of categories of personal information collected, sources, purposes, disclosures, retention, and rights. The sections above provide those disclosures. We do not knowingly sell personal information or share customer workspace content for cross-context behavioral advertising.

International transfers

We and our service providers may process information in the United States and other countries. Where required, we use appropriate safeguards for international transfers.

Children

The services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child provided personal information to us, contact us so we can take appropriate action.

Changes to this policy

We may update this Privacy Policy from time to time. If changes are material, we will take reasonable steps to notify users, such as posting an updated effective date, showing an in-product notice, or sending email.

Contact

Privacy questions and requests can be sent to legal@theaiplatform.app.