Privacy Policy

Last updated: January 2025

Our Enterprise Commitment

  • We never train our AI models on your data
  • Your data remains exclusively yours
  • Complete data isolation between workspaces
  • Enterprise-grade encryption at rest and in transit
  • SOC 2 Type II compliant infrastructure

At Vanish, we are committed to protecting your privacy with enterprise-grade security. This Privacy Policy describes how we handle your information when you use our AI-powered workspace platform and services (collectively, the "Services").

By using Vanish, you agree to the collection and use of information in accordance with this policy. If you don't agree with this policy, please don't use our Services.

Information We Collect

Account Information

  • • Email address and name when you sign up
  • • Profile information you choose to provide
  • • Authentication data from third-party providers (Google OAuth)
  • • Billing information for paid subscriptions (processed securely by Stripe)

Usage Information

  • • Chat histories and conversations with AI co-workers
  • • Workspace content, documents, and artifacts you create
  • • AI agent interactions and memory data
  • • Tool usage and integration preferences
  • • Feature usage patterns and preferences

Technical Information

  • • IP address and device information
  • • Browser type and operating system
  • • Usage timestamps and session data
  • • Error logs and performance metrics

How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Services
  • Enable AI co-workers to provide personalized assistance within your workspace only (we never use your data to train our AI models)
  • Process payments and manage subscriptions
  • Communicate with you about updates, features, and support
  • Analyze usage patterns to improve user experience
  • Ensure security and prevent fraud
  • Comply with legal obligations

Enterprise Data Protection

Data Ownership & Control

  • 100% Data Ownership: You retain all rights to your data. We claim no ownership over your content, conversations, or any data you process through Vanish.
  • No AI Training: Your data is never used to train, improve, or develop our AI models. Each workspace operates in complete isolation.
  • Data Portability: Export all your data at any time in industry-standard formats. We support bulk exports and API access for enterprise customers.
  • Right to Deletion: Complete data deletion within 30 days of request, with cryptographic verification available.

Security Infrastructure

  • Encryption: AES-256 encryption at rest and TLS 1.3 in transit for all data
  • Infrastructure: SOC 2 Type II certified data centers with 99.99% uptime SLA
  • Access Controls: Role-based access control (RBAC) with audit logging for all data access
  • Compliance: GDPR, CCPA compliant with ongoing ISO 27001 certification

Enterprise Agreement Options

For Enterprise customers, we offer:

  • • Custom Data Processing Agreements (DPA)
  • • On-premises deployment options
  • • Dedicated infrastructure with single-tenant architecture
  • • Custom retention policies and compliance frameworks
  • • Regular security audits and penetration testing reports

Data Sharing and Third Parties

We maintain strict data sharing policies. We never sell your data and share information only when necessary for service operation:

Service Providers

We work with trusted third-party services to operate our platform:

  • • AI model providers (OpenAI, Anthropic) - Your data is never used for model training
  • • Stripe for payment processing (PCI-DSS compliant)
  • • Cloud infrastructure providers (AWS/GCP with SOC 2 compliance)
  • • Analytics services (privacy-focused, no PII shared)

Important: All service providers are bound by strict data processing agreements that prohibit them from using your data for any purpose other than providing services to Vanish.

With Your Consent

We'll share information with your explicit consent, such as when you authorize integrations with third-party tools via MCP protocol.

Legal Requirements

We may disclose information if required by law, court order, or to protect our rights and users' safety.

Team Collaboration

When you use team features, your workspace data may be visible to authorized team members according to permissions you set.

Data Security

We implement industry-standard security measures to protect your information:

  • • Encryption of data in transit and at rest
  • • Regular security audits and vulnerability assessments
  • • Access controls and authentication mechanisms
  • • Secure data centers with physical security measures
  • • Employee training on data protection practices

While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

Your Rights and Choices

You have several rights regarding your personal information:

Access & Portability

Request a copy of your personal data in a portable format

Correction

Update or correct inaccurate information in your account

Deletion

Request deletion of your account and associated data

Opt-Out

Unsubscribe from marketing communications

To exercise these rights, please contact us at iamjosephdaniels@gmail.com.

Data Retention

We retain your information for as long as necessary to provide our Services and fulfill the purposes outlined in this policy. Specifically:

  • • Active account data is retained while your account remains active
  • • Chat histories and AI memory data are retained to provide continuous learning experiences
  • • After account deletion, we may retain certain data for legal compliance, typically up to 90 days
  • • Anonymized usage data may be retained indefinitely for analytics

Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • • Maintain your session and authentication state
  • • Remember your preferences and settings
  • • Analyze usage patterns and improve our Services
  • • Provide security features

You can control cookies through your browser settings, but disabling them may affect functionality.

International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy, regardless of where it is processed.

Children's Privacy

Vanish is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will promptly delete it. If you believe we have information from a child under 13, please contact us.

Changes to This Policy

We may update this Privacy Policy from time to time. We'll notify you of material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we may also notify you via email or through the Services.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: iamjosephdaniels@gmail.com

Subject Line: Privacy Policy Inquiry