Privacy Policy

Last updated: March 2026

Our Commitment to Your Privacy

  • We never train our AI models on your data
  • Your data remains exclusively yours
  • Data isolation between user accounts
  • Encryption in transit via HTTPS

At Vanish, we are committed to protecting your privacy. This Privacy Policy describes how we handle your information when you use our AI-powered platform and services (collectively, the "Services").

By using Vanish, you agree to the collection and use of information in accordance with this policy. If you don't agree with this policy, please don't use our Services.

Information We Collect

Account Information

  • • Email address and name when you sign up
  • • Profile information you choose to provide
  • • Authentication data from third-party providers (Google OAuth)
  • • Billing information for paid subscriptions (processed securely by Stripe)

Usage Information

  • • Chat histories and conversations with autonomous agents
  • • Workspace content, documents, and artifacts you create
  • • AI agent interactions and memory data
  • • Tool usage and integration preferences
  • • Feature usage patterns and preferences

Technical Information

  • • IP address and device information
  • • Browser type and operating system
  • • Usage timestamps and session data
  • • Error logs and performance metrics

How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Services
  • Enable autonomous agents to provide personalized assistance within your workspace only (we never use your data to train our AI models)
  • Process payments and manage subscriptions
  • Communicate with you about updates, features, and support
  • Analyze usage patterns to improve user experience
  • Ensure security and prevent fraud
  • Comply with legal obligations

Enterprise Data Protection

Data Ownership & Control

  • 100% Data Ownership: You retain all rights to your data. We claim no ownership over your content, conversations, or any data you process through Vanish.
  • No AI Training: Your data is never used to train, improve, or develop our AI models. Each workspace operates in complete isolation.
  • Data Portability: Export all your data at any time in industry-standard formats. We support bulk exports and API access for enterprise customers.
  • Right to Deletion: Complete data deletion within 30 days of request, with cryptographic verification available.

Security Practices

  • Encryption: All data transmitted via HTTPS/TLS
  • Infrastructure: Hosted on trusted cloud providers
  • Database: Encrypted connections for all data storage
  • Authentication: Secure authentication mechanisms

Enterprise Inquiries

For Enterprise customers with specific security or compliance requirements, please contact us at josephdanielsjr@vanishlabs.ai to discuss custom arrangements.

Data Sharing and Third Parties

We maintain strict data sharing policies. We never sell your data and share information only when necessary for service operation:

Service Providers

We work with trusted third-party services to operate our platform:

  • • AI model providers - Your data is never used for model training
  • • Payment processing providers
  • • Cloud infrastructure providers

Important: All service providers are bound by strict data processing agreements that prohibit them from using your data for any purpose other than providing services to Vanish.

Sub-Processors

We use the following sub-processors to deliver our Services:

ProviderPurposeLocation
AnthropicAI model processingUnited States
Google CloudAI processing, compute infrastructureUnited States
Temporal TechnologiesDurable workflow engineUnited States
VercelApplication hosting, edge networkUnited States
UpstashRedis cache, real-time messagingUnited States
NeonPostgreSQL databaseUnited States
TwilioSMS messagingUnited States
ComposioThird-party tool integrationsUnited States
Mem0Agent memory storageUnited States
PolarSubscription billingEuropean Union

With Your Consent

We'll share information with your explicit consent, such as when you authorize integrations with third-party tools via MCP protocol.

Legal Requirements

We may disclose information if required by law, court order, or to protect our rights and users' safety.

Team Collaboration

When you use team features, your workspace data may be visible to authorized team members according to permissions you set.

Data Security

We implement industry-standard security measures to protect your information:

  • • Encryption of data in transit and at rest
  • • Regular security audits and vulnerability assessments
  • • Access controls and authentication mechanisms
  • • Secure data centers with physical security measures
  • • Employee training on data protection practices

While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

Legal Basis for Processing

Contract Performance

Processing account data, providing Services, and managing subscriptions as necessary to fulfill our agreement with you.

Legitimate Interest

Security monitoring, fraud prevention, service improvement, and ensuring platform integrity. We balance our interests against your rights.

Consent

Marketing communications and optional data collection features. You may withdraw consent at any time.

Legal Obligation

Tax records, financial reporting, audit compliance, and responding to valid legal process.

Your Rights and Choices

You have several rights regarding your personal information:

Access & Portability

Request a copy of your personal data in a portable format

Correction

Update or correct inaccurate information in your account

Deletion

Request deletion of your account and associated data

Opt-Out

Unsubscribe from marketing communications

To exercise these rights, please contact us at josephdanielsjr@vanishlabs.ai.

Data Retention

We retain your information for as long as necessary to provide our Services and fulfill the purposes outlined in this policy. Specific retention periods by data type:

Chat histories

Retained until account deletion

SMS conversations

1 year

Agent decisions

1 year

Audit logs

2 years

Billing records

7 years (legal requirement)

Anonymized analytics

Indefinitely

After account deletion, identifiable data is purged within 30 days. Some data may be retained longer to comply with legal obligations.

Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • • Maintain your session and authentication state
  • • Remember your preferences and settings
  • • Analyze usage patterns and improve our Services
  • • Provide security features

You can control cookies through your browser settings, but disabling them may affect functionality.

International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy, regardless of where it is processed.

Children's Privacy

Vanish is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will promptly delete it. If you believe we have information from a child under 13, please contact us.

Data Processing Agreement

For enterprise customers, Vanish operates as a Data Processor under applicable data protection laws (GDPR, CCPA, etc.).

  • Enterprise DPA: A dedicated Data Processing Agreement is available upon request for Business and Enterprise plan customers.
  • Standard Contractual Clauses: We use EU Standard Contractual Clauses (SCCs) as the transfer mechanism for international data transfers outside the EEA.
  • DPA Requests: Contact josephdanielsjr@vanishlabs.ai to request a DPA or discuss specific data processing requirements.

Breach Notification

In the event of a data breach that affects your personal information:

  • 72-hour notification: We will notify affected users and relevant authorities within 72 hours of confirmed breach discovery.
  • Disclosure contents: Notifications will include the scope of the breach, categories of affected data, potential consequences, and remediation steps taken.
  • Enterprise priority: Business and Enterprise plan customers receive priority notification via their designated security contact.

Changes to This Policy

We may update this Privacy Policy from time to time. We'll notify you of material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we may also notify you via email or through the Services.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: josephdanielsjr@vanishlabs.ai

Subject Line: Privacy Policy Inquiry