1. Scope
This Policy applies to PhorMind websites, applications, APIs, connectors, hosted workspaces, support interactions, and related business operations that link to this Policy. If your organization has a separate written agreement with PhorMind, that agreement may contain additional privacy, security, retention, and data processing terms for your workspace.
2. Information We Collect
The information we collect depends on how your workspace configures PhorMind and which features you use.
- Account and workspace details, including name, email address, password credentials, tenant membership, roles, groups, workspace name, domain, and billing or trial information.
- Connector and content data that you authorize PhorMind to access, such as files, messages, tickets, pages, database rows, logs, websites, calendars, contacts, and related metadata.
- Chat, search, and agent activity, including prompts, retrieved sources, citations, generated answers, approval decisions, agent traces, feedback, and operational logs.
- Device, usage, and security data, including IP address, browser type, pages visited, API activity, request identifiers, sync status, error logs, and audit events.
- Information you provide through forms, support requests, demos, onboarding, surveys, or other communications with us.
3. How We Use Information
- Provide, operate, secure, and improve PhorMind’s enterprise search, chat, connector sync, agent runtime, no-code agent builder, governance, and MCP features.
- Authenticate users, enforce tenant boundaries, apply role-based and document-level access controls, run approvals, and maintain audit trails.
- Index and retrieve authorized workspace knowledge, generate cited answers, execute configured agents, and route requests to model providers or customer-selected infrastructure.
- Monitor reliability, debug issues, prevent abuse, protect against prompt injection and data exfiltration, and support compliance operations.
- Manage subscriptions, trials, billing, service notices, product updates, security alerts, and support communications.
- Comply with legal obligations, resolve disputes, and enforce agreements.
4. Customer Content, AI, and Connectors
PhorMind is designed to process customer content inside tenant-scoped boundaries. We use connected content to sync, index, retrieve, cite, summarize, answer questions, run approved agents, and provide support or security operations for the service.
AI-generated outputs may be based on prompts, retrieved snippets, conversation history, tool results, and agent instructions. Third-party model providers may process those inputs when your workspace uses their models or API keys. Review the provider terms and privacy practices for any model or external service you configure.
5. How We Share Information
We do not sell personal information. We may share information with service providers, AI model providers, connector providers, workspace administrators, regulators when required by law, parties involved in a business transaction, or other parties with your direction or consent.
6. Retention
We retain information for as long as needed to provide PhorMind, maintain security and audit records, support active workspaces, comply with legal obligations, resolve disputes, enforce agreements, and meet legitimate business needs.
7. Security
PhorMind uses administrative, technical, and organizational safeguards designed to protect information, including tenant isolation, encrypted secrets, access controls, audit logging, approval workflows, rate limiting, and security monitoring.
8. Cookies and Similar Technologies
We may use cookies, local storage, logs, and similar technologies to keep users signed in, remember preferences, operate security controls, understand product usage, and improve the website and application.
9. Your Choices and Rights
- Request access, correction, deletion, export, or restriction of personal information, subject to legal and service limits.
- Opt out of non-essential marketing communications.
- Ask your workspace administrator to manage workspace-controlled content, connector scopes, retention settings, or account membership.
- Contact us if you believe PhorMind is processing information about you on behalf of a customer workspace.
10. International Transfers
PhorMind and its service providers may process information in countries other than where you live. Where required, we use appropriate safeguards for cross-border transfers and process information according to applicable privacy and data protection laws.
11. Children
PhorMind is intended for business use and is not directed to children. We do not knowingly collect personal information from children under 13 or the minimum age required by applicable law.
12. Changes and Contact
We may update this Policy from time to time. The updated version will be posted on this page with a new last updated date. For privacy questions or requests, contact privacy@phormind.com.