Introduction
MyOrg.ai ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our MCP Server Datasets platform, website, and related services (collectively, the "Services").
By using our Services, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Services.
Information We Collect
Information You Provide to Us
We collect information you voluntarily provide when using our Services:
- Account Information: Name, email address, company name, job title, and password when you create an account
- Payment Information: Billing address and payment details (processed securely through our payment providers)
- Communications: Information you provide when contacting our support team or participating in surveys
- User Content: Data files you upload to our MCP servers for AI querying
Information Collected Automatically
When you access our Services, we automatically collect:
- Device Information: Browser type, operating system, device identifiers
- Usage Data: Pages visited, features used, query patterns, and interaction timestamps
- Log Data: IP addresses, access times, and referring URLs
- Cookies and Tracking: Session cookies, analytics cookies, and similar technologies
Important: Your uploaded data files are processed locally and are never transmitted to or stored on our servers unless explicitly configured for cloud processing. We do not access or analyze the contents of your data files.
How We Use Your Information
We use the information we collect for the following purposes:
| Purpose | Legal Basis |
|---|---|
| Providing and maintaining our Services | Contract performance |
| Processing payments and billing | Contract performance |
| Sending service notifications and updates | Legitimate interest |
| Improving our Services and developing new features | Legitimate interest |
| Responding to support requests | Contract performance |
| Ensuring security and preventing fraud | Legitimate interest / Legal obligation |
| Marketing communications (with consent) | Consent |
| Compliance with legal obligations | Legal obligation |
Data Sharing and Disclosure
We do not sell your personal information. We may share your information in the following circumstances:
- Service Providers: With trusted third parties who assist in operating our Services (hosting, analytics, payment processing)
- Business Transfers: In connection with a merger, acquisition, or sale of assets
- Legal Requirements: When required by law, court order, or governmental authority
- Protection of Rights: To protect our rights, privacy, safety, or property
- With Consent: With your explicit consent for any other purpose
Data Security
We implement industry-standard security measures to protect your information:
- TLS/SSL encryption for all data in transit
- AES-256 encryption for data at rest
- SOC 2 Type II certified infrastructure
- Regular security audits and penetration testing
- Access controls and employee security training
- Incident response procedures and breach notification protocols
While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.
Data Retention
We retain your information for as long as necessary to fulfill the purposes outlined in this policy:
- Account Data: Retained while your account is active and for 30 days after deletion request
- Usage Logs: Retained for 90 days for operational purposes
- Billing Records: Retained for 7 years for legal and tax compliance
- Support Communications: Retained for 3 years after resolution
Your Rights and Choices
Depending on your location, you may have the following rights:
- Access: Request a copy of your personal information
- Correction: Request correction of inaccurate information
- Deletion: Request deletion of your personal information
- Portability: Request your data in a portable format
- Objection: Object to certain processing activities
- Restriction: Request restriction of processing
- Withdraw Consent: Withdraw consent where processing is based on consent
To exercise these rights, please contact us at privacy@myorg.ai.
International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place:
- Standard Contractual Clauses approved by the European Commission
- Data Processing Agreements with all sub-processors
- Privacy Shield certification where applicable
Cookies and Tracking Technologies
We use cookies and similar technologies for:
- Essential Cookies: Required for the Services to function properly
- Analytics Cookies: To understand how visitors interact with our Services
- Preference Cookies: To remember your settings and preferences
You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of our Services.
Children's Privacy
Our Services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children. If we learn we have collected information from a child, we will promptly delete it.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Services after changes constitutes acceptance of the updated policy.
Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us:
Privacy Inquiries
Email: privacy@myorg.ai
Address: MyOrg.ai, Privacy Team, 123 Data Drive, San Francisco, CA 94105
Data Protection Officer: dpo@myorg.ai