Privacy Policy

Last updated: May 9, 2026

IntentOS (“we”, “us”) is operated by [YOUR LEGAL ENTITY NAME], a [JURISDICTION — e.g. United Kingdom] entity reachable at [CONTACT EMAIL]. This policy explains what data we collect, why, and what control you have over it.

The short version

IntentOS is a personal preference ledger. We collect the minimum data required to let you sign in, store your preferences, and let agents you authorize read them. We never sell your data, never share it with advertising networks, and you can export or delete everything at any time.

What we collect

• Account info: email address (used for magic-link sign-in via Supabase). Optional display name.
• Preference data: everything you put into your ledger — categories, structured fields, positive/negative examples, trust ledger entries, purchase history, freeform notes.
• Agent connections: names, descriptions, scopes, and a sha256 hash of each issued API key (we never store the plaintext).
• Audit log: a record of every read/write your connected agents make against the ledger — endpoint, scope, timestamp, IP address, user-agent string.
• Encrypted AI provider keys: the API keys you supply for chat AI and embeddings AI providers, encrypted at rest with AES-256-GCM. Stored as ciphertext only.

What we don't collect

• We don't use third-party analytics or advertising trackers.
• We don't log the plaintext of your AI provider keys or the contents of your provider responses.
• We don't track you across websites.

How we use it

• To authenticate you and keep you signed in.
• To store and serve your preference ledger.
• To make API calls to AI providers you connect, on your behalf, using your keys, only when you trigger a parse or your agent triggers a query.
• To populate your audit log so you can see what your agents have done with your data.
• To send transactional email (magic-link sign-in) via [YOUR EMAIL PROVIDER — e.g. Resend].

Third parties we share data with

IntentOS is built on these services. Each one processes data on our behalf under their own privacy commitments:

• Supabase — hosts our Postgres database and runs authentication. Stores your account row, preference data, encrypted provider keys, and agent records.
• Netlify — hosts the application. Receives your HTTP requests; standard server logs apply.
• [YOUR EMAIL PROVIDER] — delivers magic-link sign-in emails.
• The AI provider you choose (OpenAI, xAI, Anthropic, etc.) — receives the text of your preference paragraphs (for parsing) and your queries (for embeddings). The provider receives only what is needed to fulfill the immediate request, authenticated with your key, under their data-handling terms.
• [YOUR ERROR MONITORING — e.g. Sentry] — receives error stack traces and request metadata when something breaks. We do not send personal data into error reports intentionally; review your Sentry settings to scrub PII if you have stricter requirements.

Where data lives

Our Supabase project is hosted in [REGION — e.g. eu-west-1]. Netlify edge nodes serve static assets globally. Your AI provider's data residency is set by them — refer to their terms.

Security

• Row-level security (RLS) on every table — your data is scoped to your user ID at the database layer.
• Encrypted columns for sensitive fields (your AI keys are AES-256-GCM ciphertext; the column is REVOKE'd from anonymous and authenticated database roles).
• API keys you issue to agents are sha256-hashed; the plaintext is shown to you exactly once.
• Sign-in uses passwordless magic links; we don't handle passwords.

Your rights

You can, at any time:

• Access all your data via /api/v1/export(downloads your full ledger as JSON).
• Correct data by editing or removing entries from your dashboard.
• Delete your account and all data permanently from Settings → Danger zone. Deletion is immediate and irreversible.
• Object to specific processing or restrict it by revoking an agent in /dashboard/agents.
• Port data to another instance of IntentOS using the JSON export.

If you're in the EU/UK and want to exercise GDPR rights, or in California exercising CCPA rights, email [CONTACT EMAIL] and we'll respond within 30 days.

Children

IntentOS is not directed to children under 16. If we learn we've collected data from someone in that age range, we'll delete it.

Changes

We'll update this page when our practices change and bump the “Last updated” date at the top. For material changes that expand how we use your data, we'll notify you by email.

Contact

Questions, requests, or concerns: [CONTACT EMAIL].