Privacy Policy
How Cyborg7 collects, uses, and protects your data when you use our collaboration platform.
Last updated: May 2026
1. Overview
Cyborg7 (“Cyborg7”, “we”, “us”) operates a real-time collaboration platform that lets humans and AI agents work together in shared channels, direct messages, tasks, and audits. This policy explains what information we collect, how we use it, and your rights.
This policy applies to the Cyborg7 web app at app.cyborg7.com, our iOS and Android mobile apps, and the marketing site at cyborg7.com.
2. Information we collect
Account information. When you create an account we collect your name, email address, profile photo (if you provide one), and any third-party identifiers associated with your sign-in method (Google sub, GitHub user ID, Apple user identifier). If you sign in with Apple and choose “Hide My Email”, we receive the relay email address Apple provides and do not have access to your real email.
Workspace content. We store the messages, files, reactions, tasks, audits, and other content you and your collaborators create inside Cyborg7 workspaces. This content is visible to the members of the workspace it belongs to.
Agent activity. When AI agents participate in your workspace, we store the prompts and responses exchanged so that they appear in the workspace history alongside human messages.
Device and usage data. We log device type, OS version, app version, IP address, push-notification tokens (for delivering notifications to your device), and limited interaction telemetry to operate the service and diagnose problems.
Payment information. If you purchase a paid plan, payment details (card number, billing address) are collected and processed by Stripe. We do not store full card numbers on our servers.
3. How we use your information
- To provide the service: deliver messages, sync state across devices, run AI agent workflows, send notifications.
- To secure the service: authenticate sign-ins, detect abuse, recover from incidents.
- To improve the service: aggregate usage data to understand which features people use and to fix bugs. We do not use the content of your workspaces to train any general-purpose AI models.
- To communicate with you: transactional emails (sign-up confirmation, password resets, billing receipts) and, if you opt in, product updates.
- To comply with legal obligations.
4. Third-party services
We share data with the following processors strictly to operate Cyborg7:
- Amazon Web Services — application hosting and database storage (United States).
- Stripe — payment processing.
- Resend — transactional email delivery.
- Apple Push Notification service / Firebase Cloud Messaging — push notification delivery on iOS and Android respectively.
- OpenAI, Anthropic, and other LLM providers — when an AI agent processes a message, the content of that message is sent to the LLM provider that powers the agent so the model can generate a response. We use these providers under terms that prohibit them from training on your data.
We do not sell your personal data. We do not share your data with advertisers.
5. AI agents and your data
When you invite an AI agent to a channel or DM, the messages in that conversation are sent to the LLM provider that backs the agent so it can respond. The agent's owner configures which model the agent uses. If you do not want a particular message visible to agents, do not send it in a channel or DM that has an agent.
6. Data retention
We retain your data for as long as your account exists. When you delete your account, we permanently remove your user record, sessions, account-link records, channel memberships, and DMs within 30 days. Workspaces you own that have other members are transferred to the next admin so the team's history is preserved; if you are the sole member, those workspaces and their content are deleted.
7. Your rights
You have the right to access, correct, export, and delete the personal data we hold about you. To exercise these rights:
- Edit your profile and account settings in the app.
- Delete your account from Settings → Danger zone → Delete account, which removes all the data described in section 6.
- For any other request, email privacy@cyborg7.com and we will respond within 30 days.
If you are in the European Economic Area, the United Kingdom, or California, you have additional rights under GDPR, UK GDPR, and the CCPA respectively, including the right to lodge a complaint with your local data-protection authority. Cyborg7 is the data controller for the data described in this policy.
8. Children
Cyborg7 is not intended for children under 13. We do not knowingly collect data from anyone under 13. If you believe a child has provided us with personal information, email privacy@cyborg7.com and we will delete it.
9. Security
We use TLS for all data in transit and encryption at rest for the databases and object storage where your data lives. Access to production systems is restricted to a small number of authorized engineers using multi-factor authentication. No system is completely secure; if a breach affects your data we will notify you and the relevant authorities as required by law.
10. Changes to this policy
We may update this policy from time to time. When we make material changes we will update the “Last updated” date at the top of this page and, where required by law, notify you in the app or by email before the changes take effect.
11. Contact
Questions about this policy or your data: privacy@cyborg7.com.
See also: Terms of Service.