POLICIES

Privacy Policy

Privacy Policy

Privacy Policy

Privacy Policy

This Privacy Policy describes how Otonomii collects, uses, discloses and protects personal data when you use our products, services, websites and applications.

It applies to customers, end users, website visitors, job applicants and business contacts. We process personal data in accordance with applicable data protection laws, including GDPR, CCPA/CPRA and other regional privacy legislation.

01 Collection of Personal Data

We collect personal data you provide directly, data collected automatically through use of our Services and certain categories of data used to train, improve and evaluate our AI models.

Data You Provide Directly

Identity and Contact Information

Name, email address, phone number, job title, company name and mailing address provided during account registration, subscription purchase or communication with us.

Payment Information

Credit card numbers, billing addresses and payment method details processed through PCI DSS-compliant payment processors. We do not store full card numbers on our servers.

Inputs and Outputs

Prompts, queries, documents, data files and other content submitted to our AI services, as well as responses, analyses, decisions and generated content returned by the Services.

Feedback

Ratings, reviews, bug reports, feature requests, survey responses and other feedback you provide about our Services.

Communications

Content of emails, chat messages, support tickets and other communications exchanged with Otonomii, including timestamps and recipient metadata.

Data Collected Automatically

Device Information

IP address, browser type and version, operating system, device identifiers, screen resolution and language preferences.

Usage Data

Pages visited, features used, actions taken, timestamps, session duration, click pattern and navigation paths.

Log Data

Server logs including request URLs, response codes, referrer URLs and technical error information.

Cookies and Similar Technologies

First-party and third-party cookies, web beacons, pixel tags and local storage used for authentication, preferences, analytics and security.

Model Training Data

Publicly Available Data

Data from public websites, open datasets, government records and other publicly accessible sources, collected in compliance with applicable terms and robots.txt directives.

Commercial Datasets

Data licensed from third-party providers under agreements that authorize use for model training purposes.

User Inputs and Outputs

Inputs and Outputs from non-enterprise, non-API users may be used for model improvement unless the user opts out. Enterprise and API customer data is never used for training.

Feedback Data

Thumbs up/down ratings, preference selections and explicit feedback provided through in-product feedback mechanisms.

Safety Flagged Materials

Content that triggers safety classifiers may be retained and reviewed to improve safety systems, regardless of opt-out status.

02 Uses of Personal Data

We use personal data to provide, maintain, secure, improve, and operate the Services, communicate with users, process payments, prevent fraud, resolve disputes, conduct research, and comply with legal obligations.

Service provisionFeatures and improvementsCommunicationsAccount managementPayment processingFraud preventionDispute resolutionDebugging and error resolutionResearchLegal compliance

03 Disclosure of Personal Data

We do not sell your personal data. We may share personal data only in limited circumstances, including with affiliates, service providers, in corporate transactions, where required by law or with your consent.

Affiliates

We may share data with Otonomii subsidiaries and affiliated companies for purposes consistent with this Privacy Policy.

Service Providers

We share data with third-party service providers who process data on our behalf, including cloud infrastructure, payment processors, analytics, support tools and email delivery services.

Corporate Transactions

In connection with a merger, acquisition, reorganization, bankruptcy or sale of assets, personal data may be transferred as part of the transaction.

Government and Law Enforcement

We may disclose personal data when required by law, regulation, legal process or governmental request.

With Your Consent

We may share personal data with third parties when you have given explicit consent. You may withdraw consent at any time.

04 Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal data. To exercise these rights, contact privacy@otonomii.com or use self-service tools in your account settings.

01

Right to Know

You have the right to know what personal data we collect, the purposes for which it is used and the categories of third parties with whom it is shared.

02

Right to Access and Portability

You have the right to receive a copy of your personal data in a structured, commonly used, machine-readable format.

03

Right to Deletion

You have the right to request deletion of your personal data, subject to legal and legitimate business retention requirements.

04

Right to Correction

You have the right to request correction of inaccurate personal data.

05

Right to Object

You have the right to object to processing based on legitimate interests.

06

Right to Restriction

You have the right to request restriction of processing in certain circumstances.

07

Right to Withdraw Consent

Where processing is based on consent, you may withdraw consent at any time.

08

No Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects.

09

No Data Sales

Otonomii does not sell personal data or share personal data for cross-context behavioral advertising.

05 International Data Transfers

Otonomii’s primary servers are located in the United States. If you access the Services from outside the United States, personal data may be transferred to, stored in and processed in the United States or other countries where we or our service providers operate.

Adequacy Decisions

For transfers to countries with an adequacy decision from the European Commission or equivalent authority, no additional safeguards are required.

Standard Contractual Clauses

For transfers to countries without an adequacy decision, we rely on European Commission-approved Standard Contractual Clauses supplemented by Transfer Impact Assessments.

Derogations

In limited circumstances, transfers may be based on explicit consent, contract necessity or important reasons of public interest.

06 Data Retention and Security

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected. Where possible, we aggregate or de-identify data for analytical and research purposes.

Account DataDuration of account relationship plus 30 days
Inputs and Outputs30 days by default, configurable by enterprise customers
Payment Records7 years for tax and financial regulations
Log Data12 months
Safety-Flagged Content24 months for safety evaluation

Security Measures

Technical measures include AES-256 encryption at rest, TLS 1.3 encryption in transit, HSM key management, multi factor authentication, network segmentation and intrusion detection. Organizational measures include security awareness training, background checks, incident response, continuity planning and third party security assessments.

07 Children’s Privacy

Our Services are not directed to individuals under 18. We do not knowingly collect personal data from children under 18. If we become aware that we have collected such data without verification of parental consent, we will take steps to delete it within 30 days.

Enterprise customers who deploy Otonomii in environments where minors may be present are responsible for age verification, parental consent mechanisms and age-appropriate content filtering as required by law.

08 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements or other factors.

For material changes, we will provide at least 30 days advance notice by email and a prominent website notice. Non-material changes may be made without advance notice. Continued use of the Services after the effective date constitutes acceptance of the changes.

09 Contact Information

Privacy Inquiries

privacy@otonomii.com

For general privacy questions, data subject rights requests and privacy complaints.

Data Protection Officer

dpo@otonomii.com

For GDPR-specific inquiries, regulatory correspondence and matters requiring DPO attention.

Otonomii, Inc.

548 Market Street, Suite 46382
San Francisco, CA 94104
United States

Otonomii Europe Ltd.

70 Sir John Rogerson’s Quay
Dublin 2, D02 R296
Ireland

10 Legal Bases for Processing

For individuals in the European Economic Area and United Kingdom, we process personal data on the following legal bases.

Contract PerformanceAccount creation, service provision, payment processing, subscription management, customer support
ConsentMarketing communications, optional analytics, model training with user inputs and outputs, cookie preferences
Legitimate InterestsService improvement, fraud prevention, security monitoring, debugging, internal research, product analytics
Legal ObligationTax reporting, regulatory compliance, law enforcement requests, records retention, anti-money laundering

11 Regional Supplements

Canada

PIPEDA

We process personal information in accordance with PIPEDA and applicable provincial legislation. Express consent is obtained for sensitive personal information and cross border transfers receive comparable protection through contractual or other means.

Brazil

LGPD

Individuals in Brazil have rights to confirmation, access, correction, anonymization, portability, deletion, information about sharing and revocation of consent. International transfers are protected by appropriate safeguards.

Republic of Korea

PIPA

We provide rights required under PIPA, including access, correction, deletion and suspension of processing. Separate consent is obtained for sensitive information and overseas transfers where required.

Privacy Policy

This Privacy Policy describes how Otonomii collects, uses, discloses and protects personal data when you use our products, services, websites and applications.

It applies to customers, end users, website visitors, job applicants and business contacts. We process personal data in accordance with applicable data protection laws, including GDPR, CCPA/CPRA and other regional privacy legislation.

01 Collection of Personal Data

We collect personal data you provide directly, data collected automatically through use of our Services and certain categories of data used to train, improve and evaluate our AI models.

Data You Provide Directly

Identity and Contact Information

Name, email address, phone number, job title, company name and mailing address provided during account registration, subscription purchase or communication with us.

Payment Information

Credit card numbers, billing addresses and payment method details processed through PCI DSS-compliant payment processors. We do not store full card numbers on our servers.

Inputs and Outputs

Prompts, queries, documents, data files and other content submitted to our AI services, as well as responses, analyses, decisions and generated content returned by the Services.

Feedback

Ratings, reviews, bug reports, feature requests, survey responses and other feedback you provide about our Services.

Communications

Content of emails, chat messages, support tickets and other communications exchanged with Otonomii, including timestamps and recipient metadata.

Data Collected Automatically

Device Information

IP address, browser type and version, operating system, device identifiers, screen resolution and language preferences.

Usage Data

Pages visited, features used, actions taken, timestamps, session duration, click pattern and navigation paths.

Log Data

Server logs including request URLs, response codes, referrer URLs and technical error information.

Cookies and Similar Technologies

First-party and third-party cookies, web beacons, pixel tags and local storage used for authentication, preferences, analytics and security.

Model Training Data

Publicly Available Data

Data from public websites, open datasets, government records and other publicly accessible sources, collected in compliance with applicable terms and robots.txt directives.

Commercial Datasets

Data licensed from third-party providers under agreements that authorize use for model training purposes.

User Inputs and Outputs

Inputs and Outputs from non-enterprise, non-API users may be used for model improvement unless the user opts out. Enterprise and API customer data is never used for training.

Feedback Data

Thumbs up/down ratings, preference selections and explicit feedback provided through in-product feedback mechanisms.

Safety Flagged Materials

Content that triggers safety classifiers may be retained and reviewed to improve safety systems, regardless of opt-out status.

02 Uses of Personal Data

We use personal data to provide, maintain, secure, improve, and operate the Services, communicate with users, process payments, prevent fraud, resolve disputes, conduct research, and comply with legal obligations.

Service provisionFeatures and improvementsCommunicationsAccount managementPayment processingFraud preventionDispute resolutionDebugging and error resolutionResearchLegal compliance

03 Disclosure of Personal Data

We do not sell your personal data. We may share personal data only in limited circumstances, including with affiliates, service providers, in corporate transactions, where required by law or with your consent.

Affiliates

We may share data with Otonomii subsidiaries and affiliated companies for purposes consistent with this Privacy Policy.

Service Providers

We share data with third-party service providers who process data on our behalf, including cloud infrastructure, payment processors, analytics, support tools and email delivery services.

Corporate Transactions

In connection with a merger, acquisition, reorganization, bankruptcy or sale of assets, personal data may be transferred as part of the transaction.

Government and Law Enforcement

We may disclose personal data when required by law, regulation, legal process or governmental request.

With Your Consent

We may share personal data with third parties when you have given explicit consent. You may withdraw consent at any time.

04 Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal data. To exercise these rights, contact privacy@otonomii.com or use self-service tools in your account settings.

01

Right to Know

You have the right to know what personal data we collect, the purposes for which it is used and the categories of third parties with whom it is shared.

02

Right to Access and Portability

You have the right to receive a copy of your personal data in a structured, commonly used, machine-readable format.

03

Right to Deletion

You have the right to request deletion of your personal data, subject to legal and legitimate business retention requirements.

04

Right to Correction

You have the right to request correction of inaccurate personal data.

05

Right to Object

You have the right to object to processing based on legitimate interests.

06

Right to Restriction

You have the right to request restriction of processing in certain circumstances.

07

Right to Withdraw Consent

Where processing is based on consent, you may withdraw consent at any time.

08

No Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects.

09

No Data Sales

Otonomii does not sell personal data or share personal data for cross-context behavioral advertising.

05 International Data Transfers

Otonomii’s primary servers are located in the United States. If you access the Services from outside the United States, personal data may be transferred to, stored in and processed in the United States or other countries where we or our service providers operate.

Adequacy Decisions

For transfers to countries with an adequacy decision from the European Commission or equivalent authority, no additional safeguards are required.

Standard Contractual Clauses

For transfers to countries without an adequacy decision, we rely on European Commission-approved Standard Contractual Clauses supplemented by Transfer Impact Assessments.

Derogations

In limited circumstances, transfers may be based on explicit consent, contract necessity or important reasons of public interest.

06 Data Retention and Security

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected. Where possible, we aggregate or de-identify data for analytical and research purposes.

Account DataDuration of account relationship plus 30 days
Inputs and Outputs30 days by default, configurable by enterprise customers
Payment Records7 years for tax and financial regulations
Log Data12 months
Safety-Flagged Content24 months for safety evaluation

Security Measures

Technical measures include AES-256 encryption at rest, TLS 1.3 encryption in transit, HSM key management, multi factor authentication, network segmentation and intrusion detection. Organizational measures include security awareness training, background checks, incident response, continuity planning and third party security assessments.

07 Children’s Privacy

Our Services are not directed to individuals under 18. We do not knowingly collect personal data from children under 18. If we become aware that we have collected such data without verification of parental consent, we will take steps to delete it within 30 days.

Enterprise customers who deploy Otonomii in environments where minors may be present are responsible for age verification, parental consent mechanisms and age-appropriate content filtering as required by law.

08 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements or other factors.

For material changes, we will provide at least 30 days advance notice by email and a prominent website notice. Non-material changes may be made without advance notice. Continued use of the Services after the effective date constitutes acceptance of the changes.

09 Contact Information

Privacy Inquiries

privacy@otonomii.com

For general privacy questions, data subject rights requests and privacy complaints.

Data Protection Officer

dpo@otonomii.com

For GDPR-specific inquiries, regulatory correspondence and matters requiring DPO attention.

Otonomii, Inc.

548 Market Street, Suite 46382
San Francisco, CA 94104
United States

Otonomii Europe Ltd.

70 Sir John Rogerson’s Quay
Dublin 2, D02 R296
Ireland

10 Legal Bases for Processing

For individuals in the European Economic Area and United Kingdom, we process personal data on the following legal bases.

Contract PerformanceAccount creation, service provision, payment processing, subscription management, customer support
ConsentMarketing communications, optional analytics, model training with user inputs and outputs, cookie preferences
Legitimate InterestsService improvement, fraud prevention, security monitoring, debugging, internal research, product analytics
Legal ObligationTax reporting, regulatory compliance, law enforcement requests, records retention, anti-money laundering

11 Regional Supplements

Canada

PIPEDA

We process personal information in accordance with PIPEDA and applicable provincial legislation. Express consent is obtained for sensitive personal information and cross border transfers receive comparable protection through contractual or other means.

Brazil

LGPD

Individuals in Brazil have rights to confirmation, access, correction, anonymization, portability, deletion, information about sharing and revocation of consent. International transfers are protected by appropriate safeguards.

Republic of Korea

PIPA

We provide rights required under PIPA, including access, correction, deletion and suspension of processing. Separate consent is obtained for sensitive information and overseas transfers where required.

Autonomous Intelligence For The Next Era of Finance
Logo

Company

Company

Company

About Otonomii

About Otonomii

About Otonomii

Company Overview

Company Overview

Company Overview

Community

Community

Community

Ecosystem

Ecosystem

Ecosystem

Contact us

Contact us

Contact us

Contact

Contact

Contact

CEO

CEO

CEO

Contact us

Contact us

Contact us

Platform

Platform

Platform

Platform Overview

Platform Overview

Platform Overview

Enterprise Infrastructure

Enterprise Infrastructure

Enterprise Infrastructure

Security Architecture

Security Architecture

Security Architecture

Trust & Governance

Trust & Governance

Trust & Governance

Solutions

Solutions

Solutions

Autonomous Agents

Autonomous Agents

Autonomous Agents

Agentic System

Agentic System

Agentic System

Process Intelligence

Process Intelligence

Process Intelligence

Operational Insights

Operational Insights

Operational Insights

Cognitive Intelligence

Cognitive Intelligence

Cognitive Intelligence

AI Decision Engine

AI Decision Engine

AI Decision Engine

Research

Research

Research

Architecture Guide

Architecture Guide

Architecture Guide

Cognitive Model

Cognitive Model

Cognitive Model

Research Archive

Research Archive

Research Archive

Research Center

Research Center

Research Center

Investors

Investors

Investors

Investor Relation

Investor Relation

Investor Relation

Investor Portal

Investor Portal

Investor Portal

Legal

Legal

Legal

Personal Terms

Personal Terms

Personal Terms

Platform Terms

Platform Terms

Platform Terms

Enterprise Terms

Enterprise Terms

Enterprise Terms

Enterprise Policies

Enterprise Policies

Enterprise Policies

Data and Governance

Data and Governance

Data and Governance

Privacy Policy

Privacy Policy

Privacy Policy

Compliance

Compliance

Compliance

Regulatory Standards

Regulatory Standards

Regulatory Standards

Compliance Framework

Compliance Framework

Compliance Framework

Disclosure Guidlines

Disclosure Guidlines

Disclosure Guidlines

Transparency Policy

Transparency Policy

Transparency Policy

Acceptable Use

Acceptable Use

Acceptable Use

Usage Policy

Usage Policy

Usage Policy

2026 © Otonomii LTD. All rights reserved.

TOP

Autonomous Intelligence For The Next Era of Finance
Logo

Company

Company

Company

Platform

Platform

Platform

Solutions

Solutions

Solutions

Research

Research

Research

Investors

Investors

Investors

Legal

Legal

Legal

Compliance

Compliance

Compliance

2026 © Otonomii LTD. All rights reserved.

TOP

Autonomous Intelligence For The Next Era of Finance
Logo

Company

Company

Company

About Otonomii

About Otonomii

About Otonomii

Company Overview

Company Overview

Company Overview

Community

Community

Community

Ecosystem

Ecosystem

Ecosystem

Contact us

Contact us

Contact us

Contact

Contact

Contact

CEO

CEO

CEO

Contact us

Contact us

Contact us

Platform

Platform

Platform

Platform Overview

Platform Overview

Platform Overview

Enterprise Infrastructure

Enterprise Infrastructure

Enterprise Infrastructure

Security Architecture

Security Architecture

Security Architecture

Trust & Governance

Trust & Governance

Trust & Governance

Solutions

Solutions

Solutions

Autonomous Agents

Autonomous Agents

Autonomous Agents

Agentic System

Agentic System

Agentic System

Process Intelligence

Process Intelligence

Process Intelligence

Operational Insights

Operational Insights

Operational Insights

Cognitive Intelligence

Cognitive Intelligence

Cognitive Intelligence

AI Decision Engine

AI Decision Engine

AI Decision Engine

Research

Research

Research

Architecture Guide

Architecture Guide

Architecture Guide

Cognitive Model

Cognitive Model

Cognitive Model

Research Archive

Research Archive

Research Archive

Research Center

Research Center

Research Center

Investors

Investors

Investors

Explained

Explained

Explained

Investor Portal

Investor Portal

Investor Portal

Legal

Legal

Legal

Personal Terms

Personal Terms

Personal Terms

Platform Terms

Platform Terms

Platform Terms

Enterprise Terms

Enterprise Terms

Enterprise Terms

Enterprise Policies

Enterprise Policies

Enterprise Policies

Data and Governance

Data and Governance

Data and Governance

Privacy Policy

Privacy Policy

Privacy Policy

Compliance

Compliance

Compliance

Regulatory Standards

Regulatory Standards

Regulatory Standards

Compliance Framework

Compliance Framework

Compliance Framework

Disclosure Guidlines

Disclosure Guidlines

Disclosure Guidlines

Transparency Policy

Transparency Policy

Transparency Policy

Acceptable Use

Acceptable Use

Acceptable Use

Usage Policy

Usage Policy

Usage Policy

2026 © Otonomii LTD. All rights reserved.

TOP