Privacy Policy
Last updated: June 22, 2026
1. Scope
This Privacy Policy describes how Permute AI, Inc. collects, uses, shares, and protects information when you visit permute.ai, interact with our marketing pages, create or use a Permute account, connect data sources, use the Permute cloud service, or communicate with us.
Customer Content submitted to Permute by or on behalf of a business customer is governed by the customer's agreement with Permute. Where Permute processes Customer Personal Data on behalf of Customer and Applicable Data Protection Laws require a data processing agreement, our Data Processing Agreement applies unless a signed data processing agreement controls instead.
2. Information We Collect
- Account and workspace information: name, email address, organization, workspace, role, login, authentication, membership, and account settings.
- Customer Content: datasets, files, connected-source data, prompts, messages, reports, dashboards, notes, generated artifacts, connector metadata, and other content submitted to or generated through the Product.
- Connector and credential information: OAuth grants, tokens, service-account details, API keys, provider configuration, and related metadata needed to connect third-party systems at Customer's direction.
- Billing information: plan, subscription, payment status, billing contact, Stripe customer identifiers, invoices, and checkout or billing portal activity. Payment card details are handled by Stripe.
- Website and marketing information: newsletter email address, contact-form information, job title, company email, source page, UTM parameters, consent timestamp, and communications with us.
- Usage, device, and log information: IP address, browser and device information, pages or product areas viewed, events, timestamps, diagnostics, errors, security logs, and similar telemetry.
3. How We Use Information
- Provide, operate, secure, monitor, and improve the Product.
- Create and administer accounts, organizations, workspaces, permissions, and sessions.
- Sync, search, analyze, transform, and present Customer Content as directed by Customer and Users.
- Process payments, manage subscriptions, enforce limits, and maintain billing records.
- Respond to support, sales, newsletter, and contact requests.
- Detect, prevent, investigate, and respond to abuse, security events, fraud, and policy violations.
- Comply with legal obligations and enforce agreements.
- Send service, transactional, administrative, security, and product communications.
- Send marketing communications where permitted, with the ability to unsubscribe.
4. AI and Model Infrastructure
Permute uses artificial intelligence and machine learning infrastructure to provide analysis, search, summarization, report generation, agent workflows, and related Product features. Customer Content and Usage Data may be processed by Permute and its service providers as needed to provide those features, subject to the applicable customer agreement.
5. How We Share Information
- Service providers: cloud hosting, storage, databases, authentication, analytics, email, billing, AI/model infrastructure, monitoring, support, and security vendors.
- Customer-directed integrations: third-party systems Customer chooses to connect, such as CRM, accounting, file storage, warehouse, communication, or business applications.
- Within Customer organizations: account, workspace, usage, and Customer Content may be visible to authorized Users and administrators according to their roles.
- Legal and safety: regulators, courts, law enforcement, or other third parties when required by law or reasonably necessary to protect rights, safety, security, and integrity.
- Business transactions: as part of an actual or proposed merger, financing, acquisition, reorganization, sale of assets, or similar transaction.
6. Security and Retention
We use administrative, technical, and organizational safeguards designed to protect information, including encryption, access controls, workspace isolation, logging, and credential protection. No method of storage or transmission is completely secure.
We retain information for as long as needed to provide the Product, comply with legal obligations, resolve disputes, enforce agreements, maintain security, and operate our business. Customer Content deletion and export are governed by the applicable customer agreement and Product functionality.
7. Cookies and Similar Technologies
Permute uses cookies, local storage, session storage, pixels, SDKs, and similar technologies on permute.ai, app.permute.ai, and related Permute services.
| Category | Type | Purpose | Duration |
|---|---|---|---|
| Authentication and security | Essential | Keeps users signed in, refreshes product access, protects sessions, and helps prevent unauthorized requests. | Session to 400 days, depending on the item |
| Authentication flow state | Essential | Completes login, callback, return-path, and CSRF flows. | Usually until the browser tab is closed or the flow is cleared |
| Product preferences | Preference | Remembers user interface preferences such as layout, navigation, and ordering choices. | Until cleared by the user, browser, or Product |
| Drafts and temporary product state | Preference | Saves in-progress drafts, report configuration, temporary upload metadata, and similar product state. | Until cleared by the user, browser, Product, or browser tab |
| Performance cache | Performance | Caches recently loaded product data to make pages faster and reduce repeated requests. | Usually until the browser tab is closed or the cache is refreshed |
| Analytics and diagnostics | Analytics | Helps us understand product usage, diagnose errors, measure performance, and improve Permute. | Controlled by provider configuration and browser settings |
| Embedded media and third-party services | Functional or Analytics | Supports embedded media, billing, analytics, support, and other services used to provide Permute. | Controlled by provider configuration and browser settings |
Permute also uses browser storage for authentication flow state, return paths, locally saved drafts, file upload state, layout preferences, and similar product behavior. Pixels, SDKs, and third-party services may set or read browser storage when they help us provide Permute, including billing, analytics, diagnostics, support, and embedded media where enabled. SDK-managed storage names and durations may vary by provider configuration, browser, and service version.
You can control cookies and clear browser storage through your browser settings. Blocking essential cookies may prevent login, checkout, billing, or product features from working correctly. Some browsers offer Do Not Track signals. There is no consistent industry standard for these signals, so Permute does not currently respond to them.
8. Your Choices
- You may update account information through the Product or by contacting us.
- You may unsubscribe from marketing emails using the unsubscribe link or by contacting us.
- Organization administrators may manage workspace access and certain Customer Content controls.
- Depending on your location, you may have rights to request access, correction, deletion, restriction, or portability of personal information.
9. Children
Permute is a business product and is not directed to children. We do not knowingly collect personal information from children under 13.
10. International Transfers
Permute is operated from the United States and may process information in the United States and other countries where we or our service providers operate. Those countries may have data protection laws different from the laws where you are located.
11. Changes
We may update this Privacy Policy from time to time. We will post the updated version on this page and update the "Last updated" date above.
12. Contact
If you have questions about this Privacy Policy, contact us at hello@permute.ai.