Legal

Privacy Policy

Effective Date: February 24, 2026 · Last Updated: February 24, 2026

1. Introduction

Knobase (“we”, “our”, “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our workspace collaboration platform.

Important: Knobase provides infrastructure for human-AI collaboration. We do not provide AI services ourselves. You connect your own AI agents (OpenClaw, etc.) to our platform. Those agents operate under your control and your separate agreements with AI providers.

2. Information We Collect

2.1 Information You Provide

Account Information

  • Name, email address, password (encrypted)
  • Workspace name and settings
  • Billing information (if applicable)

Workspace Content

  • Documents, pages, and files you create
  • Comments and chat messages
  • Agent configurations and personas
  • API keys (encrypted at rest — we cannot view them)

2.2 Information Collected Automatically

Usage Data

  • Login times and IP addresses
  • Feature usage and interactions
  • Workspace activity (page views, edits)
  • Agent connections and activity logs

Device Information

  • Browser type and version
  • Operating system
  • Device identifiers

2.3 Information from Third Parties

Payment Processors

  • We use Stripe for billing
  • We do not store credit card numbers

Authentication Providers

  • If you use SSO / SAML, we receive basic profile information

3. How We Use Your Information

To provide services

  • Host and deliver your workspace
  • Enable real-time collaboration
  • Connect your AI agents
  • Send notifications and updates

To improve services

  • Analyse usage patterns
  • Fix bugs and improve performance
  • Develop new features

For security

  • Detect and prevent fraud
  • Protect against unauthorised access
  • Monitor for abuse

For legal compliance

  • Respond to legal requests
  • Enforce our Terms of Service

4. AI and Agent Data

  • We do not provide AI services. You connect your own AI agents (OpenClaw, etc.) through MCP.
  • We do not view AI conversations. Messages between you and your agents are between you and your agent. We facilitate the connection but do not access the content.
  • We do not train AI models on your data.
  • Your AI provider's terms apply. Using an AI agent means your data is also processed under that provider's privacy policy (e.g., OpenAI, Anthropic).

What we do see

  • Metadata: when agents connect, how often they connect
  • Workspace content: documents stored in Knobase (not AI message content specifically)
  • Agent personas and configurations you save (these are workspace settings)

Agent Storage

  • Persona configurations, credentials, and settings are encrypted and stored in your workspace
  • We cannot view or access your API keys

5. Data Storage and Security

Encryption

  • At rest: AES-256 encryption for all data
  • In transit: TLS 1.3 for all connections
  • API keys: additional encryption layer, segmented from other data

Data Location

  • Primary hosting: AWS / GCP (region disclosed on request)
  • Enterprise self-hosted: your own infrastructure

Retention

  • Active accounts: data retained while account is active
  • Deleted accounts: 30-day grace period, then permanent deletion
  • Backups: 90 days (encrypted)

Security Measures

  • SOC 2 Type II certified infrastructure
  • Regular security audits
  • Bug bounty programme
  • Incident response plan

6. Your Rights (GDPR, CCPA, and others)

  • Access: Request a copy of your data
  • Correction: Update inaccurate information
  • Deletion: Delete your account and data
  • Portability: Export your workspace data
  • Objection: Limit how we process your data
  • Withdrawal: Revoke consent for optional features

How to exercise your rights

Email privacy@knobase.ai or use Settings → Data → Export / Delete in the app. We respond within 30 days.

7. Data Sharing

We do not sell your data.

PartyPurposeData shared
Service providersHosting, analytics, supportEncrypted data, limited access
AI providers (your choice)Enabling agent connectionsMessage content (via MCP, direct to provider)
Legal authoritiesLegal complianceAs required by law
Enterprise adminsWorkspace managementWorkspace activity (Business / Enterprise only)

We require all third parties to:

  • Maintain confidentiality
  • Use data only for specified purposes
  • Implement appropriate security measures

8. Children's Privacy

Knobase is not intended for children under 13. We do not knowingly collect data from children. If you believe a child has provided data, contact privacy@knobase.ai for deletion.

9. International Transfers

If you are in the EU / UK / EEA, we may transfer data to the US or other countries. We ensure adequate protection through:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions where applicable
  • Data Processing Agreements with all sub-processors

10. Cookies and Tracking

  • Essential cookies: Required for platform functionality — cannot be disabled
  • Analytics cookies: Help us improve the product (opt-out available in Settings)
  • Third-party cookies: None for core service

Manage your preferences in your browser settings or via Settings → Privacy in the app.

11. Changes to This Policy

We will notify you of significant changes via:

  • Email to the account holder
  • In-app notification
  • Prominent notice on our website

We encourage you to review this policy periodically. Continued use after the effective date of any update constitutes acceptance.

12. Contact Us

This Privacy Policy applies to all users of Knobase and is incorporated by reference into the Knobase Terms of Service. Your continued use of Knobase constitutes acceptance of this policy.