Privacy Policy
Effective July 18, 2026
1. Who this applies to
gnt.ai (“gnt.ai,” “we,” “us”) is a git-native rules-governance layer for AI agents. An organization (“org,” “you,” “your”) connects gnt.ai to a GitHub repository of policy and rule content and, optionally, Slack. AI agents call gnt.ai’s MCP server to look up rules and check actions against them.
gnt.ai is business-to-business infrastructure. This policy describes what we collect from an org and the people acting on its behalf — its members, and any AI agents it authorizes — not end-consumers of your own product.
2. Information we collect
We collect the following categories of information:
- Account and identity data. Email address, name, and, if you choose to sign in that way, your Google or GitHub OAuth identity.
- Rule content.The text of the policies and rules your org writes or imports — titles, bodies, tags, and source citations. This is the core data our product exists to govern, and it can be sensitive internal company policy.
- Connection credentials. A GitHub personal access token and, if you connect it, a Slack bot token. These are encrypted at rest and are never returned by any API response after the moment they are set.
- Usage data. Which rules get served to your agents, coverage gaps (queries with no matching rule), rule freshness metadata, and aggregate usage counters. We do not sell or use this data for advertising.
- Payment information. If you subscribe, billing is handled by Stripe. We do not store your card number; Stripe processes and stores payment details under its own privacy policy.
- Audio, only if you use the voice-capture feature — sent directly to our transcription provider and not retained by gnt.ai after the transcript is returned.
3. How we use information
- To operate the core product: storing, versioning, retrieving, and serving your org’s rules.
- To extract candidate rules from source material you point our CLI at, and to check actions and detect contradictions using a language model.
- To authenticate you and maintain your session.
- To send transactional email: sign-in codes, organization invitations, and (if enabled) a weekly usage digest.
- To bill you, if you subscribe to a paid plan.
- To maintain security, prevent abuse, and enforce rate limits.
- To comply with legal obligations.
4. How your data reaches a model, and what’s masked first
gnt.ai’s CLI (gnt prebrain) runs primarily on your own device. Source material you point it at is read locally and passed through a local privacy gate — a layered set of detectors (pattern matching, named-entity recognition, and a local-model contextual pass) that replaces emails, API keys, SSNs, and similar values with typed placeholders before anything is sent anywhere. In cloud extraction mode, only that masked text reaches the extraction model; in local mode, nothing leaves your device at all.
Content submitted through a connected webhook or the Slack integration follows a different path: because there is no device of yours in that path, it reaches our server directly and is masked there, on arrival, before anything is stored. That masking is permanent — there is no way to recover the original text afterward.
Rules already approved and merged into your repository are not put through the privacy gate before being served to your agents via search or check_action— by the time a rule is approved, it is your org’s own reviewed content, not raw third-party source text.
5. Who we share data with
We share data only with the service providers (subprocessors) needed to run the product:
- Anthropic — rule content, for extraction and contradiction-detection calls.
- ZeroEntropy — rule title and body text, embedded and reranked to power search.
- Groq — audio, if you use voice capture, for speech-to-text.
- Resend — email addresses and message content, for transactional email.
- Stripe — billing and payment information, if you subscribe.
- Railway and Vercel — infrastructure hosting for our database, API, and web application.
- Slack — only if you connect the Slack integration.
- Google or GitHub — only if you choose to sign in via that provider; they receive the OAuth handshake, not rule content.
Your own connected GitHub repository is not a subprocessor in the ordinary sense — it is infrastructure you already own and control, and gnt.ai reads and writes to it with a token you supply, the same way any CI tool would.
We do not sell your data. We do not share it for advertising purposes.
6. Data retention
We retain your data for as long as your organization has an active account. If you request offboarding, an org admin can request a full export of your data and then permanently delete it — this is a two-step, admin-gated process that removes your organization’s account records and its entire rules mirror from our systems. Rule content itself continues to exist in your own connected GitHub repository, which you control independently of gnt.ai.
Offboarding today is an all-or-nothing operation at the organization level. If you need a more granular deletion request handled, contact us using the details below.
7. Security
- Connection credentials (GitHub tokens, Slack bot tokens) are encrypted at rest.
- API keys and webhook tokens are stored as one-way hashes, never in plaintext, after the moment they are issued.
- Row-level security is enforced at the database layer for every table that carries organization data, independent of application-level checks.
- Access to production systems is limited to the personnel who need it to operate the service.
- We do not currently hold a SOC 2, ISO 27001, or other third-party security certification. We will update this policy if that changes.
8. Cookies
We use one strictly necessary session cookie to keep you signed in. We do not use advertising, tracking, or third-party analytics cookies on our website.
9. Your rights
Depending on where you’re located, you may have rights to access, correct, export, or delete your personal data, and to object to or restrict certain processing. To exercise any of these rights, contact us using the details below and we will respond within a reasonable time and in accordance with applicable law.
If you are located in the European Economic Area, the United Kingdom, or Switzerland, you also have the right to lodge a complaint with your local data protection authority.
If you are a California resident, you have the right to know what personal information we collect and to request its deletion. We do not sell personal information as defined by the CCPA/CPRA.
10. International data transfers
Our infrastructure and subprocessors are primarily based in the United States. If you are accessing gnt.ai from outside the United States, your information will be transferred to, stored, and processed in the United States and other countries where our subprocessors operate.
11. Children’s privacy
gnt.ai is a business tool and is not directed at, or intended for use by, children. We do not knowingly collect personal information from anyone under 16.
12. Changes to this policy
We may update this policy from time to time. If we make material changes, we’ll update the effective date above and, where appropriate, notify you directly.
13. Contact us
Questions about this policy, or a request to exercise any of the rights above, can be sent to privacy@gntai.dev.