Skip to content

Privacy & Cookie Policy

Last updated: November 2025

Company: Autonomy AI™

Address: Boston, Massachusetts

Contact: contact@auai.cloud

At Autonomy AI™, we respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, and safeguard your data.

Information We Collect

We collect information you provide directly to us, including:

  • Account Information: Name, email address, phone number, and billing details when you sign up for our products.
  • Usage Data: How you interact with our services, including pages visited, features used, and actions taken.
  • Communications: When you contact us via email, phone, or our contact form.
  • Cookies & Analytics: We use cookies and similar technologies to improve your experience and understand usage patterns.
  • Affiliate & Referral Data: When you click through partner links on our properties (such as BuckHound product links to Amazon, Walmart, Best Buy, or Target), we may earn affiliate commissions. We collect basic click data and referral information to track these commissions through partner programs including Amazon Associates, Impact.com, and other affiliate networks.

Cookies & Tracking Technologies

We use cookies and similar tracking technologies to make our sites and services work, understand how you use them, and provide a better experience.

Essential Cookies

These cookies are necessary for our services to function properly. They include session management, authentication, and security features. You cannot opt out of essential cookies.

Analytics Cookies

We use analytics services (such as PostHog, Google Analytics, Microsoft Clarity, and Vercel Analytics) to understand how visitors use our sites. This helps us improve the user experience and identify technical issues.

Affiliate Tracking Cookies

When you click on product links to partner retailers through our services (e.g., BuckHound), affiliate cookies are set to record your click. This allows us to earn commissions when you make purchases through these links at no extra cost to you.

Managing Cookies

You can control and delete cookies through your browser settings. Note that disabling essential cookies may impact your ability to use certain features of our services. Visit your browser's help pages for instructions on managing cookies.

How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our products and services
  • Process transactions and send notifications
  • Respond to your inquiries and provide customer support
  • Send you marketing communications (with your consent, where required)
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations

Information Sharing

We do not sell your personal information. We may share data with:

  • Service Providers: Third-party vendors who help us operate our business (e.g., payment processors, hosting providers, analytics services).
  • Legal Requirements: When required by law or to protect our rights and safety.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets.
  • Analytics & Affiliate Partners: We use third-party services including Google Analytics, PostHog, Microsoft Clarity, Vercel Analytics for analytics, and Impact.com, Amazon Associates for affiliate tracking. These services have their own privacy policies and cookie handling practices.

Data Security

We implement industry-standard security measures to protect your data, including encryption, access controls, and regular security audits. For more details, see our Security page.

Your Rights

Depending on your location, you may have the right to:

  • Access, correct, or delete your personal information
  • Object to or restrict certain processing activities
  • Data portability
  • Withdraw consent (where processing is based on consent)
  • Lodge a complaint with a data protection authority

To exercise these rights, please contact us using the information below.

Regional Privacy Rights

European Union & United Kingdom (GDPR): If you are located in the EU or UK, you have additional rights under the General Data Protection Regulation (GDPR), including the right to request access to your personal data, correct inaccuracies, delete your data, restrict processing, and data portability.

California (CCPA/CPRA): California residents have rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, request deletion, opt-out of data sales (note: we do not sell personal data), and non-discrimination for exercising your rights.

To exercise regional privacy rights, please email us at contact@auai.cloud with your request and jurisdiction.

Third-Party Services

Our products integrate with third-party services, including:

  • Stripe (payment processing)
  • Twilio (phone and SMS)
  • Vercel (hosting and analytics)
  • Supabase (database)
  • Anthropic Claude API (AI processing via MCP servers)

These services have their own privacy policies. We encourage you to review them.

MCP Server and Integration Data Practices

When you use our services with Claude (via Model Context Protocol / MCP servers) or connect third-party integrations, we handle specific types of credentials and data:

API Tokens and Credentials

  • Anthropic API Tokens: Your Claude API tokens are stored securely and used exclusively to authenticate requests to Anthropic's services on your behalf. We do not share these tokens with third parties.
  • OAuth Credentials: When you authorize third-party services (e.g., Google Drive, calendars, CRMs), we receive and store OAuth access tokens and refresh tokens. These are encrypted at rest and used only to access the specific resources you've authorized.
  • Scope of Access: We only request the minimum permissions required to provide our services. For example, Google Drive access is limited to files you explicitly choose to integrate, not your entire Drive.

Data Accessed Through Integrations

  • Document Content: When processing documents via Claude MCP servers (e.g., Google Drive files), content is transmitted to Anthropic's Claude API for analysis. This data is subject to Anthropic's Privacy Policy.
  • Calendar Data: When calendar integrations are enabled, we access event titles, times, attendees, and descriptions solely to book appointments and prevent scheduling conflicts.
  • CRM Data: When CRM integrations are enabled, we may access contact information, deal pipelines, and custom fields as configured by you to log interactions and update records.

Token Storage and Security

  • Encryption: All API tokens and OAuth credentials are encrypted at rest using industry-standard encryption (AES-256).
  • Access Controls: Token access is restricted to authorized service components on a need-to-know basis with role-based access controls.
  • Token Rotation: OAuth refresh tokens are used to obtain short-lived access tokens, minimizing exposure risk.
  • Revocation: You may revoke integration access at any time through your account settings or the third-party service's permission management interface.

Third-Party AI Services

When you use our Claude MCP server features, your data may be processed by:

  • Anthropic (Claude API): Conversation context, documents, and prompts are sent to Anthropic's Claude API for AI processing. See Anthropic's Privacy Policy for details on how they process data.
  • Data Retention by AI Providers: Anthropic may temporarily retain API requests for service operation but does not train models on customer data without explicit opt-in. Refer to their Commercial Terms for specifics.

Your Control Over Integration Data

  • Disconnect Integrations: You can disconnect any third-party integration from your account settings at any time.
  • Delete Cached Data: When you disconnect an integration, we delete cached data from that service within 30 days unless legally required to retain it longer.
  • Access Logs: You can request a log of which integrations accessed your data and when by contacting us.
  • Data Portability: You may export your data in machine-readable formats (JSON, CSV) through your account dashboard or by requesting it via our contact form.

Children's Privacy

Our services are not intended for children under 13. We do not knowingly collect information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We'll notify you of significant changes by posting the new policy on this page and updating the "Last updated" date.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

Autonomy AI™
Boston, Massachusetts
Contact Form

Privacy & Cookie Policy | Autonomy AI™