This Privacy Policy explains what information MyCorpus.ai collects, how we use it, and the choices you have. MyCorpus.ai is operated by Mansa Technologies, LLC (“MyCorpus.ai,” “we,” “us”). It applies to our website, the operator and customer console, and the private workspaces we provision for you (together, the “Service”).

1. Our role

For the documents, files, and content you upload or connect into your workspace (“Your Content”), we act as a data processor — we handle it only on your instructions and only to operate the Service for you. You are the controller of Your Content.

For account and website information — such as your name, email, billing details, and how you interact with our site — we act as a data controller. This Policy covers both roles.

2. Information we collect

Account information

When you create an account or workspace, we collect your name, email address, organization name, and authentication identifiers. If you sign in through a third-party identity provider (for example Google, or your company’s SSO), we receive basic profile information such as your name and email from that provider.

Your Content

Your workspace stores the documents, text, and data you upload, as well as content retrieved from sources you explicitly connect (such as websites, GitHub or GitLab repositories, YouTube channels, or a Google Drive folder you authorize). We also store the questions you ask your assistant and the answers it returns, so your conversation history is available to you.

Connected sources

When you connect an external source, you authorize us to retrieve content from it on your behalf so it can be indexed into your workspace. For OAuth-based connections (such as Google Drive) we store the access and refresh tokens needed to read the specific data you authorized, and use them only for that purpose. You can disconnect a source at any time.

Usage and technical data

We collect limited operational data needed to run and secure the Service — for example log records, request metadata, approximate token usage, error diagnostics, and IP address. We use strictly necessary cookies to keep you signed in and to maintain your session; we do not use advertising cookies.

3. How we use information

We do not sell your personal information or Your Content, and we do not use Your Content to train, tune, or improve any AI model for ourselves or any third party.

4. Google API Services & Limited Use

If you connect a Google Drive source, MyCorpus.ai requests read-only access to the Google Drive files and folders you explicitly select, so that we can read those files and index their contents into your workspace. We request only the access needed to provide this feature, and we access your Google data only while performing that indexing on your behalf.

Limited Use commitment MyCorpus.ai’s use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, for data obtained through Google APIs:

5. AI processing

To answer your questions, the Service converts Your Content into search indexes (embeddings) and sends relevant excerpts, together with your question, to an AI model provider that generates a response. This processing happens solely to produce answers for you. Content sent to these providers for this purpose is not used to train their foundation models. AI output can be inaccurate or incomplete and should be reviewed before you rely on it.

6. Service providers

We rely on a small number of trusted infrastructure and AI providers to run the Service. They process data only to provide services to us and are bound by confidentiality and data-protection obligations.

ProviderPurpose
Amazon Web Services (AWS)Cloud hosting, storage, and compute for workspaces and data
Amazon BedrockAI model hosting for embeddings and answer generation (Anthropic Claude, Amazon Titan)
Google Cloud (Vertex AI)AI model hosting for answer generation (Google Gemini)
Google LLCOptional sign-in and, where you connect it, Google Drive access

7. How we share information

We share information only in these limited cases:

We do not sell personal information or Your Content, and we do not share Your Content across customers.

8. Retention & deletion

We retain Your Content for as long as your workspace exists so the Service remains usable. When you delete content, a source, or your workspace, we delete the associated data from the Service, subject to routine backup cycles and any retention required by law. Disconnecting a source revokes our stored access tokens for it. You may request deletion of your account and associated personal information at any time (see Your rights).

9. Security

Each workspace runs in an isolated environment. We encrypt data in transit and at rest, and apply access controls and least-privilege practices to protect it. No method of transmission or storage is perfectly secure, but we work to protect your information and to promptly address issues we identify.

10. Where data is processed

The Service is operated from the United States, and information is processed and stored there. If you access the Service from outside the United States, you understand that your information will be processed in the United States, where privacy laws may differ from those in your location.

11. Your rights & choices

Depending on where you live, you may have rights to access, correct, export, or delete your personal information, and to object to or restrict certain processing. You can exercise these rights — or ask any question about your data — by emailing support@mycorpus.ai. You can also request deletion of your account and associated personal data directly from the account menu in the console.

When you request account deletion, we will delete your account and its associated personal data within 7 business days. Residual copies in our routine backups are purged within our backup cycle. Your workspaces and their contents are deleted separately — see Retention & deletion — and you can disconnect connected sources or delete content directly within your workspace at any time.

12. Children

The Service is intended for businesses and adults. It is not directed to children, and we do not knowingly collect personal information from children under 13 (or the minimum age required in your jurisdiction). If you believe a child has provided us information, contact us and we will delete it.

13. Changes to this Policy

We may update this Policy from time to time. When we make material changes, we will revise the version and effective date above and, where appropriate, provide additional notice. Your continued use of the Service after an update takes effect constitutes acceptance of the revised Policy.

14. Contact

Questions about this Policy or your data? Contact us at support@mycorpus.ai.

Mansa Technologies, LLC
North Carolina, United States