Privacy Policy

Amistio is a web workspace and local runner system for turning project intent into decisions, plans, memory, prompts, and approved local work. This Privacy Policy explains the information Amistio handles when you use the public site, app workspace, repository sync, and local runner coordination features.

Amistio is designed around a clear boundary: the web app coordinates project knowledge and work status, while implementation work runs locally on your machine through the Amistio CLI runner.

Account and workspace information may include your sign-in identity, display name, email address, profile image, workspace membership, organization membership, project names, and settings you choose in the app.

Project information may include project-brain records such as context, architecture notes, decisions, feature specs, plans, memory, workflows, prompts, review states, sync status, work requests, approval history, and activity needed to operate the service.

Repository and runner information may include non-secret hosted repository metadata, pairing status, runner identity, safe machine labels, runner heartbeat, bounded resource samples, work status, generated summaries, accepted brain documents, and safe path metadata needed for sync or review.

Technical information may include browser, device, IP address, request logs, cookies or similar session technology, diagnostics, error reports, and security events needed to run, protect, and improve the service.

The Amistio SaaS does not intentionally upload your repository source code, secrets, local environment variables, command lines, process lists, provider credentials, local secret paths, or arbitrary local filesystem paths.

The local runner may send approved project-brain artifacts, generated summaries, safe metadata, work status, and sync records back to Amistio when those items are part of the product workflow. You are responsible for reviewing generated or synced content before approving it when the workflow asks you to do so.

We use information to provide the app, authenticate users, manage workspace access, create and sync project-brain records, coordinate local runner work, display status, preserve review history, troubleshoot issues, secure the service, prevent abuse, and communicate about product or account matters.

We may use aggregated or de-identified operational information to understand reliability, performance, and product usage patterns. We do not use your private repository source as training data through the SaaS because the service is not designed to ingest that source code.

Workspace content is visible to users who have access to the same personal or organization workspace, subject to the roles and permissions available in the product. Organization workspace members may see shared projects, project-brain records, repository metadata, runner status, work queues, and review activity for projects they can access.

We may share information with infrastructure, authentication, database, search, analytics, monitoring, email, support, or security service providers when they help us operate Amistio. We may also disclose information if required by law, to protect rights and safety, or as part of a merger, acquisition, financing, or sale of assets.

We keep account, workspace, project, and operational records for as long as needed to provide Amistio, comply with legal obligations, resolve disputes, enforce agreements, maintain security, and preserve reviewable project history.

You can choose what project information you enter, approve, sync, or remove through the product controls available to you. You can also archive or remove projects where the product supports it, and you can remove your Amistio personal workspace from account settings. Clerk-hosted account management handles personal user-account deletion. Personal workspace removal archives personal projects and revokes personal runner pairing, while organization-owned records remain with the organization. Some records may remain in backups, logs, audit records, or organization workspaces where retention is needed for security, compliance, or legitimate operations.

Amistio is not intended for children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child provided personal information, contact hello@amistio.com so we can review it.

Amistio may be operated from, and information may be processed in, countries other than where you live. We may update this Privacy Policy as the product changes. When we make material changes, we will update the date on this page and provide additional notice when appropriate.

For privacy requests or questions, contact hello@amistio.com. Do not include secrets, access tokens, private keys, or sensitive repository content in support messages.