We may use collected information for the following purposes:

• Providing and operating the Service
• Improving Service quality, stability, and performance
• Detecting errors, responding to incidents, and analyzing security issues
• Providing skill curation and recommendation based on user-submitted queries
• Analyzing de-identified and aggregated data — including usage patterns, skill curation interactions, execution results, and usage logs — for product improvement, research, and new Service development
• Producing de-identified and aggregated statistics for operational analysis and business decision-making
• Using data within the scope of user consent or applicable law

We do not use customer source code, prompts, repositories, or Generated Outputs for product improvement, research, benchmarking, advertising, marketing, or sale to third parties without explicit user consent.

This restriction does not apply to de-identified, aggregated, generalized, or abstracted operational data, statistical insights, or derivative outputs that are processed in a manner reasonably designed not to identify any individual user, organization, repository, or customer-specific workflow.

The Service may automatically generate, refine, optimize, orchestrate, or recommend skills, strategies, workflows, operational improvements, and related explanatory content based on de-identified operational metadata and system interaction signals derived from use of the Service.

Certain features may incorporate or build upon third-party open-source components or permissively licensed skill resources. Such components remain subject to their respective license terms and attribution requirements where applicable.

Raw prompts, source code, and conversation records are handled in accordance with Section 1.2. We do not analyze or use such content for product improvement, research, or benchmarking in a manner that identifies an individual user, organization, repository, or customer-specific workflow without explicit user consent.

Abstracted, aggregated, and non-identifiable operational patterns, statistics, and derived insights may be used solely for Service operation, improvement, optimization, research, reliability, security, benchmarking, or product development purposes.

To the extent necessary for Service operation, security, and error response, portions of conversation content or source code may be processed or stored as described in Section 1.2.

De-identified, aggregated, generalized, or abstracted derivative data may be retained for quality improvement, research, or product development purposes.

Operational logs and diagnostic data are retained only as long as necessary for Service operation, security, and error response purposes, up to 90 days, and then deleted, unless a longer retention period is required by applicable law.

Operational metadata, optimization-related traces, and diagnostic information may be retained in de-identified, aggregated, generalized, or abstracted form for Service improvement, research, benchmarking, security, reliability analysis, and product development purposes.

API keys issued by the Company are authentication credentials required to use the Service. Such keys are managed using encryption or equivalent security measures and are protected during both transmission and storage.

Users are responsible for safeguarding their Service API keys. In the event of loss, unauthorized disclosure, or misuse, Users must promptly notify the Company. The Company may, within a reasonable scope, support revocation and reissuance of such keys.

We do not sell personal information. We do not disclose user information externally except as necessary to operate the Service.

To process AI inference requests, minimal input information or metadata may be transmitted to external AI providers acting as independent service providers.

This may result in cross-border data transfers, including:

• Transferred Data: Minimum input information or metadata necessary for AI inference
• Destination Country: United States or other applicable jurisdictions
• Purpose: AI model inference processing
• Retention: Deleted immediately after inference processing or subject to the external provider's privacy policy

Where required by applicable law, appropriate safeguards such as standard contractual clauses or other lawful transfer mechanisms may be implemented.

Data handling by external providers is governed by their respective privacy policies.

Curated skills are derived from open-source skills sourced from third-party repositories. The use of such skills may be subject to the original open-source license terms. The Company does not share user-identifiable curation queries, execution results, or usage logs with third-party skill authors or repository maintainers.

We implement technical and organizational safeguards, including:

• Encryption of data in transit (TLS/HTTPS)
• Access controls and least-privilege principles
• System architecture designed to minimize the storage of sensitive information
• Internal access logging

No system can guarantee absolute security.

Subject to applicable law, you may:

• Request access to your personal information
• Request correction or deletion of personal information
• Request suspension of Service use or account deletion

Requests and privacy-related inquiries may be submitted to:

Company: Mind AI
Email: privacy@megacode.ai

This Privacy Policy may be updated to reflect changes in law, Service policy, or functionality. Material changes will be announced at least 30 days in advance through the Service or via separate notice.