Legal

Privacy Policy

Last updated: July 1, 2026

Think Automata (“Think Automata”, “we”, “us”, or “our”) operates the THAO platform and associated services. This Privacy Policy explains how we collect, use, store, and protect information when you use our products, visit our website, or engage with our team.

By using THAO or any Think Automata service, you agree to the practices described in this policy. If you do not agree, please do not use our services.

1. Information We Collect

We collect information in the following categories:

• Account information: Name, work email address, company name, and role provided during registration or demo requests
• Usage data: How you interact with the THAO platform, including features accessed, queries submitted, and workflows triggered
• Enterprise data: Data you connect to THAO via connectors (databases, documents, inboxes, calendars, collaboration tools) as authorized by your organization
• Communication data: Messages, form submissions, and correspondence with our team
• Technical data: IP address, browser type, device information, and session identifiers collected automatically via logs

2. How We Use Your Information

We use collected information to:

• Provide, operate, and improve the THAO platform and Think Automata services
• Respond to demo requests, inquiries, and support communications
• Authenticate users, enforce permissions, and apply governance rules
• Generate audit logs, observability reports, and usage analytics for your organization
• Send operational communications about your account or service changes
• Comply with legal obligations and enforce our Terms of Use

We do not sell your personal information or enterprise data to third parties. We do not use your data to train general-purpose AI models without explicit written consent.

3. Enterprise Data and Connectors

When THAO connects to your enterprise systems — databases, email, documents, calendars, collaboration tools — the data processed through those connectors is subject to the governance rules, permissions, and access scopes defined by your organization’s administrators. Think Automata acts as a data processor for enterprise data; your organization acts as the data controller.

All connector access is governed by the principle of least privilege. THAO only accesses data that your organization’s governance configuration explicitly permits.

4. Data Retention

We retain personal information for as long as your account is active or as required to provide services. Enterprise data processed through connectors is retained in accordance with the data retention policy configured by your organization. Audit logs are retained for a minimum of 12 months unless a longer period is required by applicable law or contractual obligation.

You may request deletion of your personal data by contacting us. Deletion requests will be processed within 30 days unless retention is required by law.

5. Data Security

Think Automata implements industry-standard security controls to protect your information, including encryption in transit and at rest, role-based access controls, audit logging, and regular security reviews. For detail on our security practices, please refer to our Security page.

6. Third-Party Services

We use a limited set of third-party service providers to operate our infrastructure, including cloud hosting, analytics, and communication tools. All third-party providers are bound by data processing agreements and are prohibited from using your data for their own purposes.

7. Your Rights

Depending on your location, you may have rights including:

• Access to personal information we hold about you
• Correction of inaccurate or incomplete information
• Deletion of your personal information subject to legal requirements
• Restriction or objection to certain processing activities
• Portability of your data in a structured, machine-readable format

To exercise any of these rights, contact us using the details below.

8. Cookies

We use essential cookies to maintain session state and platform functionality. We do not use advertising or cross-site tracking cookies. You may disable cookies in your browser settings, though this may affect platform functionality.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top of this page and notify enterprise account holders of material changes via email. Continued use of the platform after changes constitutes acceptance of the updated policy.