We use cookies to enhance your browsing experience, serve personalised ads or content, and analyse our traffic.
Promeon
Promeon
Log in

Privacy Policy

Last Updated: September 25, 2025

1. Introduction

Welcome to Promeon ("Promeon," "we," "us," or "our"). Promeon is an AI-native workspace and private AI Knowledge Vault that transforms a company's documents into a single, secure knowledge base and provides context-aware answers, summaries, and workflow assistance using Retrieval-Augmented Generation (RAG) and related AI technologies (the "Service"). This Privacy Policy explains what personal data we collect, how we use and disclose it, your choices, and how we protect it. By using the Service, you agree to the data practices described in this Privacy Policy.

2. Information We Collect

We collect only the personal data necessary to provide and improve the Service. This may include:

  • Account Information: Name, email address, organization name, billing information, authentication tokens, and profile details you provide when creating an account.
  • Document Content & Metadata: Documents and content you upload or connect to Promeon (for example, files, text, attachments, and related metadata such as authors, timestamps, file names, and tags). If you connect external sources (e.g., cloud drives, collaboration tools), Promeon will index and process the content you authorize.
  • Usage Data: Interaction logs, feature usage (e.g., queries, accepted AI responses, edits), device and browser information (IP address, browser type, OS), and cookies or similar technologies to remember preferences and analyze usage.
  • Communications: Support requests, feedback, and other communications you send to us, which may include personal data contained in those messages.

We do not intentionally collect sensitive personal data (such as health, racial/ethnic origin, or financial account numbers) unless you submit it as part of your content; if you choose to include such information in uploaded documents, it will be treated as content subject to this Policy. The Service is not intended for children under the applicable minimum age (see Section 8).

3. How We Use Your Information

We use data we collect for the following purposes:

  • Provide and Operate the Service: Index, store, and process documents and connected content to deliver search, answers, summaries, and other features you request.
  • AI Processing: Process content (locally and/or with third-party AI providers) to generate responses, summaries, and suggestions. This processing is generally automated and performed to enable the features you use.
  • Service Improvement: Use aggregated or anonymized data to improve Promeon's features, algorithms, and performance. We may derive non-identifying analytics and aggregated metrics to guide product development.
  • Communications: Send account, security, and service-related messages (for example, critical updates or support replies). With your consent, we may send marketing communications which you can opt out of at any time.
  • Compliance and Protection: Detect and prevent abuse, fraud, or misuse of the Service; enforce our Terms; and comply with legal obligations and lawful requests from authorities.

Where applicable, we will rely on appropriate legal bases for processing (such as performance of a contract, consent, or our legitimate interests) consistent with applicable law.

4. How We Disclose or Share Information

We do not sell your personal data. We share information only as necessary to provide the Service and under contractual safeguards:

  • Service Providers / Subprocessors: We use trusted third parties to host infrastructure, provide vector databases, run AI compute, analytics, and other operational services. These providers process data on our behalf and are contractually required to protect your data and to process it only as necessary to provide services to Promeon.
  • AI Technology Providers: To generate answers and other outputs, Promeon may transmit relevant portions of your documents or prompts to third-party AI providers. We require contractual and/or technical controls to limit use of your data to providing the requested output and to prohibit use for unrelated model training unless we explicitly disclose otherwise.
  • Analytics: We may share anonymized or pseudonymized analytics with providers to measure and improve product usage. You can opt out of analytics tracking where feasible (see Section 7).
  • Legal and Safety Disclosures: We may disclose data to comply with legal obligations or to respond to lawful requests. We may also disclose information when necessary to protect the rights, safety, or property of Promeon, our users, or others.
  • Business Transfers: In connection with mergers, acquisitions, or asset sales, user data may be transferred as part of the transaction but will remain subject to the protections of this Privacy Policy.
  • Third-Party Links: The Service may link to external sites or services maintained by third parties; those sites have separate privacy practices and we are not responsible for them.

If you would like a detailed list of subprocessors we use, provide the list you maintain for legal or compliance purposes and we will incorporate it into this Policy.

5. Data Storage and Security

Storage Locations: Your data may be stored and processed in the jurisdictions where our service providers operate. If you are an international user, your data may be transferred to and processed in countries with different privacy laws. When we transfer data from regions with restricted transfer rules (for example, the EEA or UK), we will apply appropriate safeguards such as Standard Contractual Clauses or other lawful transfer mechanisms.

Security Measures: We implement industry-standard technical and organizational measures to protect personal data, including encryption in transit (HTTPS) and at rest, access controls, logging and monitoring, and regular security assessments. Access to your content is limited to authorized personnel and subprocessors on a need-to-know basis. While we strive to maintain strong security practices, no system is completely secure and we cannot guarantee absolute protection.

6. Data Retention

We retain personal data only as long as necessary to provide the Service, comply with legal obligations, or for legitimate business purposes. Typical practices include:

  • Active Accounts: For users with active accounts, we retain account data and indexed content to provide ongoing access to your workspace and historical features.
  • Account Deletion: If you delete your account or request deletion of data, we will delete your personal data from active systems promptly and generally within 30 days, except as required to meet legal or contractual obligations. Residual copies may persist in backups for a limited time until those backups are cycled.
  • Derived Data: Embeddings, vectors, and derived analytic data tied to deleted content will be deleted or disassociated when the underlying content is removed.
  • Analytics: Aggregated or de-identified analytics may be retained longer for product insight and improvement, but such data will not identify you personally.

7. Your Rights and Choices

You have certain rights and controls over your personal data, including:

  • Access & Correction: You can access and update many account details directly in the app. For other requests, contact us and we will respond in accordance with applicable law.
  • Deletion: You may request deletion of your account and associated data. See the Data Retention section for timing and effect of deletion requests.
  • Withdrawal of Consent: Where processing is based on consent (for example, connecting a data source via OAuth), you can withdraw that consent by revoking access from the third-party provider or disconnecting in the app. Revocation stops further collection but does not automatically delete previously collected data unless you request deletion.
  • Opt-Out of Marketing & Analytics: You can unsubscribe from marketing messages and opt out of analytics tracking where feasible. Disabling cookies or enabling “Do Not Track” in your browser may limit product functionality.
  • Authorized Agents: In jurisdictions that permit it, you may designate an authorized agent to exercise rights on your behalf; we will verify authority as required by law.

If you are a resident of the EEA, UK, or California, additional rights may apply (for example, GDPR data portability or CCPA access/deletion rights). Contact us to exercise these rights; we will respond within the timeframes required by law.

8. Children's Privacy

The Service is intended for business and adult users. We do not knowingly collect personal data from children under the applicable minimum age (typically 16 or 13 depending on jurisdiction). If we learn that we have collected data from a child without required parental consent, we will delete it promptly. If you believe a child has provided us personal data, contact us to request deletion.

9. International Users and Compliance

Promeon is designed to serve customers worldwide. If you access the Service from outside the country where Promeon or its subprocessors operate, your data may be transferred and processed in other jurisdictions. We take steps to comply with applicable data protection laws, including GDPR requirements for EU/EEA/UK users. Where required, we will provide appropriate transfer safeguards and cooperate with data protection authorities as needed.

10. Changes to this Privacy Policy

We may update this Privacy Policy as our Service and legal requirements evolve. We will post the updated Policy and update the "Last Updated" date. For material changes, we will provide reasonable notice (for example, by email to account holders or prominent notice in the Service). Continued use of the Service after changes constitutes acceptance of the revised Policy.

11. Contact Us

If you have questions, requests, or concerns about this Privacy Policy or our data practices, please contact us:

  • Email: contact@promeon.ai

We will respond to verifiable requests in accordance with applicable law and will make best efforts to address concerns promptly.

Privacy PolicyTerms

© 2025 Promeon