Skip to content

Privacy Policy

Last updated: December 24, 2024

1. Introduction

Wirebase Inc. ("Wirebase", "we", "our", or "us") operates an AI workspace platform that enables users to interact with multiple artificial intelligence models, create custom workflows, and integrate various tools and services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, website, and related services (collectively, the "Service").

We are committed to protecting your privacy and ensuring transparency about our data practices. This policy applies to all users of Wirebase, including individual users, team members within organizations, and administrators.

By accessing or using Wirebase, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies, please do not access or use the Service.

2. Information We Collect

2.1 Account Information

When you create a Wirebase account, we collect:

  • Identity Information: Name, email address, username, and profile picture
  • Authentication Data: Passwords (hashed and salted), OAuth tokens from third-party providers (Google, GitHub, Microsoft)
  • Organization Data: Company name, team size, role within organization, and billing contact information
  • Billing Information: Payment method details, billing address, and transaction history (processed through secure payment providers)

2.2 Content and Usage Data

As you use Wirebase, we collect:

  • Conversation Data: Messages, prompts, and responses exchanged with AI models
  • Uploaded Content: Documents, images, files, and other materials you upload for AI processing
  • Generated Content: AI-generated text, images, code, and other outputs
  • Workflow Data: Custom workflows, agents, system prompts, and automation configurations
  • Integration Data: Information from connected MCP servers, APIs, and third-party services
  • Voice Data: Audio recordings when using voice chat features (processed in real-time, not stored unless explicitly saved)

2.3 Technical and Device Information

We automatically collect:

  • Device Information: Device type, operating system, browser type and version, screen resolution
  • Network Information: IP address, approximate geographic location, internet service provider
  • Usage Analytics: Features used, interaction patterns, session duration, click events, and error logs
  • Performance Data: API response times, model latencies, and system performance metrics

2.4 API Keys and Credentials

When you configure integrations, you may provide API keys for third-party AI providers (OpenAI, Anthropic, Google, etc.) and MCP servers. These credentials are encrypted at rest and in transit, and are used solely to authenticate requests on your behalf.

3. AI Data Processing

Important: Understanding how your data is processed by AI models

3.1 How AI Models Process Your Data

When you send messages or content to Wirebase, your data may be processed by various AI models depending on your configuration:

  • Wirebase-Hosted API Keys:If using Wirebase's default AI access, your prompts are sent to AI providers using our API keys. These providers may process your data according to their enterprise/API terms
  • User-Provided API Keys: If you configure your own API keys, your data is sent directly to those providers under your own API agreements
  • Self-Hosted Models: If you connect to locally-hosted models (e.g., Ollama), data remains within your infrastructure

3.2 AI Provider Data Practices

Different AI providers have different data practices. We recommend reviewing their policies:

  • OpenAI: Enterprise API data is not used for training. Data retained for 30 days for abuse monitoring
  • Anthropic: API data is not used for training. Minimal logging for safety and reliability
  • Google (Gemini): API data practices vary by service tier. Enterprise tiers have strict data handling
  • Local Models (Ollama, etc.): Data never leaves your infrastructure

3.3 No Training on Your Data

Wirebase does not train AI models on your data. Your conversations, files, and content are used solely to provide the Service. We do not sell, license, or otherwise share your content for AI training purposes.

4. How We Use Your Information

We use collected information for the following purposes:

4.1 Service Delivery

  • Process and route your prompts to appropriate AI models
  • Execute workflows, agents, and automated tasks
  • Store and retrieve conversation history
  • Enable MCP integrations and tool execution
  • Generate, store, and serve AI-created content

4.2 Account Management

  • Create, authenticate, and manage your account
  • Process payments and manage subscriptions
  • Provide customer support and respond to inquiries
  • Send service-related communications (security alerts, updates, receipts)

4.3 Security and Compliance

  • Detect, prevent, and respond to fraud, abuse, and security threats
  • Monitor for Terms of Service violations
  • Comply with legal obligations and respond to lawful requests
  • Enforce our agreements and protect our rights

4.4 Product Improvement

  • Analyze usage patterns to improve features and usability
  • Debug issues and improve platform reliability
  • Develop new features based on aggregate usage insights
  • Conduct research (using anonymized, aggregated data only)

5. Data Sharing and Third Parties

5.1 AI Model Providers

Your prompts and content are shared with AI providers to generate responses. Providers include OpenAI, Anthropic, Google, xAI, Groq, and others you configure. Each provider processes data according to their API terms.

5.2 Infrastructure Partners

We use trusted infrastructure providers to deliver the Service:

  • Cloud Hosting: Vercel, AWS, or similar providers for application hosting and data storage
  • Database Services: PostgreSQL providers with encryption at rest
  • Authentication: Better Auth for secure authentication flows
  • Payment Processing: Stripe for secure payment handling (we never store full card numbers)
  • Analytics: Vercel Analytics for privacy-respecting usage metrics

5.3 MCP and User-Configured Integrations

When you connect MCP servers or third-party integrations (GitHub, Notion, Linear, etc.), data necessary for those integrations is shared with those services. You control which integrations are enabled and what permissions they have.

5.4 Legal Requirements

We may disclose your information if required by law, court order, or governmental authority, or if we believe disclosure is necessary to:

  • Comply with legal processes
  • Protect the safety of any person
  • Prevent fraud or security threats
  • Protect Wirebase's rights and property

5.5 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change and any choices you may have.

6. Data Security

We implement comprehensive security measures to protect your data:

6.1 Technical Safeguards

  • Encryption in Transit: All data transmitted to and from Wirebase uses TLS 1.3 encryption
  • Encryption at Rest: Stored data is encrypted using AES-256 encryption
  • API Key Security: Your API keys are encrypted and never logged or exposed in plain text
  • Access Controls: Role-based access control and principle of least privilege
  • Authentication Security: Secure password hashing, OAuth 2.0, and optional multi-factor authentication

6.2 Organizational Measures

  • Regular security assessments and penetration testing
  • Employee security training and background checks
  • Incident response procedures and breach notification protocols
  • Vendor security assessments for third-party services

6.3 Your Responsibility

You are responsible for maintaining the security of your account credentials, API keys, and any data you share through integrations. Please use strong passwords and keep your credentials confidential.

7. Data Retention

7.1 Retention Periods

  • Account Data: Retained while your account is active and for 30 days after deletion request
  • Conversation History: Retained indefinitely unless you delete it or close your account
  • Archived Chats: Retained according to your archive settings
  • Usage Analytics: Aggregated data retained for 24 months; individual logs for 90 days
  • Billing Records: Retained for 7 years as required by law

7.2 Deletion

You can delete individual conversations, clear your history, or request complete account deletion. When you delete data, we remove it from our primary systems within 30 days. Backup copies may persist for up to 90 days before being purged.

8. International Data Transfers

Wirebase operates globally, and your data may be transferred to and processed in countries other than your country of residence, including the United States.

For transfers from the European Economic Area (EEA), UK, or Switzerland, we rely on:

  • Standard Contractual Clauses approved by the European Commission
  • Data processing agreements with our service providers
  • Adequacy decisions where applicable

We ensure that all international transfers provide adequate protection for your data in accordance with applicable law.

9. Your Rights and Choices

9.1 General Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data
  • Portability: Receive your data in a structured, machine-readable format
  • Restriction: Request limitation of processing
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent where processing is based on consent

9.2 GDPR Rights (EEA Users)

If you are in the European Economic Area, you have rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with your local supervisory authority.

9.3 CCPA Rights (California Residents)

California residents have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected and how it's used
  • Right to delete personal information
  • Right to opt out of the sale of personal information (we do not sell personal information)
  • Right to non-discrimination for exercising your privacy rights

9.4 Exercising Your Rights

To exercise your rights, please contact us at privacy@wirebase.com. We will respond within 30 days (or as required by applicable law). We may require identity verification before processing your request.

10. Cookies and Tracking

10.1 Types of Cookies We Use

  • Essential Cookies: Required for authentication, security, and basic platform functionality
  • Preference Cookies: Remember your settings (theme, language, sidebar state)
  • Analytics Cookies: Help us understand how users interact with the platform (privacy-respecting analytics)

10.2 Managing Cookies

You can manage cookie preferences through your browser settings. Note that disabling essential cookies may impact platform functionality.

11. Children's Privacy

Wirebase is not intended for children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately, and we will delete such information.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on this page with a new "Last updated" date
  • Sending an email notification for significant changes
  • Displaying a notice within the platform

Your continued use of Wirebase after changes become effective constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Wirebase Inc.

Email: privacy@wirebase.com

For data protection inquiries in the EU: dpo@wirebase.com

Related Documents

Terms of Service →Contact Us →