Legal & Policies
Last updated: April 28, 2026
Every System2 policy in one place. We aim to write these in plain language; the legal version is binding all the same.
A note on names
System2 is a product of Autono Labs, Inc., a Delaware C-corporation. Throughout this site, "System2" refers to the product; "Autono Labs" refers to the legal entity that operates it and is the counterparty to every contract on this page. Legal, privacy, and security correspondence uses @autono.sh email handles (matching the legal entity); product email comes from @system2.sh. Mail addressed to Autono Labs, Inc. (re: System2) at the postal address below also reaches us.
Core terms
- Terms of ServiceEveryone using System2
The contract between you and System2 — what we promise, what we don't, and the rules for using the product.
- Privacy PolicyEveryone using System2
What data we collect, how we use it, who we share it with, and the rights you have over it (GDPR / CCPA).
- Acceptable Use PolicyEveryone using System2
What you can't do with the product — incorporating Anthropic's usage policy by reference.
- Beta AgreementBeta-period customers
Terms specific to the beta period — what to expect, what we ask of you, and what stays confidential. In effect until we ship GA.
- AI DisclosureOperators and reviewers
What the AI does, what model powers it, what its limits are, and where humans need to stay in the loop.
- Cookie & Tracking NoticeVisitors to system2.sh
Which cookies and tracking technologies we use and how to control them.
Enterprise & data protection
- SecurityProcurement and security teams
How we protect chat content, OAuth tokens, and account credentials. Architecture, encryption, access control, incident response.
- SubprocessorsProcurement and DPO teams
Third-party service providers that process customer data on our behalf — names, locations, data categories.
- Data Processing AddendumCustomers in the EU/UK or with regulated data
GDPR Article 28 processor terms, including SCCs and the UK International Data Transfer Addendum.
Reporting
- Responsible Disclosure PolicySecurity researchers
Safe-harbor terms for reporting vulnerabilities, scope, and what to expect after you submit a finding.
- DMCA Notice & TakedownCopyright holders
How to submit a copyright takedown notice or counter-notice under U.S. law.
Contact directory
The right inbox depends on the topic:
- General legal — legal@autono.sh
- Privacy questions and rights requests — privacy@autono.sh
- Security questions and vulnerability reports — security@autono.sh
- Acceptable-use violations and abuse — abuse@autono.sh
- Copyright takedowns (DMCA) — dmca@autono.sh
- Product feedback — feedback@autono.sh
Updates and notifications
Each policy carries a "Last updated" date at the top. Material changes are surfaced in-product (a banner or dialog the first time you use the product after the change) and, for changes that affect existing customers, by email at least 30 days before the change takes effect.
To subscribe to subprocessor change notifications, see the instructions on /subprocessors.
Questions about this document? legal@autono.sh
Postal: Autono Labs, Inc. (operator of System2), 131 Continental Drive, Suite 305, Newark, DE 19713, USA. See /legal for our full set of policies.
© 2026 Autono Labs, Inc. All rights reserved. System2 is a product of Autono Labs, Inc.