Privacy Policy

Autono Labs, Inc., a Delaware corporation ("Autono Labs," "we," "us"), operates the System2 service at system2.sh and related properties. ("System2" is the brand name of the Service; the legal entity is Autono Labs, Inc.) This Privacy Policy explains what personal information we collect when you use the Service, how we use and share it, and the choices you have. It applies to operators, account admins, and visitors to our website.

For Service customers in the European Economic Area (EEA), UK, or Switzerland, Autono Labs is the "controller" for personal information described here, except where we process Customer Content as a "processor" on your behalf — see our Data Processing Addendum for the processor terms.

We collect the following categories of personal information:

• Account data — the email address you sign in with, your name (if you provide one), avatar URL (from Google OAuth, if used), workspace name, role, and timestamps. Source: you.
• Customer Content — messages you send to Ted, files you upload, quest plans, generated outputs, and configuration data you submit. Source: you (or third-party Integrations you authorize).
• Integration credentials — OAuth access tokens, refresh tokens, and API keys for third-party services you connect (e.g. Linear, Notion, Slack, Gmail, HubSpot). These are stored encrypted at rest with AES-256-GCM. Source: you (via OAuth or paste-in).
• Usage telemetry — pages visited, actions taken in the product, error logs, performance metrics, feature flags evaluated, and anonymized session identifiers. Source: your device.
• Device and connection data — IP address, browser user-agent, operating system, referring URL, and approximate location derived from IP. Source: your device, captured by our hosting providers (Vercel, Fly.io, Cloudflare).
• Billing data (when applicable) — name, billing address, last four digits of payment card, and invoice history. Full card numbers are handled by our payment processor; we do not store them.
• Communications — emails you send us, support tickets, and feedback you submit through the product.

We do not knowingly collect "sensitive" or "special category" personal information (health, biometrics, ethnicity, religious beliefs, etc.) and we ask you not to submit it through the Service.

We use personal information to:

• Provide, maintain, secure, and improve the Service.
• Process Customer Content through Anthropic's Claude API to generate AI responses on your behalf.
• Authorize and execute calls to third-party Integrations you have connected.
• Authenticate you and protect against abuse, fraud, and unauthorized access.
• Send transactional messages (security alerts, billing receipts, important product changes). You can't opt out of these while you have an active account.
• Send product updates and announcements you opt into. You can opt out anytime via the unsubscribe link.
• Comply with legal obligations and enforce our Terms.
• Conduct internal analytics and product research, on aggregated or de-identified data where practical.

For users in the EEA, UK, and Switzerland, we rely on the following lawful bases under the GDPR Article 6:

• Performance of contract — to provide the Service you signed up for (account creation, processing your messages, calling Integrations).
• Legitimate interest — to keep the Service secure, prevent abuse, debug errors, conduct internal analytics, and develop the product. We assess these against your rights and only proceed where the interest is not overridden.
• Consent — for optional features that require it (e.g. analytics cookies in regions where consent is the legal basis). You can withdraw consent at any time.
• Legal obligation — to comply with applicable law (tax, accounting, lawful government requests).

We share personal information only with service providers that help us operate the Service ("subprocessors") and only for the purposes described here. The complete list is at /subprocessors.

• Anthropic, PBC — LLM provider. Customer Content (your messages, files attached to chats, tool inputs/outputs) is sent to Anthropic to generate responses. Per our agreement, Anthropic does not use System2 customer data to train their models.
• Supabase — managed Postgres database and authentication.
• Fly.io — API hosting.
• Vercel — web (UI) hosting.
• Cloudflare — DNS, edge network, DDoS protection.
• Sentry — error monitoring (stack traces, request URLs, user IDs). Authorization/cookie headers and a defined list of sensitive body keys (passwords, tokens, secrets, API keys) are redacted before events leave our server, but stack-trace context can still incidentally include other Customer Content.
• Better Stack — uptime monitoring (response codes only).

We may also share personal information:

• With third-party Integrations you connect, when you instruct the Service to do so. These services are independent controllers, not our subprocessors.
• With professional advisors (lawyers, accountants, auditors) under confidentiality.
• With a successor entity in connection with a merger, acquisition, financing, or asset sale, subject to standard confidentiality.
• With law enforcement or regulators where legally required, after reviewing the request for validity.

We do not sell personal information. We do not share it with advertisers or data brokers. We do not engage in "cross-context behavioral advertising."

We are based in the United States, and most of our subprocessors are too. If you use the Service from outside the U.S., your personal information will be transferred to and processed in the U.S. and other countries that may have different data protection laws than yours.

For transfers from the EEA, UK, or Switzerland to the U.S. or other third countries, we rely on the European Commission's Standard Contractual Clauses (SCCs) adopted in 2021 (Decision 2021/914), the UK's International Data Transfer Addendum, or other transfer mechanisms recognized as providing an adequate level of protection.

We retain personal information for as long as needed to provide the Service and for the purposes described in this policy, then delete or anonymize it. Specifically:

• Account data — for the life of the account. When you delete your account, the data enters a 30-day grace window: access is disabled immediately and you are signed out, but you can email privacy@autono.sh during that window to restore access. After 30 days the data is permanently deleted or anonymized, unless retention is required by law (e.g. tax records).
• Customer Content — for the life of the account; deleted within 30 days of account deletion. Database backups containing it are retained up to 30 additional days, then expire.
• Integration credentials — kept only while the Integration is connected; deleted on disconnect.
• Server logs / telemetry — typically 30-90 days.
• Billing records — up to 7 years to comply with tax and accounting laws.
• Anthropic-side retention — Anthropic retains API inputs and outputs for up to 30 days by default. If a request is flagged for trust-and- safety review (e.g. suspected policy violation), Anthropic may extend retention up to 2 years for inputs/outputs and up to 7 years for the related trust- and-safety classifications. See Anthropic's data-retention documentation for current details.

We use a layered set of safeguards described on our Security page. Highlights:

• All Customer Content is encrypted at rest by our database provider (AES-256).
• OAuth tokens and API keys for Integrations are additionally encrypted with AES-256-GCM using a secret-managed key independent of the database.
• All traffic uses TLS 1.3 (HTTPS).
• Authentication uses signed JWTs and short-lived sessions.
• Cross-tenant access is prevented by middleware that validates the caller's company on every API request.

No system is perfectly secure. If we discover a security incident affecting your personal information, we will notify you per applicable law (within 72 hours of confirmation under GDPR).

Subject to applicable law, you have the right to:

• Access the personal information we hold about you.
• Correct inaccurate personal information.
• Deleteyour personal information (the "right to erasure").
• Restrict or object to certain processing.
• Receive a portable copy of your personal information in a machine-readable format.
• Withdraw consent where we relied on it (this does not affect the lawfulness of past processing).
• Lodge a complaint with a supervisory authority.

For most rights you can self-serve in the product:

• Edit your profile at Account > Profile.
• Export and delete your data at Account > Delete account.
• Disconnect any integration at Settings > Integrations.

For anything else, email privacy@autono.sh. We aim to respond within 30 days. We may need to verify your identity before fulfilling a request.

California residents have the rights described in Section 9 plus, under the California Consumer Privacy Act (as amended by the CPRA):

• The right to know the specific pieces of personal information we have collected about you.
• The right to opt out of the "sale" or "sharing" of personal information. We do not sell or share personal information as those terms are defined under the CCPA, so there is nothing to opt out of, but you can submit a request to confirm.
• The right to limit our use and disclosure of "sensitive personal information" to the purposes the CPRA permits without separate consent. We do not knowingly collect sensitive personal information and do not use it to infer characteristics about you, so this right is preserved by default; you can submit a request to confirm.
• The right to non-discrimination for exercising any of these rights.

We honor the Global Privacy Control signal as an opt-out request where applicable.

Categories of personal information collected, used, and disclosed in the last 12 months: see Section 2 (collected), Section 3 (used), and Section 5 (disclosed). We have not sold or shared personal information for behavioral advertising purposes.

To exercise CCPA rights, email privacy@autono.sh. You may designate an authorized agent; we may require proof of authorization.

We use cookies and similar technologies described in our Cookie Notice. We do not use cookies for advertising or cross-site tracking.

The Service is not directed at children under 16. We do not knowingly collect personal information from children under 16 (or, in jurisdictions where the threshold is higher, that higher age). If you believe a child has provided us personal information, contact privacy@autono.sh and we will delete it.

The Service is built around AI-generated output (see our AI Disclosure). The Service does not make solely automated decisions that produce legal or similarly significant effects on you. You are always the operator: you initiate quests, you review output, and you decide what to do with it.

Pages on our website or product may link to third-party sites or load third-party services (e.g. when you connect an Integration). Their privacy practices are governed by their own policies. We are not responsible for them.

We'll update this policy as the product evolves. The date at the top reflects the most recent revision. For material changes, we'll provide reasonable notice in-product or by email at least 30 days before the change takes effect.

Privacy questions or requests: privacy@autono.sh

Postal mail:
Autono Labs, Inc.
Attn: Privacy (re: System2)
131 Continental Drive, Suite 305
Newark, DE 19713, USA

EEA / UK users may also contact our representative or your local data protection authority. Our EU representative designation is in progress; until then, EEA users can contact us directly at the email above.