DynamisOS
Privacy·Terms
← Back to Home

Privacy Policy

Last updated: April 3, 2026

1. Introduction

DynamisOS ("Platform", "we", "us", "our") is operated by Signet Ventures LLC. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our AI Chief of Staff platform and related services ("Services").

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, phone number (optional), and authentication credentials managed through Supabase Auth. You may also provide profile information, business details, and custom context about your work.

Conversation Data

We store your conversations with Ava (your AI assistant) to provide continuity, context, and memory across sessions. This includes:

  • Text messages and chat history
  • Voice transcripts (with your explicit consent)
  • Files, documents, and attachments you share
  • Integration data (emails, calendar events, CRM records accessed via your API keys)
  • Long-term facts and user context used for personalization

Voice & Call Recording

When you use voice features (via ElevenLabs Ava Agent or Twilio phone calls), we record calls for quality assurance, agent training, and your protection. We comply with all applicable laws regarding recording consent (one-party vs. two-party states). The mobile app automatically detects your location and shows the required consent prompt.

Agent Activity & Audit Logs

We log all agent actions taken on your behalf, including:

  • Actions performed by autonomous agents (Ava, Max CTO, Research, etc.)
  • API calls and integration activities
  • Data accessed from third-party services
  • Cost tracking and usage metrics

This ensures full transparency and allows you to review everything that happens in your account.

Technical Information

We collect information about your device and how you use the Platform:

  • Device type, OS version, and app version
  • IP address and geolocation
  • Browser type and language preferences
  • Usage patterns, feature engagement, and error logs
  • Performance metrics and timing data

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Platform and Services
  • Enable Ava and other agents to understand your context and provide personalized assistance
  • Execute actions on your behalf and keep audit logs of those actions
  • Process your subscription, billing, and payment transactions
  • Send you service updates, feature announcements, and important security notices
  • Monitor system health, detect fraud, and prevent abuse
  • Comply with legal obligations and enforce our Terms of Service
  • Research and develop new features and improvements

4. Data Storage & Security

Your data is stored in Supabase (PostgreSQL database) with the following protections:

  • Encryption at rest using industry-standard algorithms
  • Encryption in transit via HTTPS/TLS
  • Row-level security policies ensuring only you can access your data
  • Regular security audits and penetration testing
  • Compliance with SOC 2 and GDPR standards
  • Automatic backups and disaster recovery procedures

We use third-party services (detailed below) for specific functions. These services have their own privacy policies, and we only share data necessary for their operations.

5. Third-Party Services & Data Sharing

DynamisOS integrates with multiple third-party services to deliver value. Your data is only shared when necessary for these integrations to function:

AI & Language Models

  • Anthropic Claude — Processing your messages, analysis, and agent tasks. Processed per Anthropic's privacy policy.
  • xAI Grok — Alternative LLM routing for reasoning and agent delegation.
  • OpenAI / Google Gemini — Fallback LLM providers for robustness.

Important: Conversation data sent to LLMs is processed on their servers. We use private deployments and data residency options where available.

Voice & Communication

  • ElevenLabs — Voice synthesis and AI agent hosting for the Ava phone interface.
  • Twilio — Phone calling, SMS, and call recording infrastructure.

Integrations You Authorize

You can connect your own accounts to DynamisOS (Gmail, Google Calendar, Slack, CRM platforms, etc.). Your API keys are encrypted and stored securely. We only access data you explicitly authorize. You can revoke access at any time.

API Key Ownership

A core principle of DynamisOS is that you own your API keys. We do not use platform-wide API keys. You bring your own keys (Anthropic, xAI, OpenAI, etc.), and you control the costs. We never bill you for LLM usage — you manage that directly with the LLM provider.

Analytics & Monitoring

  • Langfuse — LLM observability and cost tracking (your own Langfuse project).
  • Inngest — Workflow orchestration and execution logging.
  • Vercel Analytics — Website performance and user behavior (anonymized).

6. Data Retention & Deletion

We retain your data as long as your account is active. You can delete your account at any time, which will:

  • Remove all personal data within 30 days
  • Preserve audit logs for legal compliance (up to 7 years if required)
  • Permanently delete all conversation history and agent activity logs

If we receive a legal request (subpoena, court order), we will notify you unless legally prohibited.

7. Your Rights (GDPR & CCPA)

Depending on your location, you have rights over your personal data:

  • Right to Access — Request a copy of all data we hold about you
  • Right to Rectification — Correct inaccurate or incomplete data
  • Right to Erasure — Delete your data (with limited exceptions for legal compliance)
  • Right to Restrict Processing — Limit how we use your data
  • Right to Data Portability — Export your data in a machine-readable format
  • Right to Withdraw Consent — Opt out of optional data collection

To exercise these rights, contact us at legal@dynamisos.com.

8. Cookies & Tracking

We use cookies to maintain your session and remember your preferences. You can disable cookies in your browser, though this may limit Platform functionality.

  • Session cookies — Authentication and CSRF protection (essential)
  • Preference cookies — Dark mode, language, layout settings (optional)
  • Analytics cookies — Usage tracking via Vercel Analytics (optional, you can opt out)

9. Security & Data Breaches

We take security seriously. If we discover a data breach, we will notify you within 72 hours and provide details about what was accessed. We maintain incident response procedures and cyber liability insurance.

Report security vulnerabilities responsibly to security@dynamisos.com.

10. Changes to This Policy

We may update this Privacy Policy as the Platform evolves. Material changes will be communicated via email at least 30 days before taking effect. Continued use of the Platform after changes constitutes acceptance of the updated policy.

11. Contact Us

Questions or concerns about this Privacy Policy? Contact us:

This Privacy Policy is effective April 3, 2026. Last updated: April 3, 2026.