Last updated: March 2026

Privacy Policy

1. Information we collect

We collect information you provide directly: your email address when you use Otto, your name and business details when you create an account, and payment information when you subscribe (processed securely by Stripe — we never store card numbers).

2. How we use your information

We use your information to: deliver Otto diagnostic results and PDF reports to your email, personalise your AI employee recommendations, manage your account and subscriptions, and improve our services.

3. Otto diagnostic data

When you complete the Otto diagnostic, your answers are used to generate a personalised AI team recommendation. Your email is required to deliver the PDF report. We store diagnostic results to improve recommendation quality. You can request deletion of this data at any time.

4. AI agent data handling

AI employees deployed to your business operate within strict data boundaries. Each tenant's data is isolated using row-level security. AI agents only access data relevant to their assigned tasks and cannot access other tenants' information.

5. Third-party services

We use the following services to operate AutoStack: Supabase (database and authentication), Stripe (payment processing), Resend (transactional email), Vercel (hosting), and Upstash (rate limiting). Each service processes data in accordance with their own privacy policies.

6. Data security

We implement industry-standard security measures including encrypted connections (HTTPS), secure session management with httpOnly cookies, row-level database security, rate limiting on all API endpoints, and regular security reviews.

7. Your rights

You have the right to: access the personal data we hold about you, request correction of inaccurate data, request deletion of your data, withdraw consent for marketing communications, and export your data in a portable format.

8. Contact us

For privacy-related questions or requests, contact us at privacy@autostack.ai.