What we store
| Data type | Examples | Why |
|---|---|---|
| Account data | Email, name, role, plan | Identity and access management |
| Chat history | Messages, AI responses, session context | Continuity and memory across sessions |
| Agent configs | Instructions, permissions, run logs | Agent operation and audit trail |
| Memory anchors | Facts you pinned for long-term context | Personalised AI responses |
| Integration tokens | OAuth tokens for connected services | Acting on your behalf in external tools |
| Usage metrics | API call counts, model usage, autonomy hours used | Billing and plan enforcement |
| Device info | IP address, browser, OS (login events only) | Security and anomaly detection |
How your data is used
Your data is used exclusively to:
- Operate and personalise the TaurusX platform for you
- Generate AI responses in chat and agent executions
- Maintain memory and context across sessions (if memory is enabled)
- Enforce billing limits and plan entitlements
- Detect and respond to security threats (impossible travel, credential stuffing, etc.)
- Respond to your support requests
We do not use your chat content or agent instructions to train internal models. Each workspace's data is logically isolated from other workspaces.
Export your data
You can request a full export of your personal data at any time. The export includes chat history, memory anchors, agent configurations, integration connections (not the tokens themselves), and account settings.
To request an export:
- Go to Settings → Privacy → Export My Data.
- Confirm your identity (you may be prompted for a verification code).
- Tap Request Export.
- You will receive an email with a download link within 24 hours. The link is valid for 7 days.
Exports are delivered as a ZIP file containing JSON and CSV formats. Workspace admins can also export workspace-level data (all members, all agents, audit logs) from Guardian Console → Settings → Data Export.
Delete your data
You have the right to request permanent deletion of your personal data. Deletion is irreversible — it cannot be undone.
To delete your account and data:
- Go to Settings → Privacy → Delete My Account.
- Read the confirmation screen carefully — it lists exactly what will be deleted.
- Enter your email address to confirm.
- Tap Permanently Delete.
Deletion is processed within 30 days. Some data may be retained for longer periods where required by law (for example, billing records required for tax compliance are retained for 7 years in most jurisdictions).
Retention periods
| Data type | Retention period | Notes |
|---|---|---|
| Chat history | 2 years from last activity | Reduced to 90 days on Free plan after account inactivity |
| Agent run logs | 30 days | Extended to 1 year on Enterprise+ |
| Login events | 1 year | Used for security audit and anomaly detection |
| Billing records | 7 years | Required for tax compliance in most jurisdictions |
| Deleted accounts | 30 days (processing period) | Data is permanently purged at end of processing period |
For questions about a specific data type not listed here, or to submit a formal data subject request (GDPR, CCPA, or other), please submit a privacy ticket below or email privacy@hmgtechgroup.com.
Privacy request or data question?
We respond to all privacy requests within 48 hours.