Versatl — Privacy Policy
Effective Date: June 4, 2026
Last Updated: June 11, 2026
1. Introduction
Mfini Inc. ("Mfini," "Company," "we," "us," or "our"), operating the Versatl platform ("Platform" or "Service") at versatl.ai, respects your privacy. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use the Service.
Versatl is a product of Mfini Inc. This Privacy Policy constitutes part of your agreement with Mfini Inc.
By using the Service, you consent to the practices described in this policy.
2. Information We Collect
2.1 Information You Provide Directly
| Data Category | Specific Fields | Purpose |
|---|---|---|
| Account Information | Email address, name | Account creation and communication |
| Profile Information | User context (JSON), preferences (JSON) | Agent personalization |
| Creator Profile | Marketplace handle, bio, website | Public marketplace presence |
| Task Content | Task instructions, service configurations | Agent execution |
| Credentials | OAuth tokens, API keys for third-party services | Acting on your behalf via connected services |
2.2 Information Collected Automatically
| Data Category | Specific Fields | Purpose |
|---|---|---|
| Account Metadata | Account creation timestamp, account type | Service operation |
| Usage Data | Task count, token consumption, tool calls per task | Billing, plan enforcement, analytics |
| Execution Logs | Agent steps, tool call results, task outcomes | Service delivery, debugging |
| Audit Logs | Actor, action, resource, IP address, user agent, timestamp | Security, compliance |
2.3 Information from Third Parties
| Source | Data Received | Purpose |
|---|---|---|
| Clerk (authentication) | Email, name, user ID | Account creation and login |
| Stripe (payments) | Customer ID, subscription status, payment history | Billing |
| Stripe Tax | Tax-residency information derived from billing address | Sales-tax calculation and remittance |
| Stripe Connect (creator payouts) | Connect account ID, payout status | Creator revenue distribution |
| Composio (managed OAuth) | Connected-account status events; tool-execution telemetry (success/failure, error envelopes); connected-account identifiers | Webhook receipt and dispatch of Google-service tool calls |
2.4 AI-Generated Information
Through your use of the Service, the following data is generated and stored:
- Episodic Memories: Structured records of each task — input, steps taken, output, outcome, and a vector embedding for semantic search (1024-dimensional). Scoped to your user account and the specific agent.
- Semantic Memories: Distilled knowledge patterns extracted from your task history by an AI model (e.g., "User prefers informal language" or "Evening posts get higher engagement"). These improve agent personalization over time.
- Task Outputs: The results produced by agents in response to your instructions.
3. How We Use Your Information
We use your information for the following purposes:
3.1 Service Delivery
- Executing tasks and services you request
- Retrieving relevant memories to personalize agent behavior
- Connecting to and acting through third-party services on your behalf
- Delivering notifications about task status, approvals, and service events
3.2 Billing and Payments
- Processing customer payments and balance top-ups through Stripe
- Calculating and remitting sales tax via Stripe Tax in jurisdictions where the Platform is registered
- Authorizing and executing auto-top-up charges when you have opted in to that feature
- Enforcing user-configurable spend caps (per-task and per-user-day) and platform-level operational limits
- Maintaining an append-only balance ledger as the source of truth for every change to your balance, for billing audit and reconciliation
- Calculating creator earnings under the Cost Recovery + Profit Share model defined in the Marketplace Publisher Agreement §4.1, and processing payouts to creators via Stripe Connect
3.3 Safety and Security
- Running guardrails on agent outputs (PII detection/redaction, content safety, budget enforcement)
- Running the Platform's reliability harness — normalization of ambiguous input, a per-completion judge, and an outer-loop refund path for runs that fail to meet declared success criteria — to reduce incorrect or empty completions and to refund affected charges
- Running daily billing reconciliation against each provider's official cost reporting, and dispatching critical-severity admin alerts when divergence exceeds defined thresholds
- Maintaining audit logs for security monitoring
- Enforcing row-level security to prevent cross-tenant data access
- Validating authentication tokens and API keys
3.4 Service Improvement
- Monitoring platform performance and reliability (via OpenTelemetry and Sentry)
- Structured logging for debugging and incident response
3.5 Communication
- Sending in-app notifications about task completion, approval requests, and service events
- Delivering webhooks to your configured endpoints (HMAC-signed)
4. AI Processing and Third-Party AI Providers
4.1 How Your Data Is Processed by AI
When you submit a task, the following data is sent to AI model providers for processing:
- Your task instruction text
- Your user context (the JSON data you provide in your profile settings)
- Retrieved memories (semantic and episodic) relevant to the current task
- Tool call results during the agent's execution loop
- The agent's system prompt (configured by the agent developer)
4.2 AI Model Providers
Your data may be processed by the following AI providers:
| Provider | Role |
|---|---|
| Anthropic | LLM provider (Claude family) |
| OpenAI | LLM provider (GPT family); embedding generation |
| LLM provider (Gemini family) | |
| OpenRouter | LLM aggregator that routes requests to upstream model hosts on the Platform's behalf |
The specific models in use change over time. The Platform maintains a self-healing model catalog that is refreshed from each provider's official /v1/models feed; deprecated models are retired on a published schedule and replaced with successor models in the same tier. You can see the current models the Platform is willing to route to — and pick a preferred model per tier — from Settings → AI Models.
The Platform uses model fallback chains — if the primary model is unavailable, your request may be processed by a fallback provider. If you have configured your own API key for a provider ("Bring Your Own Model" / BYOM), your requests for that tier are sent directly to that provider using your key. All providers are subject to their own privacy policies and data handling practices.
4.3 What Is NOT Sent to AI Providers
- Your authentication credentials (passwords, JWT tokens)
- Your encrypted third-party credentials (OAuth tokens, API keys)
- Your Stripe payment information
- Raw credential data of any kind
4.4 AI Provider Data Policies
We select AI providers that do not use customer data for model training. However, we recommend reviewing each provider's current data policies:
- Anthropic: https://www.anthropic.com/privacy
- OpenAI: https://openai.com/privacy
- Google: https://ai.google/privacy
- OpenRouter: https://openrouter.ai/privacy
5. Data Sharing
5.1 We Do NOT Sell Your Data
We do not sell, rent, or trade your personal information to third parties.
5.2 Service Providers
We share data with the following service providers as necessary to operate the Platform:
| Provider | Purpose | Data Shared |
|---|---|---|
| Clerk | Authentication | Email, name |
| Stripe | Payment processing | Email, plan, payment details |
| Stripe Connect | Creator payouts | Creator identity, earnings |
| Anthropic | AI processing | Task content, user context, memories |
| OpenAI | AI processing; embeddings | Task content, user context, memories |
| AI processing | Task content, user context, memories | |
| OpenRouter | AI routing/aggregation (when selected as a route) | Task content, user context, memories |
| Composio | Managed OAuth and tool execution for Google services (Gmail, Calendar, Drive) | OAuth tokens; tool-call inputs and outputs (e.g., the email body the agent sends, the calendar event it reads) |
| Sentry | Error tracking | Error context (no personal content) |
5.3 Connected Third-Party Services
When you connect external services, agents may transmit data to those services on your behalf (e.g., posting a tweet, sending an email, creating a calendar event). The current inventory of supported integrations and their connection categories (Direct OAuth, Composio-brokered, MCP-brokered) is maintained in the Connected Services Appendix at docs/legal/connected-services-appendix.md, which is incorporated by reference. The data transmitted depends on the agent's actions and your instructions.
OAuth brokered through Composio. For Google services (Gmail, Google Calendar, Google Drive), the Platform's default OAuth path is brokered through Composio Inc. ("Composio"), a CASA Tier 2-verified application. When you connect one of these services, you authenticate directly with Google in a consent screen that identifies Composio as the application receiving access. Composio stores the resulting OAuth credentials on its infrastructure and dispatches tool calls (e.g., "send this email") on the Platform's behalf. The Platform does not retain Google OAuth refresh tokens for Composio-brokered connections — only an opaque connection identifier that points back to Composio. The Platform retains a direct-OAuth path as a development and fallback option, in which case the OAuth credentials are stored directly on Platform infrastructure under the encryption regime described in Section 6.1.
MCP-brokered services. For services we integrate via the Model Context Protocol (MCP) — currently including Atlassian (Jira/Confluence), GitHub, Linear, Notion, and Salesforce — agents call vendor-hosted tools using OAuth tokens you have authorized. Tool inputs and outputs may be retained in our agent memory and audit logs to the extent described in Section 7 (Data Retention).
Atlassian Personal Data Reporting: Per Atlassian's developer policy, every 7 days we transmit the list of Atlassian accountId values for which we currently hold personal data to Atlassian's Personal Data Reporting API (https://api.atlassian.com/app/report-accounts/). We do not transmit content, only identifiers. Atlassian responds with status flags per account; for any account Atlassian indicates as closed, we permanently delete all data we hold about that Atlassian user (OAuth credentials, audit logs, episode memories, conversation history, and distilled semantic memories).
5.4 Webhooks
If you configure webhook endpoints, the Platform sends task results (truncated to 1,000 characters) and event metadata to your specified URLs, signed with HMAC-SHA256 for integrity verification.
5.5 Memory Sharing
If you enable cross-agent memory sharing, semantic memories from one agent may be made available to another agent — but only for your own account, only semantic memories (not raw task data), and only as read-only. You control these sharing policies.
5.6 Legal Requirements
We may disclose your information if required by law, legal process, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
5.7 Versatl-Operated MCP Server
The Platform operates a Model Context Protocol (MCP) server at mcp.versatl.ai (or its successor URL). The MCP server is opt-in: it is disabled by default for every user and remains disabled until you enable it from Settings → MCP. Once enabled, external MCP-compatible clients you authenticate (using API keys you generate for that purpose) may, subject to the per-tool approval matrix you maintain, invoke tools, agents, and memory that belong to your account on your behalf.
When an external MCP client invokes a tool through the MCP server:
- The tool inputs and outputs are processed by the same backend code paths that handle agent-driven calls, including the same guardrails, audit logging, and memory updates.
- Tool inputs and outputs may be retained in agent memory and audit logs to the extent described in Section 7 (Data Retention).
- The external MCP client receives the tool output as part of the response. The Platform does not retain a separate copy of what the MCP client received beyond what is recorded in the audit log.
Disabling the master switch immediately blocks every external MCP client from invoking anything in your account, regardless of prior approval. Revoking the API key the client was using has the same effect.
6. Data Security
6.1 Encryption
- Credentials at rest: Third-party OAuth tokens and API keys are encrypted using Fernet symmetric encryption (from the
cryptographylibrary). The encryption key is stored as an environment variable, never in the codebase. - API keys: Your Versatl API keys are stored as SHA-256 hashes (one-way). The raw key is shown once at creation and cannot be recovered.
- Data in transit: All communication uses HTTPS/TLS.
6.2 Access Control
- Row-Level Security (RLS): PostgreSQL enforces tenant isolation at the database level. Each query is scoped to your user ID through RLS policies with
FORCEmode — even if application code has a bug, the database prevents cross-tenant access. - Agent Permission Scoping: Agents can only access the tools and credentials declared in their configuration. An agent configured for Twitter cannot access your Gmail credentials.
- Admin Access: Platform administrators can access aggregated metrics but cannot access your encrypted credentials or task content.
6.3 Infrastructure
- Database: PostgreSQL 16 with row-level security
- Cache/Queue: Redis (for background jobs and real-time streaming)
- No unnecessary services: We minimize our infrastructure surface area to reduce attack vectors
7. Data Retention
7.1 Active Accounts
While your account is active, we retain task inputs and outputs, chat messages, agent memory, and stored credentials as long as reasonably necessary to provide and improve the services, or as otherwise required by law, subject to our retention policy in effect from time to time.
Specific retention floors and ceilings:
- Task execution logs, audit logs, usage events, and tool call logs: retained for at least 1 year. Granular events older than 1 year are aggregated into monthly summary records, and the granular originals are deleted.
- Billing records and revenue splits: retained for 7 years to meet tax and accounting obligations.
- OAuth tokens and stored credentials: retained until you revoke them or delete your account. When you disconnect a service through the Connections page, the corresponding credential row is permanently deleted from the Platform database (a hard delete), and the Platform additionally calls the vendor's published revoke endpoint (where one exists) to invalidate the OAuth grant at the upstream provider. For Composio-brokered Google connections, the disconnect also instructs Composio to delete the corresponding connected account on its infrastructure.
- Bring-Your-Own-Model (BYOM) LLM provider keys: when you disconnect a BYOM key from Settings → AI Models, the credential row is marked revoked (
revoked_attimestamp set) rather than hard-deleted, and the encrypted key blob is retained for up to eighteen (18) months. The retained row is invisible to every read path and cannot be used to make a call. It is preserved so that the Platform's daily billing reconciliation can determine, at the close of each accounting period, whether usage events that were tagged as BYOM in fact correspond to a credential that was active at the time the call was made. On account deletion, retained BYOM credential rows are deleted via the same cascade as the rest of your data without waiting for the 18-month window to elapse.
We will provide at least 30 days advance notice via email and an in-application banner before any material reduction in retention takes effect, giving you the opportunity to export or delete data before changes apply.
7.2 Deleted Accounts
When you delete your account (via Settings or the API), the following data is permanently deleted through cascade deletion:
- All tasks and task execution data
- All services and service configurations
- All episodic and semantic memories
- All stored credentials (encrypted OAuth tokens, API keys)
- All Versatl API keys
- All agent subscriptions and ratings
- All notifications
- All webhook configurations and delivery logs
- All workspace memberships
7.3 Data Retained After Deletion
The following data may be retained after account deletion for legal, accounting, or security purposes:
- Audit logs: retained for 1 year post-deletion (actor identity anonymized).
- Billing records: retained for 7 years post-deletion as required by tax and accounting law.
- Aggregated/anonymized usage data: may be retained indefinitely for analytics, in a form that does not identify individual users.
7.4 Clerk and Stripe
Account deletion on Versatl does not automatically delete your Clerk or Stripe accounts. You may need to separately manage those accounts through their respective platforms.
7.5 Inactive Accounts
If your account has no recorded activity (logins, API calls, or task executions) for 24 consecutive months, we will email a 30-day deletion notice to your verified email address. If your account remains inactive at the end of that period, it will be deleted via the same cascade process as voluntary deletion. Signing in (or any authenticated API call) before the deletion date automatically cancels the pending deletion — no other action is required.
8. Your Rights
8.1 Access
You can access your personal data at any time through the API (GET /auth/me) or the Dashboard Settings page. Your task history, usage data, and memories are accessible through respective dashboard pages.
8.2 Correction
You can update your profile information, user context, and preferences at any time through the Settings page or the API (PUT /auth/me).
8.3 Deletion
You can delete your account and all associated data at any time through the Settings page or the API (DELETE /auth/me). Deletion is permanent and irreversible.
8.4 Data Portability
You can access your data through the API endpoints. Task results, usage summaries, and agent configurations are available in JSON format.
8.5 Credential Revocation
You can disconnect any third-party service at any time. By default, disconnection permanently deletes the corresponding credential record on the Platform (hard delete) and additionally calls the vendor's published revoke endpoint, where one exists, to invalidate the OAuth grant at the upstream provider. Where the credential is brokered through Composio (Gmail, Google Calendar, Google Drive, YouTube by default), disconnection also instructs Composio to delete the corresponding connected account on its infrastructure, severing the underlying OAuth grant.
The exception is Bring-Your-Own-Model (BYOM) LLM provider keys, which are soft-deleted with up to 18 months of retention for billing reconciliation purposes; see §7.1 for the full description.
8.6 Memory Control
You can control cross-agent memory sharing through your settings. You can enable or disable sharing policies per agent pair.
9. GDPR Rights (EEA/UK Users)
If you are located in the European Economic Area or the United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR):
- Right to Access (Article 15): Request a copy of your personal data.
- Right to Rectification (Article 16): Request correction of inaccurate data.
- Right to Erasure (Article 17): Request deletion of your data ("right to be forgotten").
- Right to Restrict Processing (Article 18): Request limitation of processing.
- Right to Data Portability (Article 20): Receive your data in a structured, machine-readable format.
- Right to Object (Article 21): Object to processing based on legitimate interests.
- Right to Withdraw Consent: Withdraw consent at any time (without affecting lawfulness of prior processing).
Legal Bases for Processing:
- Contract performance: Processing necessary to provide the Service (task execution, billing).
- Legitimate interests: Security monitoring, fraud prevention, service improvement.
- Consent: AI processing, cross-agent memory sharing, third-party integrations.
To exercise your GDPR rights, contact us at privacy@versatl.ai.
10. CCPA Rights (California Users)
If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with:
- Right to Know: What personal information we collect, use, and share.
- Right to Delete: Request deletion of your personal information.
- Right to Opt-Out of Sale: We do not sell personal information.
- Right to Non-Discrimination: We will not discriminate against you for exercising your rights.
To exercise your CCPA rights, contact us at privacy@versatl.ai.
11. Children's Privacy
The Service is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we discover that we have collected personal data from a child, we will delete it promptly.
12. Cookies and Tracking
The Platform uses essential cookies for authentication (managed by Clerk) and session management. We do not use advertising trackers or third-party analytics cookies. Sentry and OpenTelemetry collect technical performance data (latency, errors) but not personal browsing behavior.
13. International Data Transfers
Your data may be processed in the United States or other jurisdictions where our service providers operate. When transferring data internationally, we rely on Standard Contractual Clauses (SCCs) or other lawful transfer mechanisms as required by applicable data protection laws.
14. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notification at least 30 days before taking effect. The "Last Updated" date at the top reflects the most recent revision.
15. Contact
For privacy-related questions or to exercise your rights:
Mfini Inc.
Email: privacy@versatl.ai
Data Protection Officer: dpo@versatl.ai
Address: 1401 Lavaca St, Ste 558, Austin, TX 78701