Privacy Policy

Effective date: June 28, 2026 Version: 2026-06-28

This Privacy Policy describes how Armando Ventures LLC ("Armando Ventures," "we," "us," or "our") handles information when you use Axiom and related services (the "Service"), including desktop (Electron) builds, local/self-hosted deployments, and any hosted experiences we operate.

Draft notice: This is an operator draft aligned to the current Axiom architecture. Have qualified counsel review it before app-store submission or enterprise use.

1. Summary

• Local-first: Most business content you create or sync into Axiom stays in your instance workspace on your device or infrastructure you control.
• No data brokerage: We do not sell your personal information.
• You choose integrations: Connected tools (CRM, calendar, messaging, search) only run when you configure them.
• Outbound is gated: External sends and publications are designed to require explicit owner approval.

2. Information we collect

What we collect depends on how you deploy Axiom.

2.1 Account and authentication

If you sign in with an identity provider (for example WorkOS AuthKit), we receive information needed to authenticate you, such as:

• name and email address;
• organization identifier;
• session tokens needed to keep you signed in.

WorkOS processes authentication under its own privacy policy. See WorkOS Privacy.

2.2 Instance and workspace data

When you operate an Axiom instance, the Service stores business data you create or connect, which may include:

• goals, tasks, decisions, and operating documents;
• CRM or pipeline records you sync (for example from Notion);
• automation receipts, audit logs, and approval history;
• API keys and connector settings you enter for your instance.

For self-hosted or desktop deployments, this data is primarily stored locally in your workspace directory (for example SQLite databases, JSON configuration, and generated artifacts on disk).

2.3 Usage and diagnostics

By default we do not run product analytics or advertising trackers inside Axiom.

We may collect limited technical information when necessary to operate or support the Service, such as:

• application version and platform (for example Windows, macOS, or Linux);
• error logs you choose to share with us;
• support correspondence you send to us.

If we add optional telemetry or crash reporting in a future release, it will be disclosed in-product and, where required, offered on an opt-in basis.

2.4 AI and local model processing

If you use local model runtimes (for example Ollama on your machine), prompts and completions are processed on your hardware unless you configure a remote model endpoint.

If you configure a remote AI provider, your prompts may be sent to that provider under its terms.

2.5 Third-party integrations you enable

When you connect third-party services, Axiom accesses only the data needed for the features you turn on. Examples include:

You can disconnect integrations at any time. Disconnecting may not delete data already written to your local workspace or to the third party.

3. How we use information

We use information to:

• provide, maintain, and secure the Service;
• authenticate users and enforce access controls;
• run automations and workflows you configure;
• generate drafts, scores, and recommendations you review;
• respond to support requests;
• comply with law and enforce our terms.

We do not use your CRM contacts or business records to train generalized advertising profiles.

4. How we share information

We share information only in these situations:

• With your direction: when you connect a third-party tool or approve an outbound action.
• Service providers: with vendors that help us operate the Service (for example authentication, hosting, or payment processing), under contractual confidentiality obligations.
• Legal requirements: when required by law, regulation, legal process, or to protect rights, safety, and security.
• Business transfers: in connection with a merger, acquisition, or asset sale, with notice where required by law.

We do not sell personal information.

5. Data retention

• Local instance data remains on your device or infrastructure until you delete it or uninstall the application.
• Authentication sessions expire according to session settings and provider rules.
• Support records are kept as long as needed to resolve issues and maintain ordinary business records.

You are responsible for backups of your workspace if you self-host.

6. Security

We use administrative, technical, and organizational measures designed to protect information, including encrypted sessions for hosted sign-in, scoped connection grants, and audit trails for external actions.

No method of transmission or storage is completely secure. You are responsible for securing your devices, API keys, and instance access.

7. Your choices and rights

Depending on your location, you may have rights to access, correct, delete, or export personal information, or to object to certain processing.

To exercise rights or ask questions, contact [email protected]. We may need to verify your request.

If we process your information as a processor on behalf of your business, direct CRM or contact requests to your business operator first.

California residents

We do not sell personal information as defined by the California Consumer Privacy Act (CCPA/CPRA). If our practices change, we will update this policy and provide required notices.

European Economic Area / UK

If we offer the Service to individuals in the EEA or UK and act as a controller, we will provide the additional disclosures and legal bases required by applicable law.

8. Children's privacy

The Service is not directed to children under 16, and we do not knowingly collect personal information from children.

9. International transfers

If you use hosted authentication or cloud integrations, information may be processed in the United States or other countries where our providers operate. We take steps designed to ensure appropriate safeguards where required.

10. Desktop (Electron) application notes

Electron builds bundle a local web runtime and may:

• store workspace data under your user profile or a path you choose;
• open external links in your system browser;
• check for application updates if you enable auto-update.

The desktop app does not need to phone home for core operation when deployed in local-only mode. Review connector settings to understand which features send data externally.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version with a new effective date and, for material changes, provide additional notice through the Service or by email.

12. Contact

Armando Ventures LLC Email: [email protected] Phone: (636) 245-5205

© 2026 Armando Ventures LLC · [email protected]