Your data powers
your work. Not ours.

SuperManager AGI operates the AI Vibe Working Platform the environment where ADA, our autonomous agent, accesses your live company data 1,000 feet deep and completes real work from a single prompt. No APIs. No MCP servers. Fully automatic.

In data protection terms: you are the data controller you determine what data exists and what purposes it serves. We are the data processor we access and process that data only to carry out the tasks you assign. That distinction is the legal and operational foundation of this policy.

This policy applies to all users of the SuperManager AGI platform, including individual accounts, team accounts, and enterprise deployments.

Account & Identity Data

Collected when you register or manage your account:

• Full name, work email address, and organization name
• Job title and role within your organization
• Billing details processed via our payment provider; we do not store raw card data
• Access permissions and roles assigned within your account
• Communication preferences and notification settings

Company Data Processed by ADA

This is the data ADA accesses to do your work. It includes files, documents, databases, internal communications, spreadsheets, workflows, project records, and any other data sources within your company environment that you authorize ADA to access.

We process this data as your data processor under your direct instructions. We do not store, index, or copy your company data beyond what is strictly required to complete the task you assigned, unless you explicitly configure persistent memory or knowledge base features.

Platform Usage & Agent Activity Data

• Prompts submitted to ADA retained for 12 months for debugging, audit, and compliance purposes
• Agent action logs: what ADA read, modified, created, or completed on your behalf
• Task completion rates, execution times, and error events
• Session timestamps, feature usage patterns, and navigation paths
• Feedback and ratings you submit on agent outputs

Technical & Device Data

• IP address, browser type and version, operating system, and device identifiers
• Timezone, language settings, and screen resolution
• Collected automatically via cookies and server logs when you access the platform

We do not sell your data. Period. We share data only in these strictly limited circumstances:

Infrastructure & Service Providers

Cloud hosting, database storage, and processing infrastructure that powers the platform. All operate under data processing agreements that prohibit independent use of your data.

Security & Fraud Prevention

Services that help us monitor for unauthorized access, detect anomalies in agent activity, and protect platform integrity.

Payment Processors

Your payment details are handled by a PCI-DSS compliant payment provider. We pass only what's necessary for billing we never see or store your full card number.

Legal & Regulatory Authorities

Where required by applicable law, court order, or regulatory directive or where necessary to protect the rights, safety, or property of our users or the public. We notify you of such requests where legally permitted.

Business Transfers

If SuperManager AGI is acquired, merged, or its assets transferred, your data may be disclosed to the acquiring entity. You will be notified and your rights will be preserved.

You may request early deletion of your personal data at any time by emailing support@supermanager.co. We process all valid requests within 30 days.

Because ADA operates inside your live company environment, security is not an optional layer it is built into the platform's architecture:

• Encryption in transit: TLS 1.3 on all data movement between your environment and our platform
• Encryption at rest: AES-256 for all persisted data on our infrastructure
• Role-based access controls: least-privilege enforcement across all internal systems and personnel
• Agent action monitoring: real-time anomaly detection that flags out-of-scope or unexpected agent behavior
• Penetration testing: regular third-party security assessments of platform infrastructure
• Incident response: breach notification within 72 hours of confirming a breach affecting personal data
• Employee access controls: strict internal policies limiting which employees can access customer data, with full audit logging

Depending on your jurisdiction (GDPR, CCPA, PDPA, and equivalents), you may hold the following rights:

To exercise any right, email support@supermanager.co. We respond within 30 days and may ask you to verify your identity before processing the request.

We use cookies only for session management, security, functional preferences, and platform analytics. We do not use advertising cookies or third-party tracking pixels. Full details in our Cookie Policy.

Your data may be processed in countries other than your own. Where we transfer personal data outside the EEA, UK, or other jurisdictions with data protection frameworks, we implement Standard Contractual Clauses (SCCs), adequacy decisions, or equivalent mechanisms as required by applicable law.

Customers subject to GDPR may request a copy of the relevant transfer mechanisms by contacting support@supermanager.co.

SuperManager AGI is a business platform and is not directed at children under 18. We do not knowingly collect personal data from anyone under 18. If you believe we have inadvertently collected such data, contact us immediately and we will delete it.

We may update this Privacy Policy as the platform evolves or as applicable law requires. Material changes will be communicated via email and a prominent platform notice at least 14 days before taking effect.

The "Effective" date at the top of this page reflects the current version. Continued use of the platform after changes take effect constitutes acceptance.

For privacy questions, data requests, or concerns about how we handle your information: