Effective May 11, 2026
This draft explains how Ando handles information in the private beta. It is written for clarity and must be reviewed before being treated as final legal copy.
01
This policy covers the Ando website, platform dashboard, billing flows, inference API, app connections, feedback forms, support messages, and service emails.
It does not replace the privacy policies of third-party apps or services that you connect to Ando, such as local Open WebUI installations or external agent tools.
02
Ando may process account profile data, authentication data from Clerk, billing and transaction metadata from Stripe, inference balance and usage metadata, app connection settings, device and log data, support messages, feedback, and onboarding preferences.
Biscuit tokens and payment card details should not be sent in feedback or support messages. Card details are handled by Stripe checkout and are not intended to be stored by Ando.
03
Inference requests may include prompts, model inputs, model outputs, routing metadata, token counts, timing, usage, and error information needed to provide, secure, meter, debug, and improve reliability of the beta service.
Ando must finalize exact retention periods and model-training language before this policy is treated as legally final. The policy must not claim zero data retention unless that behavior has been verified and approved.
04
Ando uses information to authenticate users, provide the platform, route inference requests, meter usage, bill and reconcile top-ups, prevent abuse, secure the service, respond to support, send service emails, and comply with legal obligations.
Ando may use aggregated or de-identified operational information to understand reliability, capacity, and product usage during the beta.
05
Ando relies on providers for authentication, payments, hosting, infrastructure, observability, email delivery, and related operations. Current provider categories include Clerk, Stripe, hosting and cloud infrastructure, Sentry-style observability, and Resend if welcome email is enabled.
The final policy must identify subprocessors and verify contractual confidentiality, security, transfer, and data-processing obligations before making legal claims about those obligations.
06
Account records, billing records, usage ledger entries, security logs, support messages, feedback, and email logs may have different retention periods. Exact periods require owner and legal confirmation before launch copy is frozen.
Users may contact Ando to request access, correction, deletion, or other privacy help. Region-specific privacy rights, controller or processor status, international transfers, and data processing agreements require legal review.
07
Ando uses technical and organizational safeguards appropriate for a beta inference platform, but no internet service can guarantee absolute security.
Ando may update this policy as the beta changes. Material updates should be posted on this page with a new effective date.