Privacy policy

This policy covers packwolf.ai, closed-beta access requests, PACKWOLF Cloud, PACKWOLF Desktop, support interactions, and related security or operational logs. If you sign a customer agreement or DPA with us, that signed agreement controls where it gives you stronger or more specific rights.

Access requests may include your name, work email, company, role, team size, use case, selected pricing tier, and how you heard about us. We use this information to open a pre-filled email draft addressed to the founder inbox for review.

During onboarding and support, we may collect account contacts, workspace configuration, billing or procurement details, support messages, and security-review information. PACKWOLF Cloud also creates operational logs such as sign-in events, audit events, tool execution metadata, diagnostic events, IP addresses, device/browser information, and timestamps needed to secure and operate the service.

Workspace data is the content you or your agents place into PACKWOLF: prompts, files, workflow definitions, agent instructions, tool outputs, memory, approvals, traces, and connected-system data.

We use information to evaluate access requests, onboard customers, provide and improve PACKWOLF, respond to support requests, secure the service, debug incidents, maintain audit trails, enforce agreements, and comply with legal obligations.

We do not use customer workspace data to train PACKWOLF models. Model provider handling depends on the deployment path you choose: local models, your own keys, or managed provider calls. We document that path during onboarding and in the DPA/subprocessor materials when personal data is involved.

In PACKWOLF Cloud, workspace data is processed in managed infrastructure and protected with tenant isolation, encryption in transit, encryption at rest, access controls, and audit logging. We do not read workspace data outside support, security, abuse-prevention, or legally required scenarios.

In PACKWOLF Desktop, workspace data lives on your device by default. It can leave your device if you configure cloud sync, connect external tools, call remote model providers, send logs to support, or otherwise choose an integration that transmits data.

When agents call model providers, SaaS tools, local tools, MCP servers, or customer-configured systems, those services process the information required for that call. Customer agreements and provider settings determine which provider terms apply.

We share information with service providers that help us run PACKWOLF: hosting/CDN, security, CRM, support, payment/procurement, analytics, and model providers or connected services selected by you. They may only process information for the purpose we hired or configured them to perform.

We may also disclose information if required by law, to protect PACKWOLF and our users, during a corporate transaction, or with your direction. We do not sell personal information.

packwolf.ai does not add advertising cookies or third-party marketing pixels. We use Google Analytics 4 to understand aggregate page views, referral sources, link selections, pricing-plan interest, and whether access forms are completed. We do not send names, email addresses, company names, or free-text form answers to Google Analytics.

We configure Google Analytics with advertising signals and ad personalization disabled. The site may also use infrastructure-level cookies, security checks, logs, and caching from platforms that serve or protect the site.

We keep declined or unanswered beta requests for up to 12 months, then delete or de-identify them unless you ask us to keep the conversation open. Customer contact and account records are kept while the relationship is active and for the period needed for legal, accounting, security, and dispute-resolution purposes.

Workspace data retention follows the customer agreement, workspace settings, and deployment model. On request or termination, we export, delete, or return customer workspace data according to the signed agreement and DPA.

You can request access, correction, deletion, portability, or restriction of personal information we hold about you by emailing privacy@packwolf.ai. We respond within 30 days unless a shorter legal deadline applies.

If your company is a PACKWOLF customer, some requests may need to go through your workspace owner or administrator because we process workspace data on the customer's behalf.

PACKWOLF is operated from the United States and may process information in the United States and other locations where we or our service providers operate. For regulated customer personal data, our DPA includes transfer mechanisms such as the EU Standard Contractual Clauses and the UK Addendum where applicable.

We protect information using technical and organizational measures described on our security page. No online service can promise perfect security, but we design PACKWOLF around isolation, auditability, least privilege, and explicit customer control over data paths.

We update this policy as PACKWOLF leaves closed beta, adds deployment options, or changes subprocessors. Material changes will be posted here before they take effect when practical.

Privacy questions, rights requests, and DPA requests go to privacy@packwolf.ai. Legal notices go to legal@packwolf.ai.