Privacy

Introduction

This Privacy Policy explains how Genible — a product of Alico India Solutions Private Limited ("Genible," "we," "us," or "our") — collects, uses, discloses, and protects information when you visit our website at genible.com (the "Site") or use the Genible application and related services (collectively, the "Service").

By using the Service, you agree to the practices described in this policy. If you do not agree, please do not use the Service.

Who we are

Genible is operated by Alico India Solutions Private Limited, a company incorporated in India. The Service provides a context-graph–based business intelligence and automation platform.

We act as a data controller for personal data we collect directly from you (for example, your account email), and as a data processor for the workspace data you import or generate when using the Service.

Information we collect

We collect the following categories of information:

• Account information — name, work email, organization name, password hash, and authentication metadata.
• Workspace content — anything you type, upload, import, or generate inside Genible: entities, records, signals, events, messages, files, workflow runs.
• Connected-service data — when you connect a third-party tool (Google Workspace, WhatsApp Business, an OpenAPI service), Genible pulls in the records you authorize and the metadata required to keep the connection working (tokens, account identifiers, sync cursors).
• Usage telemetry — page views, feature usage, latency, error logs, browser type, IP address, and approximate location derived from IP.
• Communications — messages you send us through email, in-product chat, or support channels.
• Billing information — for paid plans, we collect billing contact information; payment instruments are tokenized by our payment processor and never stored on our servers.

How we use information

We use the information we collect to:

• Provide, maintain, and improve the Service.
• Authenticate users and protect against fraud and abuse.
• Index workspace content in your Context Graph so the Brain can answer your queries.
• Pass workspace content to LLM providers only when responding to one of your queries, and only under zero-retention agreements where available.
• Send service-related communications (security alerts, billing receipts, important product changes).
• Send marketing communications, which you can opt out of at any time.
• Comply with legal obligations and enforce our Terms.

What we don’t do with your data

• We do not sell your personal data.
• We do not use your workspace content to train shared, public, or third-party models.
• We do not share workspace content across customer organizations.
• We do not allow LLM providers to retain your prompts or outputs where zero-retention agreements are available.
• We do not run third-party advertising trackers on the Service.

Legal bases for processing (EEA / UK)

If you are in the European Economic Area or the United Kingdom, we process personal data on the following legal bases:

• Contract — to deliver the Service you signed up for.
• Legitimate interests — to operate, secure, and improve the Service; to communicate with you about it.
• Consent — for marketing communications and any cookies that are not strictly necessary. You can withdraw consent at any time.
• Legal obligation — to comply with applicable law.

How we share information

We share personal data only with:

• Service providers who process data on our behalf (cloud hosting, error monitoring, customer support, billing, email delivery, LLM providers). All providers are bound by contractual confidentiality and data-protection obligations.
• Your organization — workspace data is visible to other members of your Genible organization according to the permissions you grant them.
• Connected third-party services — when you instruct Genible to push data into a tool you connected (for example, sending a WhatsApp template).
• Legal and safety — when required by law, valid legal process, or to protect rights, property, or safety.
• Successors — in a merger, acquisition, or asset sale, subject to standard confidentiality protections.

International data transfers

Genible is operated from the United States and India, and may process data in other jurisdictions where our service providers are located. Where required, we rely on Standard Contractual Clauses or other lawful transfer mechanisms to protect personal data transferred out of the EEA, UK, or Switzerland.

Data retention

We retain personal data for as long as your account is active and as long as needed to provide the Service. When you close your account:

• Workspace data is deleted within 30 days.
• Backups are purged on a rolling 90-day schedule.
• Limited records may be retained longer where required by law (for example, billing records for tax purposes).

You can request earlier deletion at any time — see Data Deletion Instructions.

Your rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Delete your personal data (see Data Deletion Instructions).
• Port your data to another service.
• Restrict or object to certain processing.
• Withdraw consent where processing is based on consent.
• Lodge a complaint with your supervisory authority.

To exercise any of these rights, email privacy@genible.com. We respond within 30 days.

Security

We employ administrative, technical, and physical safeguards to protect personal data, including AES-256-GCM encryption of credentials at rest, TLS in transit, internal-only Core API isolation, row-level multi-tenancy, role-based access controls, and full audit logging. See our Security page for details. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

Children

The Service is not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact privacy@genible.com and we will delete it.

Cookies and similar technologies

We use a small number of first-party cookies for authentication, session management, and privacy-respecting analytics. We do not use third-party advertising trackers. You can control cookies through your browser settings; disabling strictly-necessary cookies may break parts of the Service.

California residents (CCPA / CPRA)

California residents have additional rights under the California Consumer Privacy Act, including the right to know, delete, correct, and opt out of the "sale" or "sharing" of personal information. We do not sell or share personal information as those terms are defined under California law.

To exercise California rights, email privacy@genible.com with the subject "California Rights Request."

Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through an in-product notice at least 30 days before the change takes effect. The "Last updated" date at the top of this page indicates when the policy was last revised.

Contact us

For privacy questions or to exercise your rights, contact:

Genible (Alico India Solutions Private Limited)
Attn: Data Protection
Email: privacy@genible.com
General: hello@genible.com