Privacy Policy — FuturOne

Last updated: June 1, 2026

The short version

Workflow content — prompts, uploaded documents, repository contents, and agent outputs — is processed within the request lifecycle only and is never stored on our servers. Audit logs contain event metadata (timestamps, run identifiers, status, latency, error codes), never content. We keep the minimum account and billing information needed to operate the Service, and we do not sell personal information. Technical details are on our Security page.

1. Introduction

Future Intelligence LLC ("FuturOne", "we", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard information when you use the FuturOne agent platform, the API at api.futurmix.one, and the futurmix.one website (together, the "Service").

For most customers, FuturOne acts as a data processor for workflow content submitted to agents, and as a data controller for account, billing, and website data. A GDPR-compliant Data Processing Agreement (DPA) is available for customers on Team plans and above — contact nancy-sl@futurmix.one.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and company name. Workspace administrators on plans with SSO/SCIM may also provision role and group membership attributes from their identity provider. This information is used to manage your account, enforce seat limits, and communicate with you about the Service.

Billing Information

Paid plans are billed monthly (or annually, prepaid) through our payment processor. We receive and store billing contact details, plan tier, and invoice history. We do not store full payment card numbers on our systems.

Operational Metadata

We collect operational metadata about your use of the Service: run identifiers, timestamps, workflow type and status, step counts, latency metrics, error codes, and per-team usage volumes (used for the analytics and cost attribution dashboard). This metadata describes that a run happened and how it performed — it does not include the content of the run.

Contact Form Submissions

When you submit a contact form on our website, we collect the information you provide (name, email, company, message) to respond to your inquiry.

3. Zero Data Retention

FuturOne operates a zero-retention architecture for all workflow processing. Specifically:

Prompts, uploaded documents, repository contents, and agent-generated outputs are processed within the request lifecycle only. When a run completes (or fails), its content is discarded.
No conversation content, source material, or deliverable persists on our servers after the run ends. Deliverables are returned to you; we do not keep a copy.
Transient in-memory buffers used during execution are encrypted with AES-256 and released at run completion.
Audit logs are event metadata without content: they record who started a run, when, against which workflow, with what outcome and latency — never what was said, uploaded, or produced.
We do not use customer content to train models — ours or anyone else's.

The architecture behind these guarantees, including encryption and isolation details, is documented on our Security page.

4. How We Use Your Information

We use account information, billing information, and operational metadata to:

Provide, operate, and maintain the Service
Meter usage against plan limits and calculate overage charges
Process and respond to your inquiries
Monitor Service performance, reliability, and abuse
Send important Service updates and security notifications
Comply with legal obligations

5. Subprocessors

We use a small number of subprocessors to operate the Service. Each is bound by a data processing agreement, and model inference providers operate under zero-retention enterprise terms — they do not store or train on content routed through FuturOne.

Subprocessor	Role	Data handled
Cloudflare	Edge network and hosting	Request routing; website delivery
Amazon Web Services	Transient compute	In-flight workflow execution (request lifecycle only)
Anthropic	Model inference	In-flight step content under zero-retention enterprise terms
OpenAI	Model inference	In-flight step content under zero-retention enterprise terms
Google	Model inference	In-flight step content under zero-retention enterprise terms

The current subprocessor list and each provider's role are maintained on our Security page. Enterprise customers can request notice of subprocessor changes as part of their DPA.

6. Data Sharing

We do not sell your personal information. Beyond the subprocessors above, we may disclose information only:

Legal requirements — if required by law, subpoena, or to protect our rights or the safety of others. Because workflow content is not retained, there is typically no content available to disclose.
Business transfers — in connection with a merger, acquisition, or asset sale, subject to this Policy's commitments.

7. Data Security

All data is encrypted in transit with TLS 1.3. Transient processing buffers are encrypted at rest with AES-256 for the duration of the request lifecycle. Access to production systems is role-restricted and logged. FuturOne has completed a SOC 2 Type I examination and is currently in the observation period for Type II; the report is available under NDA. No system is completely secure, and we cannot guarantee absolute security.

8. Data Retention Periods

Workflow content: not retained — discarded at the end of the request lifecycle.
Audit and operational metadata: retained for 12 months, then deleted or irreversibly aggregated.
Account and billing records: retained while your account is active and as required for tax and accounting obligations; deleted within 30 days of a verified deletion request, except where law requires longer.
Contact form submissions: retained for up to 24 months to maintain inquiry history.

9. Your Rights

Depending on your jurisdiction (including under GDPR and CCPA/CPRA), you may have the right to:

Access the personal information we hold about you
Request correction of inaccurate information
Request deletion of your personal information
Object to or restrict processing of your information
Receive your information in a portable format

To exercise these rights, contact us at nancy-sl@futurmix.one. We respond to verified requests within 30 days.

10. International Transfers

The Service is operated from the United States. Where personal data is transferred from the EEA, UK, or Switzerland, we rely on Standard Contractual Clauses incorporated into our DPA.

11. Cookies

Our website uses essential cookies for authentication and session management only. We do not use advertising or cross-site tracking cookies.

12. Children's Privacy

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date, and — for changes affecting how workflow content is handled — by email to workspace administrators.

14. Contact

For privacy-related questions, DPA requests, or rights requests, contact us at nancy-sl@futurmix.one.

Future Intelligence LLC
San Francisco, CA, United States