Last updated: April 11, 2026

Privacy Policy

Scope

This Privacy Policy explains how AutonomyX processes personal data through AgentNxt Chat, Open WebUI, LiteLLM Gateway, Langfuse, Ollama, identity, mail, billing, observability, automation, and related installed platform services. It applies to website visitors, administrators, end users, customers, and business contacts.

Data We Process

We may process account details, authentication events, organization settings, prompts, uploaded content, generated outputs, model routing metadata, billing records, support communications, logs, telemetry, device and browser information, security events, and integration payloads. Customer content remains customer-controlled data unless otherwise stated in an applicable order, contract, or data processing agreement.

Legal Basis

For GDPR and UK GDPR, processing may rely on contract performance, legitimate interests, legal obligations, consent where required, and customer instructions when AutonomyX acts as a processor. For India customers, processing is handled in line with the Digital Personal Data Protection Act, 2023, including notice, consent where applicable, purpose limitation, reasonable safeguards, and grievance handling.

Privacy Rights

Depending on location, individuals may request access, correction, deletion, portability, restriction, objection, consent withdrawal, appeal, or grievance review. We will verify requests and respond within timelines required by applicable law, including GDPR, UK GDPR, India DPDP Act, CCPA/CPRA, and other applicable privacy frameworks.

Global Regulations

AgentNxt is intended for global customers and is designed to support privacy obligations under GDPR, UK GDPR, India DPDP Act, CCPA/CPRA, LGPD, PIPEDA, PDPA-style frameworks, and sector or regional requirements where contractually agreed. Cross-border processing uses contractual, technical, and organizational safeguards appropriate to the service configuration.

Retention

We retain personal data only as long as needed for service delivery, security, legal compliance, dispute resolution, auditability, and customer instructions. Administrators may request deletion or export of customer-controlled content subject to legal, backup, fraud prevention, and security retention needs.

Contact

Privacy and data protection requests can be sent to OpenAutonomyx (OPC) Private Limited at legal@openautonomyx.com. Enterprise customers may request a signed data processing addendum and additional regional terms.