Privacy Policy

Last updated: February 5, 2025

1. Introduction

This Privacy Policy describes how Neutron ("we", "us", or "our") collects, uses, and shares information when you use our AI agent memory infrastructure service ("Service"). Neutron helps developers give their AI agents persistent, searchable memory - enabling agents to remember context, learn from interactions, and work more efficiently. We are committed to protecting your privacy and handling your data responsibly.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Name (optional)
  • Authentication credentials (hashed passwords or OAuth tokens)
  • Workspace/organization name

2.2 Agent Memory Data

When you use our API to store agent memories, we process and store the data you submit, including:

  • Text content (memories, conversations, context)
  • Metadata you attach to memories (tags, timestamps, user identifiers)
  • Files and documents you upload for processing
  • Vector embeddings generated from your content
  • Bundle/organization structures you create

This data is processed to generate semantic embeddings and provide memory search functionality for your AI agents.

2.3 External User Data

If you use our multi-tenant features to store memories for your end users (external users), you are the data controller for that data. We process it on your behalf as a data processor. You are responsible for obtaining appropriate consent from your users and complying with applicable privacy laws.

2.4 Usage Information

We automatically collect:

  • API request logs (endpoints called, timestamps, response codes)
  • Credit usage and consumption patterns
  • IP addresses
  • Browser type and version when accessing the dashboard

3. How We Use Your Information

We use the collected information to:

  • Provide AI agent memory storage and semantic search functionality
  • Generate vector embeddings from your content using our embedding models
  • Enable your AI agents to retrieve relevant memories based on semantic similarity
  • Manage your account, workspaces, and API keys
  • Track credit usage and process billing
  • Send important service notifications and updates
  • Detect and prevent fraud, abuse, and security issues
  • Improve the Service's performance and reliability
  • Comply with legal obligations

4. How We Do NOT Use Your Information

We want to be clear about what we don't do with your agent memory data:

  • We do NOT train AI models on your stored memories
  • We do NOT sell your data to third parties
  • We do NOT use your memories to serve advertisements
  • We do NOT share your memories with other customers
  • We do NOT access your memories except for support purposes with your permission

5. Data Storage and Security

Your agent memories and associated data are stored securely using industry-standard encryption. We use PostgreSQL with pgvector for vector storage and Google Cloud Storage for file storage. API keys are hashed and never stored in plain text after initial creation.

We implement appropriate technical and organizational measures to protect your data:

  • Encryption in transit (TLS/HTTPS for all API calls)
  • Encryption at rest for stored memories and files
  • Isolated storage per workspace/organization
  • Regular security audits and monitoring
  • Access controls and authentication for all API endpoints
  • Secure API key management with hashed storage

6. Data Sharing

We do not sell your personal information or agent memory data. We may share your data only in the following circumstances:

  • Service Providers: With third-party vendors who help us operate the Service (cloud hosting, email delivery). These providers are bound by confidentiality agreements.
  • Embedding Generation: Content may be processed by our embedding model providers to generate vector representations. This processing is stateless and content is not retained.
  • Legal Requirements: When required by law or to respond to valid legal process.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with notice to you.
  • With Your Consent: When you explicitly authorize us to share your data.

7. Third-Party Services

We use the following third-party services to provide the Service:

  • Jina AI: For generating vector embeddings from your content (stateless processing)
  • Google Cloud: For data storage and infrastructure
  • Neon: For PostgreSQL database hosting
  • Resend: For transactional email delivery

8. Data Retention

We retain your account information and agent memory data for as long as your account is active. You can delete individual memories, bundles, or your entire account at any time through the dashboard or API.

Upon deletion:

  • Individual memories are permanently deleted within 24 hours
  • Account deletion removes all associated data within 30 days
  • Backup copies may persist for up to 90 days for disaster recovery
  • We may retain anonymized, aggregated usage statistics

9. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data and agent memories we hold
  • Export your memories in a portable format via the API
  • Request correction of inaccurate data
  • Request deletion of your data and memories
  • Object to or restrict certain processing
  • Withdraw consent where processing is based on consent

To exercise these rights, please contact us at [email protected] or use the self-service options in your dashboard.

10. Your Responsibilities for External User Data

If you use Neutron to store memories for your end users (using external user features), you are responsible for:

  • Providing appropriate privacy notices to your users
  • Obtaining necessary consents for data processing
  • Honoring user requests to access or delete their data
  • Complying with applicable privacy laws (GDPR, CCPA, etc.)
  • Implementing appropriate data retention policies

11. Cookies and Tracking

We use essential cookies to maintain your session and authentication state. We do not use third-party tracking cookies or advertising trackers. Our analytics are privacy-focused and do not track individual users across sites.

12. Children's Privacy

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

13. International Data Transfers

Your data may be transferred to and processed in countries other than your own, particularly the United States where our infrastructure is hosted. We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

15. Contact Us

If you have any questions about this Privacy Policy, our data practices, or how we handle agent memory data, please contact us at: