Privacy Policy

Effective Date: June 11, 2026

Neotask, Inc. ("Neotask," "we," "us," or "our"), a Delaware corporation, operates the Neotask application, platform, and related services (the "Service"). This Privacy Policy describes how we collect, use, store, and protect your information when you use Neotask across desktop (macOS, Windows, Linux), iOS, and the web dashboard, and when you visit our websites.

By accessing or using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, please do not use the Service.

1. Information We Collect

2. How We Use Your Information

We use the information we collect to:

3. Third-Party Services and Subprocessors

Neotask integrates with the following categories of third-party services. Your use of these services is subject to their respective privacy policies. The complete, current list of our subprocessors — what each one does, where it processes data, and whether it is a core provider or only used if you connect it — is published at <subprocessorsLink>neotask.ai/subprocessors</subprocessorsLink>, and we update that page whenever the list changes:

4. Cookies and Similar Technologies

We use cookies and similar technologies on our websites for essential operation, and — only with your consent where required — for analytics. Analytics tools (Google Analytics 4 and DataFast) load in a consent-aware mode: storage is denied by default for visitors in regions that require opt-in consent, and we honor Global Privacy Control (GPC) and Do Not Track (DNT) browser signals by treating them as a refusal. Your consent choice is recorded durably and you can change it at any time.

5. Data Storage and Security

Your account data, agent configurations, session history, and deployment settings are stored on secured servers. We use industry-standard security measures including encrypted connections (TLS 1.3), token-based authentication (JWT), HMAC-SHA256 request signing, and access controls to protect your data.

6. Data Sharing

We do not sell, rent, or trade your personal information to third parties. We may share information only in the following circumstances:

7. Data Retention and Deletion

We retain personal data only as long as needed for the purposes described in this policy. Our standard retention periods are:

8. Children's Privacy

The Service is not directed to children and is intended for adults and users who meet the minimum age below. We do not knowingly collect personal information from children under the age of 13 (or the applicable age of digital consent in your jurisdiction, which may be up to 16 in some EEA countries). If we become aware that a child has provided us with personal information, we will promptly delete it. If you believe a child has provided us with personal information, please contact us at privacy@neotask.ai.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

10. Automated Decision-Making

The Service lets you deploy AI agents that act on your instructions. We do not subject you to decisions based solely on automated processing that produce legal or similarly significant effects. Consequential agent actions are gated behind a human-in-the-loop approval step: the agent proposes the action and a human approves or denies it before it runs. The logic involved is instruction-following: agents act on the goals, configurations, and approvals you provide, using the AI models you select. You are responsible for the decisions your deployed agents make toward your own end users.

11. Our Role: Controller and Processor

For the personal data described in this policy — your account, billing, usage, and the data you submit on our own websites — Neotask, Inc. is the data controller.

12. International Data Transfers

We are based in the United States, and your information will be transferred to and processed in the United States and other countries where our subprocessors operate. Where we transfer personal data out of the EEA, the UK, or Switzerland, we rely on appropriate safeguards as required by law: the EU-U.S. Data Privacy Framework (and its UK and Swiss extensions) where the recipient is certified, and the European Commission's Standard Contractual Clauses (with the UK Addendum / International Data Transfer Agreement where applicable) in all other cases, alongside transfers to jurisdictions covered by an adequacy decision.

13. Health Information (HIPAA)

For customers in healthcare, Neotask can act as a HIPAA Business Associate: we offer a Business Associate Agreement (BAA) to healthcare customers, available at compliance@neotask.ai. Protected Health Information (PHI) is handled only under a signed BAA and only within a dedicated, U.S.-region, HIPAA-eligible environment — never on the general platform. Within that environment, AI processing is routed only to BAA-covered model providers with zero data retention, and PHI is never sold, used for marketing, or used to train shared or foundation models.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy within the app and on the website, and by updating the "Effective Date" above. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

15. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, or wish to exercise your rights, please contact us:

Read the full Privacy Policy