Version 2026-07-03
Privacy Notice
How we collect, use, and protect your data during the SKENAI Beta program.
Also see Beta Terms · Privacy Notice
Privacy overview
SKENAI, Inc. (“SKENAI”, “we”) processes personal data to provide the beta program, secure the network, and improve our services. This notice describes what we collect, why, and your choices.
Data we collect
- Account data: name, email, authentication identifiers, profile and onboarding preferences.
- Activity data: William chat sessions, marketplace jobs, XP ledger events, uploads, and operational logs (`william_action_log`).
- Payment data: processed by Stripe; we store receipt references, not full card numbers.
- Telemetry: IP address, browser user agent, and route-level metrics for security and reliability.
Public brief mentions (`network_surface_mention`)
Completed marketplace jobs appear in verified public network briefs only when the tenant opts in via `network_surface_mention`, except platform settlement receipts (e.g. Citizen admission).
Transparency and provenance
Published network briefs store a provenance manifest with consent basis, owner span, and content hashes for audit binding.
Privacy frameworks we follow
Our beta privacy program is designed with reference to the following standards and regulations:
Your rights
- Access or export your account data via Workspace settings or privacy@skenai.net.
- Request correction or deletion subject to legal retention requirements.
- Withdraw consent for optional sharing flags (`share_consent`, `network_surface_mention`) in product controls.
- California residents may exercise CCPA/CPRA rights as described at the California Attorney General privacy portal.
Contact
Privacy inquiries: privacy@skenai.net · SKENAI, Inc. · Beta program data controller during preview.
Referenced standards & protocols
- EU General Data Protection Regulation (GDPR)
Lawful basis for processing, purpose limitation, data minimization, consent where required, and rights to access, rectification, erasure, and portability (Articles 5–7, 12–23).
- California Consumer Privacy Act / CPRA
Consumer rights to know what personal information is collected, request deletion, and opt out of sale or sharing of personal information where applicable.
- NIST Privacy Framework
Identify–Govern–Control–Communicate–Protect lifecycle for managing privacy risk in systems that process personal data.
- ISO/IEC 27701 (privacy extension to ISO 27001)
Privacy information management controls for organizations processing personally identifiable information.
- Knowledge base `share_consent`
Tenant KB content is included in network-wide aggregates and public SURFACE citations only when `share_consent` is explicitly true on the embedding row.
- Marketplace `network_surface_mention`
Completed marketplace jobs appear in verified public network briefs only when the tenant opts in via `network_surface_mention`, except platform settlement receipts (e.g. Citizen admission).
- SURFACE provenance manifest
Published network briefs store a provenance manifest with consent basis, owner span, and content hashes for audit binding.