KnowloomKnowloom
Sign InGet Started

Privacy Policy

Last updated: February 23, 2026

Knowloom ("we", "us", "our") is operated by Orris Tech. This policy explains how we collect, use, and protect your information when you use our AI Knowledge OS service.

1. Information We Collect

Account data: Email address, name, and authentication credentials when you sign up.

Connected source data: When you install our GitHub App or connect Slack, Linear, Jira, or other services, we index content from those sources to power AI-driven answers. This includes code, issues, messages, and documents you explicitly grant access to.

Usage data: Queries you submit, feature usage, and basic analytics (page views, session duration) to improve the product.

Technical data: IP address, browser type, and device information collected automatically via server logs.

2. How We Use Your Data

  • To provide AI-powered answers based on your connected sources
  • To maintain and improve the service
  • To communicate account-related updates
  • To enforce our Terms of Service

3. Data We Do NOT Use

  • We do not use your data to train AI models
  • We do not sell or share your data with third parties for advertising
  • We do not access repositories, channels, or workspaces you have not explicitly connected

4. Third-Party Services

We use the following third-party services to operate Knowloom:

  • Supabase — Database, authentication, and storage
  • Anthropic (Claude API) — AI language model for generating answers
  • Vercel — Application hosting and deployment

Each provider processes data under their own privacy policies and is bound by data processing agreements.

5. Atlassian (Jira) Data Handling

When you connect a Jira workspace via OAuth, Knowloom accesses and stores the following data from your Jira Cloud instance:

  • Issue content: Issue summaries, descriptions, statuses, priorities, labels, and issue types from the projects you explicitly select.
  • User information: Display names and Atlassian account IDs of issue assignees and comment authors. These are stored to attribute content within your knowledge base.
  • Comments: The most recent comments on each issue (up to 5 per issue) to provide conversational context.

What we do NOT access: We do not access attachments, worklogs, Jira admin settings, billing information, or any projects you have not explicitly connected.

Atlassian account ID tracking: As required by Atlassian's User Privacy guidelines, we track Atlassian account IDs found in your data and periodically report them to Atlassian. This allows Atlassian to notify us when a user closes or updates their account, at which point we automatically re-sync to reflect the changes (Jira returns anonymized data for closed accounts).

Retention and deletion: Disconnecting a Jira source immediately deletes all indexed Jira data, including stored account IDs. Each sync cycle replaces all previously stored data with a fresh copy from Jira — we do not retain historical snapshots.

OAuth tokens: Jira OAuth access and refresh tokens are encrypted at rest (AES-256) and are only used to fetch data from your authorized Jira instance. Tokens are automatically revoked when you disconnect the source.

6. Data Security

All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Access to production systems is restricted to authorized personnel with multi-factor authentication. We perform regular security reviews and dependency audits.

7. Data Retention & Deletion

You can disconnect any source at any time from Settings, which removes all indexed data from that source. When you delete your account, all associated data is permanently deleted within 30 days.

8. Your Rights

You have the right to access, correct, export, or delete your personal data. To exercise these rights, contact us at support@knowloom.ai.

9. Changes

We may update this policy from time to time. Material changes will be communicated via email or in-app notification at least 14 days in advance.

10. Contact

For privacy questions, contact support@knowloom.ai.