MultiO
Start free

Privacy Policy

Effective April 25, 2026

What we promise

  • We do not train any AI model on your chats, files, or metadata.
  • When you delete your account, we delete your data within 30 days (modulo backups, which roll over within 90 days).
  • We never sell your data to advertisers, brokers, or third parties.

Data we collect

  • Account info — email, display name, and OAuth identifiers (if you sign in with Google, GitHub, etc.).
  • Conversations — chats, attachments, generated images, and the model you selected.
  • Usage metrics — tokens consumed per model, request counts, error rates. We use these for billing and service health.
  • Payment info — handled by Dodo Payments. We store an opaque customer ID and a charge history; we do not store card numbers.
  • Technical logs — IP address, user-agent, and request timestamps for security and abuse prevention. Retained for 30 days.

How we use it

  • To provide the service — route your prompts, store history.
  • To improve the product, using aggregated, de-identified metrics only (e.g. "Claude Sonnet had a 0.4% error rate this week").
  • To troubleshoot bugs and support your account when you ask us to.
  • To prevent abuse — automated systems flag obvious policy violations; humans review when needed.
  • To bill you for the plan or token packs you purchased.

Sharing

We share data only with the providers we need to run Multio:

  • AI providers — when you send a message to a model, the prompt and any selected context are forwarded to that model's provider (OpenAI, Anthropic, Google, xAI, Mistral, DeepSeek, Meta, Qwen, and additional models added over time via our gateway, OpenRouter) for inference. We require providers to honor zero-retention or no-training settings where offered. Some providers may retain prompts and outputs for short periods for safety and abuse monitoring under their own policies.
  • Payments — Dodo Payments processes charges, subscriptions, and refunds.
  • Infrastructure — Vercel (application hosting), MongoDB Atlas (primary database), Upstash (Redis cache and rate limiting), Cloudflare R2 (file and attachment storage), Transloadit (file processing), Resend (transactional email), PostHog (product analytics), and Sentry (error monitoring). Each operates under contractual data-protection terms.

This list will change as Multio grows. When it does, the effective date at the top of this page is bumped.

We don't sell your data. We don't hand it to ad networks. The only times we'll release data outside the providers above are: a court order or other valid legal demand we're required to honor; an emergency where releasing it helps stop fraud, abuse, or harm to someone; or a sale of the business — and in that last case, whoever buys Multio inherits this same policy.

If you're in the EU or UK

GDPR asks us to name a reason for handling your data. Ours: we need to do it to deliver the service you signed up for, to keep the service safe and running, to follow the law, or — for things like analytics or marketing emails — because you said yes. If our reason is "legitimate interest," you can object and we'll weigh it.

AI responses and automated decisions

Multio's core function is to send your prompts to AI models and return their responses. In our view, these AI-generated responses are not "automated decisions" with legal or similarly significant effects on you — they are tools you choose to use, and you remain in control of whether and how to act on any output. If you believe a specific use of Multio raises concerns under data-protection laws that govern automated decision-making, contact us and we will engage with you on a case-by-case basis.

Security

Data is encrypted in transit. Storage we control is encrypted at rest. Access is logged and limited to staff who need it. We run automated checks for suspicious activity. No system is bulletproof, so use a strong password, don't reuse it elsewhere, and enable any extra security options we ship.

If we become aware of a security incident that we reasonably believe affects your personal data, we will notify affected users where required by applicable law and within the timelines those laws set. The exact notification, channel, and timing will depend on the nature of the incident and the jurisdictions involved.

Your data, your choices

  • View, edit, or delete individual chats from the app.
  • Delete your account from settings — this erases your chats, attachments, and account data within 30 days.
  • Request an export of your data by emailing legal@multio.chat. We'll respond within 30 days.
  • EU/UK/California residents have additional rights (access, rectification, portability, erasure). Email us to exercise them.

Retention

Chats and attachments stay until you delete them or close your account — you control retention. Backups are rotated within 90 days, so deleted content disappears from backups on that timeline. Billing records are kept for 7 years to satisfy tax and accounting obligations.

Cookies

We use a small number of cookies for authentication and analytics. Details are in our Cookies Policy. We do not use advertising or cross-site tracking cookies.

International transfers

Multio is operated globally. Your data may be processed in the US, EU, or other regions where our infrastructure or AI providers operate. Where required, we rely on Standard Contractual Clauses (or equivalent) for cross-border transfers.

Children

Multio is for users 18 and older. We don't knowingly collect data from anyone under 18. If you believe a child has signed up, email us and we'll delete the account.

Changes

We may update this policy as Multio evolves. Material changes will be announced by email or in-app at least 14 days before they take effect.

Contact

Multio is run by a small team. We're still early — not yet formally incorporated — and we'll update this page with our registered details as soon as that's done. Until then, the team behind Multio decides how your data is handled. Privacy questions, data requests, or anything that worries you — email legal@multio.chat.