scifi scifi
Features How it works Log in Sign up
Legal

Privacy Policy

Effective date: 9 May 2026  ·  Last updated: 9 May 2026

scifi ("we", "us", or "our") is committed to protecting your personal information. This Privacy Policy explains what data we collect, how we use it, and your rights in relation to it when you use the scifi platform and related services (collectively, the "Service").

1. Information We Collect

1.1 Account & Profile Data

When you register for scifi you provide us with your name, email address, and organisation details. We store this information to authenticate you and associate your work with the correct workspace.

1.2 Conversation & Message Data

All messages you send to and receive from the AI, as well as conversations you create, are stored in our database so you can access your history and so the AI can maintain context across sessions. You can delete individual conversations at any time from your dashboard.

1.3 Files & Attachments

When you upload files (PDFs, DOCX, spreadsheets, images, etc.) the content is extracted and temporarily held in memory for the duration of the AI request. Generated files created by the AI (e.g. exported PDFs) are stored in our servers and accessible only to you.

1.4 Integration & OAuth Data

If you connect third-party services (Google Workspace, GitHub, Basecamp, WhatsApp, etc.) we store the OAuth access tokens and refresh tokens needed to act on your behalf. We never store your third-party passwords. Token data is encrypted at rest.

1.5 Usage & Technical Data

We collect standard server logs including IP addresses, browser user-agents, request timestamps, and AI token-usage counts. This data is used to operate, secure, and improve the Service.

1.6 WhatsApp Data

If you link a WhatsApp account, we store chat history, contact lists, and message receipts in our database so the AI can read your WhatsApp context on your behalf. This data belongs to you and can be disconnected at any time.

2. How We Use Your Information

  • Providing the Service — authenticating you, running AI inference on your queries, and fulfilling tool actions (e.g. sending a calendar invite) you explicitly request.
  • Improving the Service — aggregated, anonymised usage metrics help us understand which features matter most. We do not use your conversation content to train AI models without your explicit consent.
  • Security & Fraud Prevention — detecting abuse, rate-limiting, and protecting user accounts.
  • Communications — sending transactional emails (invitations, password resets). We will not send marketing emails without your opt-in.
  • Legal Compliance — meeting obligations under applicable law.

3. AI Processing & Third-Party Providers

scifi routes your messages to one or more AI inference providers (Anthropic, OpenAI, DeepSeek, Ollama) depending on your selected model. When you send a message, your content — including any uploaded files — is transmitted to the relevant provider under their own terms of service. We recommend reviewing the privacy policies of providers you use. We do not control how those providers process data once it reaches them.

scifi additionally uses an MCP Bridge service to execute tool actions (e.g. running Python sandboxed code). Tool inputs and outputs pass through this bridge.

4. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it by law. Backup copies may persist for up to 90 days before being purged.

5. Sharing & Disclosure

We do not sell your personal data. We share it only in the following circumstances:

  • With your organisation — organisation admins can see member lists and usage statistics but cannot access individual conversation content.
  • Service providers — cloud hosting, database, and analytics vendors who process data on our behalf under strict data-processing agreements.
  • Legal requirements — if required by law, court order, or governmental authority.
  • Business transfers — in the event of a merger or acquisition, your data may be transferred subject to the same privacy protections.

6. Security

We use industry-standard measures including TLS in transit, encryption at rest for sensitive credentials, hashed passwords, and short-lived session tokens. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access a copy of the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your data ("right to be forgotten").
  • Object to or restrict certain processing.
  • Data portability — receive your conversation history in a machine-readable format.

To exercise any of these rights, contact us at privacy@scifi.app.

8. Cookies

We use strictly necessary session cookies to keep you logged in and a CSRF cookie to protect form submissions. We do not use advertising or tracking cookies.

9. Children's Privacy

The Service is not directed at anyone under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with data, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on the dashboard. Continued use of the Service after a change constitutes acceptance of the updated policy.

11. Contact

For privacy-related enquiries, please email privacy@scifi.app.

Home Terms & Conditions Privacy Policy