Privacy Policy
Last updated: May 20, 2026. This policy outlines how Tomris Cloud handles your data.
Zero Data Retention
Agent reasoning logs are processed on demand. We do not store raw prompt details once your sandbox worker completes execution.
Encrypted Vaults
All database credentials, API tokens, and webhook variables are encrypted at rest using isolated client keys (AES-256).
Compliance Driven
Designed to satisfy GDPR and SOC 2 Type II controls, providing strict data routing logs for enterprise audit needs.
01. Information We Collect
To provide the Tomris Cloud experience, we collect basic account credentials (name, email, organization details) and infrastructure data (telemetry logs, connector statuses, resource CPU/RAM utilization).
We do not collect or inspect data flowing through your databases or custom connectors, except when displaying live debug telemetry to you inside your organization console dashboard.
02. Encryption & Vault Security
Credentials and access keys used to configure database tunnels, Slack notifications, or HubSpot API integrations are immediately processed through an encrypted storage layer. The encryption key is isolated per tenant organization, ensuring no cross-exposure is possible even in cluster environments.
03. Data Sharing & Compliance
Tomris Cloud operates under strict multi-tenant restrictions. We do not sell, share, or lease customer data. Third-party integrations are purely directed by organizational owners who associate credentials and configure active agent flows.
04. Your Choices & Rights
You can delete your organization metrics, wipe your credential vaults, and shut down serverless agent nodes at any time directly through the dashboard workspace.