preloader
CalliopeAI
See It in Action
About
About Calliope Developer Resources Team Careers
Pricing Blog Contact Log In Download

Privacy Policy for Calliope AI Workbench

1. Introduction

This Privacy Policy (“Policy”) describes how Calliope Labs Inc, operating under the product name “Calliope AI” (“Calliope AI,” “we,” “us,” or “our”), collects, uses, shares, and protects information about you when you use our websites, applications, and services (collectively, the “Services”).

By using the Services, you consent to the collection, use, and sharing of your information as described in this Policy. If you do not agree with this Policy, please do not use the Services.

This Policy applies to:

  • Our websites at calliope.ai and related domains
  • JunoHub hosted development environments
  • APIs and integrations
  • Any other services we provide

2. Information We Collect

2.1 Information You Provide

Account Information: When you create an account, we collect:

  • Name
  • Email address
  • Organization name (if applicable)
  • Password (stored securely using industry-standard hashing)

Payment Information: When you purchase a subscription, we collect:

  • Billing address
  • Payment method details (processed by our payment processor, Stripe)

Content and Data: When you use the Services, we collect:

  • Code, files, and content you upload or create
  • Prompts and queries you submit to AI models
  • Comments, feedback, and communications

Communications: When you contact us, we collect:

  • Email correspondence
  • Support tickets and requests
  • Survey responses

2.2 Information Collected Automatically

Usage Data: We automatically collect information about how you use the Services:

  • Pages viewed and features used
  • Time spent on pages
  • Clicks and navigation patterns
  • Search queries within the Services

Device and Technical Information: We collect information about your device and connection:

  • IP address
  • Browser type and version
  • Operating system
  • Device identifiers
  • Screen resolution

Cookies and Similar Technologies: We use cookies, web beacons, and similar technologies to collect information. See our Cookie Policy for details.

Log Data: Our servers automatically record:

  • Access times and dates
  • Referring URLs
  • Error logs and crash reports

2.3 Information from Third Parties

Authentication Providers: If you sign in using a third-party service (Google, GitHub, etc.), we receive information from that service as authorized by you.

Analytics Providers: We receive aggregated analytics data from third-party analytics services.

3. How We Use Information

We use the information we collect for the following purposes:

3.1 Providing and Improving Services

  • Operate, maintain, and provide the Services
  • Process transactions and send related information
  • Personalize your experience
  • Develop new features and improvements
  • Analyze usage patterns and trends

3.2 Communications

  • Send service-related announcements and updates
  • Respond to your inquiries and support requests
  • Send marketing communications (with your consent)

3.3 Security and Fraud Prevention

  • Detect, prevent, and respond to security incidents
  • Protect against fraud, abuse, and unauthorized access
  • Enforce our Terms of Service and Acceptable Use Policy
  • Comply with applicable laws and regulations
  • Respond to legal requests and subpoenas
  • Protect our legal rights and interests

We may use your information for other purposes with your explicit consent.

4. AI Model Provider Data Sharing

Important: When you use AI features in the Services, your prompts, code, and related data may be transmitted to third-party AI model providers.

4.1 What Data is Shared

When you interact with AI models through the Services, the following may be transmitted to Third-Party Model Providers:

  • Prompts and queries you submit
  • Code and content included in your requests
  • Conversation context necessary for the AI to respond
  • Technical metadata (timestamps, request identifiers)

4.2 How Model Providers Use Data

Each AI model provider has its own data practices. Generally:

  • For API Services: Most providers do not use API customer data to train their models by default
  • Retention Periods: Providers may retain data for limited periods (typically 7-30 days) for abuse monitoring
  • Zero Data Retention: Some providers offer zero data retention options for enterprise customers

4.3 Provider-Specific Information

Provider Default Training Retention Zero Retention Available
OpenAI No (API) 30 days Yes
Anthropic No 7 days Yes
Google (Gemini) No (API) 55 days Enterprise only
Microsoft Azure No 30 days Yes
Cohere No (enterprise) 30 days Yes
TogetherAI No Minimal Yes
AI21 Labs Perpetual license Varies No
AWS Bedrock No Variable Yes

Please review our Subprocessor List and each provider’s privacy policy for complete information.

4.4 Your Choices

  • Do not include sensitive personal data in AI prompts unless necessary
  • Review the privacy policies of AI providers before use
  • Contact us about enterprise options with enhanced privacy controls

5. Other Third-Party Sharing

We share information with third parties in the following circumstances:

5.1 Service Providers

We share information with service providers who perform services on our behalf:

  • Cloud Infrastructure: Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure
  • Payment Processing: Stripe (see Section 5.6 below)
  • Banking Services: Mercury (see Section 5.6 below)
  • Authentication: Auth0
  • Email Services: Postmark, SendGrid
  • Error Tracking: Sentry
  • Analytics: Mixpanel, Google Analytics

See our Subprocessor List for a complete list.

We may disclose information if required by law or if we believe disclosure is necessary to:

  • Comply with legal process or government requests
  • Enforce our Terms of Service
  • Protect the rights, property, or safety of Calliope AI, our users, or others
  • Detect and prevent fraud or security issues

5.3 Business Transfers

If Calliope AI is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

We may share your information with third parties when you give us explicit consent to do so.

5.5 We Do Not Sell Personal Information

Calliope AI does not sell your personal information to third parties.

5.6 Payment Processing & Banking

Credit Card Processing: When you make a payment, your credit card information is transmitted directly to Stripe, our payment processor. Calliope AI does not store, process, or have access to your full credit card number. Stripe is PCI DSS Level 1 certified and handles all credit card data in compliance with payment card industry standards. For more information, see Stripe’s Privacy Policy .

Banking Services: Calliope AI uses Mercury for business banking services. Mercury is a financial technology company, not a bank. Banking services are provided by Choice Financial Group and Evolve Bank & Trust, Members FDIC. Your payments to Calliope AI are deposited into accounts held at these FDIC-insured institutions.

Payment Data Shared with Stripe:

  • Credit/debit card number (encrypted, not accessible to Calliope AI)
  • Card expiration date and CVV (encrypted, not accessible to Calliope AI)
  • Billing name and address
  • Email address
  • Transaction amount and description

6. Data Retention

We retain your information for as long as necessary to provide the Services and fulfill the purposes described in this Policy:

Data Type Retention Period
Account information Duration of account + 30 days
Workspace/project data Customer controlled; deleted upon account termination + export window
Server logs 90 days
Backups 30-day rolling retention
Payment records 7 years (legal requirement)
Support communications 3 years

After the retention period, data is securely deleted or anonymized.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

7.1 Access

You have the right to request a copy of the personal information we hold about you.

7.2 Correction

You have the right to request correction of inaccurate or incomplete personal information.

7.3 Deletion

You have the right to request deletion of your personal information, subject to certain exceptions (legal requirements, fraud prevention, etc.).

7.4 Portability

You have the right to receive your personal information in a structured, machine-readable format.

7.5 Restriction

You have the right to request that we restrict processing of your personal information in certain circumstances.

7.6 Objection

You have the right to object to processing of your personal information for certain purposes.

7.7 Exercising Your Rights

To exercise these rights, please contact us at privacy@calliope.ai . We will respond within 30 days.

We may need to verify your identity before processing your request. If we cannot fulfill your request, we will explain why.

8. International Transfers

8.1 Data Location

Your information is processed and stored primarily in the United States. By using the Services, you consent to the transfer of your information to the United States and other countries where we or our service providers operate.

8.2 EU/EEA Data Transfers

For transfers of personal data from the European Economic Area (EEA), United Kingdom, or Switzerland to the United States, we rely on:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Additional supplementary measures as appropriate

8.3 EU Region Option

Enterprise customers may request data residency in the European Union. Contact sales@calliope.ai for details.

9. Security

We implement reasonable technical and organizational measures to protect your information:

9.1 Technical Measures

  • Encryption in transit (TLS 1.3)
  • Encryption at rest (AES-256)
  • Secure credential storage
  • Network security and firewalls
  • Regular security assessments

9.2 Organizational Measures

  • Employee access controls and training
  • Incident response procedures
  • Vendor security assessments
  • Regular policy reviews

9.3 Your Responsibilities

You are responsible for:

  • Maintaining the security of your account credentials
  • Using strong, unique passwords
  • Reporting any suspected security incidents to security@calliope.ai

9.4 Limitations

No method of transmission or storage is completely secure. While we strive to protect your information, we cannot guarantee absolute security.

10. California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA).

10.1 Categories of Personal Information

In the past 12 months, we have collected the following categories of personal information:

Category Examples Collected
Identifiers Name, email, IP address Yes
Customer records Payment information, address Yes
Commercial information Purchase history, subscriptions Yes
Internet activity Usage data, browsing history Yes
Geolocation General location from IP Yes
Professional information Job title, company Yes
Inferences Usage patterns, preferences Yes

10.2 Sources of Personal Information

  • Directly from you
  • Automatically through your use of the Services
  • From third-party authentication providers

10.3 Use of Personal Information

We use personal information for the business purposes described in Section 3.

10.4 Sharing of Personal Information

We share personal information with service providers as described in Section 5. We do not sell personal information.

10.5 Your California Rights

  • Right to Know: Request what personal information we collect, use, and share
  • Right to Delete: Request deletion of your personal information
  • Right to Correct: Request correction of inaccurate information
  • Right to Opt-Out: Opt out of the sale or sharing of personal information (we do not sell)
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

10.6 Exercising Your Rights

California residents can submit requests by contacting privacy@calliope.ai .

We will verify your identity using the email address associated with your account. You may designate an authorized agent to make requests on your behalf.

10.7 Opt Out of Sharing

To opt out of the sharing of your personal information for cross-context behavioral advertising, visit our Your Privacy Choices page or email privacy@calliope.ai with the subject line “CPRA Opt-Out Request.”

We also honor Global Privacy Control (GPC) browser signals automatically. If your browser sends a GPC signal, we will not load advertising or analytics trackers (Google Analytics, LinkedIn Insight, Microsoft Clarity, HubSpot) for your session, and we will treat the signal as a valid CPRA opt-out request for the duration of that browser context.

You may also exercise this choice at any time through the Cookie Preferences link in the footer of every page, which re-opens our consent banner and lets you disable the Analytics and Advertising categories.

10.8 Financial Incentive Notice

We do not offer financial incentives in exchange for personal information.

11. EU/EEA Residents (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the following additional provisions apply:

11.1 Data Controller

Calliope Labs Inc is the data controller for personal data collected through the Services.

We process your personal data based on the following legal bases:

Purpose Legal Basis
Providing Services Performance of contract
Account management Performance of contract
Security and fraud prevention Legitimate interests
Marketing (with consent) Consent
Legal compliance Legal obligation
Analytics and improvement Legitimate interests

11.3 Data Subject Rights

Under GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Erase your data (“right to be forgotten”)
  • Restrict processing
  • Data portability
  • Object to processing
  • Withdraw consent
  • Lodge a complaint with a supervisory authority

11.4 Data Processing Agreement

Customers who require a Data Processing Agreement (DPA) for GDPR compliance can request one at legal@calliope.ai or access it at calliope.ai/dpa .

11.5 Supervisory Authority

If you believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection supervisory authority.

12. Children’s Privacy

The Services are not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18.

If we learn that we have collected personal information from a child under 18, we will take steps to delete that information promptly. If you believe we have collected information from a child under 18, please contact us at privacy@calliope.ai .

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

  • Post the updated Policy with a new “Last Updated” date
  • Notify you by email or through the Services
  • Obtain your consent if required by law

Your continued use of the Services after the changes take effect constitutes acceptance of the updated Policy.

14. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Privacy Inquiries Email: privacy@calliope.ai

Data Protection Officer (for EU inquiries) Email: dpo@calliope.ai

Mailing Address Calliope Labs Inc 80 SW 8th St, Ste 2000 Miami, FL 33130

© 2026 Calliope Labs Inc. All rights reserved.

This Privacy Policy was last updated on May 23, 2026.

Calliope Labs Inc (c) 2026 All Rights Reserved. Powered by CONFLICT