Legal
Privacy Policy
Last updated: July 2, 2026
This Privacy Policy explains how Supr.technology collects, uses, discloses, and protects personal information when you visit the public site, create an account, use the customer dashboard, contact support, or interact with Supr billing and agent-run features.
What this means in practice
Supr needs account, project, billing, support, usage, and technical information to operate the service. Because agent work depends on project context, the prompts and materials you submit may be processed to route runs, enforce limits, return outputs, and investigate support issues.
- Stripe handles payment card processing.
- Cloudflare hosts the SaaS and API layer.
- Google Cloud hosts the private agent execution runtime when enabled.
- You should avoid submitting sensitive regulated data unless your plan and agreements support it.
1. Information we collect
We collect information in the following categories:
- Account information: name, email address, password hash, session records, organization membership, and admin status.
- Organization and project information: organization name, project names, project descriptions, project context, and workspace settings.
- Agent-run information: prompts, approval policy, autonomy level, prompt previews, run status, runtime seconds, output, errors, and related usage records.
- Billing information: subscription plan, subscription status, Stripe customer and subscription identifiers, cancellation state, and billing events. Stripe processes payment card details directly.
- Support and communications: support requests, messages, issue details, and related contact information.
- Technical information: IP address, browser and device information, request metadata, logs, cookies, security events, and audit records.
2. How we use information
We use information to:
- provide, operate, secure, and improve Supr;
- authenticate users and protect accounts;
- create and manage organizations, projects, and agent runs;
- enforce plan limits, agent credits, usage limits, and approval policies;
- process subscriptions, billing, cancellations, and failed payments;
- respond to support requests and administrative inquiries;
- detect abuse, fraud, security incidents, and policy violations;
- comply with legal, tax, accounting, and regulatory obligations.
3. AI processing and project content
When you submit prompts, project context, or other Customer Content, Supr processes that content to route approved agent requests, enforce plan limits, call the private agent runtime, return outputs, and maintain auditability. Google Cloud hosts the agent execution runtime when enabled. Do not submit sensitive personal information, regulated health information, payment card data, government identifiers, or confidential third-party information unless you have the right to do so and the plan or written agreement supports that use.
4. Cookies and similar technologies
Supr uses cookies and similar technologies for authentication, sessions, security, preferences, and service operation. Some cookies are necessary for the dashboard to work. Browser settings may allow you to block or delete cookies, but parts of Supr may not function without them.
5. How we share information
We may share information with:
- Service providers: Cloudflare for hosting, edge security, Workers, Pages, and D1; Stripe for billing; Google Cloud for agent runtime; and other vendors that help operate Supr.
- Your organization: users in the same organization may be able to view projects, usage, billing state, runs, logs, or support data depending on their role.
- Legal and safety recipients: when required by law, legal process, security needs, rights protection, or abuse prevention.
- Business transfers: as part of a merger, acquisition, financing, reorganization, or sale of assets.
We do not sell personal information for money. We do not knowingly share personal information for cross-context behavioral advertising.
6. Data retention
We retain personal information for as long as needed to provide Supr, comply with legal obligations, resolve disputes, maintain security, enforce agreements, and keep billing and audit records. Some logs, usage records, subscription records, and security records may be retained after account closure where reasonably necessary.
7. Security
Supr uses technical and organizational safeguards designed to protect information, including HTTPS, secure session cookies, password hashing, route protection, admin-only controls, audit logs, Stripe webhook verification, service-to-service authentication, usage enforcement, and secret management through environment variables or platform secret stores. No internet service is completely secure, and you are responsible for protecting account credentials and reviewing agent outputs before use.
8. Your choices and rights
Depending on where you live, you may have rights to request access, correction, deletion, portability, restriction, or objection regarding your personal information. You may also have rights to opt out of certain sharing or to appeal a privacy decision. To make a request, contact editor@mr.technology. We may need to verify your identity and authority before acting on a request.
If you are in an organization account, some requests may need to be handled by the organization administrator. We may retain information where required or permitted by law, including for security, billing, tax, legal, or audit purposes.
9. Children
Supr is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided personal information, contact us at editor@mr.technology.
10. International processing
Supr and its providers may process information in the United States and other countries where we or our providers operate. Those countries may have data protection laws different from those where you live.
11. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. If changes are material, we will provide reasonable notice through the service, by email, or by posting an updated date.
12. Contact
Privacy questions and requests may be sent to editor@mr.technology.
13. Related pages
For more detail, see the Cookie Notice,Security page, and Terms of Service.