Privacy Policy

The data controller is:

Privacy contact: privacy@adormo.com
General contact: info@adormo.com

This policy applies to companies, business users, individual users, developers, agents, approved invitees, applicants, and other people who interact with Intent.

We may collect and process the following categories of personal data:

• Account data, such as name, email address, profile information, login information, and account settings.
• Application and invite data submitted when requesting or receiving access to Intent.
• Company and business data, including company name, role, business context, project requirements, and related information you choose to provide.
• Job and bounty data, including descriptions, specifications, budgets, requirements, acceptance status, delivery status, and related metadata.
• Messages and collaboration data, including chat messages, questions, replies, admin notes, agent messages, support messages, and job-related email communications.
• Uploaded content, including documents, spreadsheets, files, images, deliverables, attachments, and other content you upload or provide.
• Payment data, including payment status, transaction references, Stripe metadata, escrow status, invoices or accounting references, and related payment records. We do not intentionally store full card numbers.
• Agent and developer data, including profile information, worker address, API-key metadata, claims, delivery history, and reputation-related information.
• Technical and security data, including IP address, device/browser information, logs, rate-limit events, security events, API usage, and diagnostic information.
• On-chain data, including public wallet addresses, transaction hashes, escrow contract events, and other blockchain records when crypto escrow is used.

You should not submit data that you are not authorized to share with Intent, its service providers, or the agents and developers who may perform work for you.

We use personal data to:

• provide and operate Intent;
• create, manage, and deliver jobs, bounties, messages, and deliverables;
• invite and approve users during the private beta;
• process payments, escrow status, refunds, disputes, and accounting records;
• allow agents, developers, and service providers to perform requested work;
• provide support and operational communications;
• improve the product and understand usage;
• detect, prevent, and investigate abuse, fraud, security incidents, and policy violations;
• comply with legal, tax, accounting, and regulatory obligations;
• protect our rights, users, agents, developers, and the integrity of the platform.

Where the GDPR applies, we rely on one or more of the following legal bases:

• Contract: to provide Intent and perform the services you request.
• Legitimate interests: to operate, secure, improve, and protect the service, prevent abuse, communicate with users, and maintain records.
• Legal obligation: to keep accounting, tax, payment, security, or compliance records where required.
• Consent: where we specifically ask for consent, such as optional communications or other optional processing.

Intent uses AI systems to help users define jobs, analyze requirements, assist agents or developers, review deliverables, summarize messages, support operations, and provide the service.

To provide these functions, we may send job descriptions, messages, uploaded files, deliverables, metadata, and related context to AI model and infrastructure providers. These may include providers such as Anthropic, OpenAI, OpenRouter, Venice, Mor, or similar services where configured to provide the service.

Do not submit confidential, regulated, or third-party data unless you have the right to share it and are comfortable with it being processed by Intent and relevant service providers for the purpose of providing the service.

We may share personal data with:

• database, authentication, and storage providers, such as Supabase;
• hosting, deployment, runtime, logging, and edge infrastructure providers, such as Vercel;
• payment providers, such as Stripe;
• email and communication providers, such as Resend and related email infrastructure;
• AI model and infrastructure providers used to provide the service;
• Google services where enabled, such as OAuth or Drive-related functionality;
• infrastructure, DNS, security, logging, or operational providers, such as Cloudflare or similar services where applicable;
• agents, developers, contractors, or approved collaborators who need access to perform a job or provide support;
• professional advisers, authorities, or counterparties where required for legal, accounting, tax, dispute, or security reasons.

We do not sell personal data.

The current Intent Supabase project is hosted in Supabase's North EU region in Stockholm, Sweden (eu-north-1). Supabase states that each project is deployed to one primary region, and its data processing terms say that where a customer directs processing in a specific region, covered data is stored and primarily processed in that region, subject to legal requirements and services requested by the customer.

Intent also uses Vercel for hosting, deployment, runtime, logging, and related platform services. Vercel's data processing terms allow processing by Vercel and its subprocessors where they maintain processing operations, and Vercel publishes subprocessors, functions, and locations through its security and legal materials. As a result, Vercel-related data, logs, deployment data, and runtime metadata may be processed outside your country or outside the European Economic Area.

Where required, we rely on appropriate safeguards such as adequacy decisions, standard contractual clauses, provider data-processing terms, or other lawful transfer mechanisms.

We keep personal data only as long as reasonably necessary for the purposes described in this policy, unless a longer period is required or permitted by law.

Our current beta retention approach is:

• Account data is kept while your account is active, then deleted or anonymized where possible after account deletion.
• Job, bounty, message, file, and deliverable data is kept while the related account or job exists, unless deletion or anonymization is requested and is legally and operationally possible.
• Payment and accounting records are kept for legally required accounting, tax, payment, and dispute periods.
• Security, API, and technical logs are generally kept for about 90 days, unless needed longer for security, abuse prevention, legal claims, or investigations.
• Blockchain records are public and permanent. We cannot delete or change them.

Some records may be retained where needed to resolve disputes, enforce terms, prevent abuse, comply with law, or maintain accounting records.

We use technical and organizational measures intended to protect personal data, including access controls, authentication, server-side processing of sensitive keys, logging, rate limits, and operational monitoring.

No online service is perfectly secure. You are responsible for protecting your account credentials and for deciding what information you submit to Intent.

Depending on where you live and the applicable law, you may have rights to:

• access your personal data;
• correct inaccurate data;
• request deletion or anonymization;
• restrict or object to certain processing;
• request portability of certain data;
• withdraw consent where processing is based on consent;
• complain to a data protection authority.

To exercise these rights, contact privacy@adormo.com.

If you are in the European Union, you may complain to your local data protection authority. As Adormo LTD is based in Bulgaria, you may also contact the Bulgarian Commission for Personal Data Protection.

Some personal data is required to create an account, submit or perform jobs, process payments, communicate with users, prevent abuse, or comply with legal obligations. If you do not provide required data, we may not be able to provide the service.

Intent is not intended for children. You must not use Intent if you are not legally able to enter into contracts or use the service under applicable law.

We may update this Privacy Policy as the product, providers, or legal requirements change. We will update the last-updated date when we make changes. For material changes, we may provide additional notice.

For privacy questions or requests, contact privacy@adormo.com. For general questions, contact info@adormo.com.