How Pharaoh handles personal information and AI operations data.

1. Scope

This policy applies to Pharaoh's websites, applications, endpoint agent services, product documentation, support channels, demos, and related online services. It does not replace a signed customer agreement, data processing agreement, business associate agreement, order form, or similar written contract. If a written agreement with Pharaoh says something different about customer data, that agreement controls for that customer relationship.

2. Information we collect

We collect information in the following categories, depending on how you use Pharaoh.

• Account and business contact information: name, work email, company, role, authentication information, billing details, plan details, and administrator settings.
• Website and marketing information: pages visited, device and browser details, referral information, demo requests, form submissions, chat messages, and analytics events.
• Endpoint and fleet operations data: device identifiers, hostnames, operating system details, installed software, configuration state, health signals, security posture signals, logs, command results, remediation status, error reports, and other telemetry needed to monitor and operate enrolled endpoints.
• Customer content: tickets, knowledge base content, documentation, integration records, files, screenshots, logs, scripts, commands, prompts, responses, and other content that customers or users submit to Pharaoh or authorize Pharaoh to access.
• AI interaction data: prompts, retrieved context, model outputs, tool calls, agent plans, remediation recommendations, autonomous actions, approvals, denials, evaluation signals, usage metrics, model names, token counts, timestamps, and billing or cost attribution metadata.
• Integration data: information received from connected identity providers, ticketing systems, device management tools, security tools, cloud services, communication tools, and other systems you connect to Pharaoh.
• Support and communications: messages, attachments, call notes, feedback, bug reports, and operational records created when you contact us.

3. How we use information

We use information to provide and improve Pharaoh, including to:

• create accounts, authenticate users, administer workspaces, and provide customer support;
• monitor endpoint fleets, detect issues, investigate events, recommend repairs, and perform approved actions;
• power AI-assisted workflows, including reasoning, retrieval, summaries, remediation planning, and reporting;
• measure usage, enforce limits, calculate metered AI usage, prevent abuse, and process billing;
• secure Pharaoh, protect customers, detect fraud, debug errors, and maintain audit trails;
• improve reliability, product quality, user experience, documentation, and support operations;
• send service messages, security notices, product updates, and marketing communications where permitted; and
• comply with law, enforce agreements, and protect our rights, users, customers, and the public.

4. AI data commitments

Pharaoh is built for AI-assisted IT operations, so some customer data may be processed by AI systems to deliver the service. We make the following commitments unless a written customer agreement states otherwise:

• Pharaoh does not use customer content, endpoint telemetry, prompts, or model outputs to train third-party foundation models unless the customer has authorized that use in writing.
• Pharaoh may use de-identified, aggregated, or statistical information to understand service usage, improve product performance, estimate costs, detect abuse, and develop features.
• Pharaoh may use customer content to test, evaluate, tune, or improve Pharaoh-specific systems only when permitted by contract, requested by the customer, required for support, or reasonably necessary to secure, debug, or operate the service.
• When Pharaoh-managed AI access is used, prompts, retrieved context, files, outputs, and usage metadata may be sent to Pharaoh's AI providers and infrastructure subprocessors solely to provide the requested service.
• When a customer brings its own AI provider key, the customer's provider receives and processes the AI request under the customer's relationship with that provider. Pharaoh may still process usage metadata, logs, and outputs as needed to operate Pharaoh.
• AI outputs may be inaccurate or incomplete. Pharaoh records AI decisions, tool calls, approvals, and remediation activity to support review, auditing, safety controls, and incident investigation.

5. Google authentication data

If you sign in to Pharaoh using Google authentication, Pharaoh uses Google only to authenticate your account. We collect basic Google profile information provided through the sign-in flow, such as your name, email address, profile image, Google account identifier, authentication status, and related login metadata.

Pharaoh uses this Google authentication data to create and secure your account, identify you in the product, manage organization membership, maintain audit records, prevent abuse, and provide support. Pharaoh does not request access to Gmail, Google Drive, Google Calendar, Google Contacts, Google Chat, Google Meet, or other Google Workspace content for basic authentication.

Pharaoh does not sell Google user data, use Google user data for advertising, use Google user data to train generalized AI or machine learning models, or transfer Google user data except as needed to provide and secure Pharaoh, comply with law, or support a permitted business transfer. Pharaoh's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

We retain Google authentication data for as long as needed to provide the account, maintain security and audit records, comply with legal obligations, and resolve disputes. You can revoke Pharaoh's Google access through your Google Account settings, and you may request deletion of your Pharaoh account or associated personal information by contacting privacy@getpharaoh.com.

6. Cookies and analytics

We use cookies, local storage, and similar technologies to run the website, remember preferences, measure traffic, support chat and demo workflows, protect against abuse, and understand how people use Pharaoh. You can control cookies through your browser settings. Some site or product features may not work correctly if necessary cookies are disabled.

7. How we disclose information

We disclose information only as needed for legitimate business, product, security, and legal purposes.

• Service providers and subprocessors: hosting, storage, analytics, security, customer support, communications, payment processing, AI providers, and other vendors that help us operate Pharaoh.
• Customer administrators: workspace administrators may access user activity, endpoint data, AI usage, logs, approvals, and configuration information for their organization.
• Connected integrations: if a customer connects third-party systems, Pharaoh may send data to those systems as configured by the customer.
• Legal and safety recipients: regulators, courts, law enforcement, professional advisors, and other parties where disclosure is required or appropriate to protect rights, safety, security, and compliance.
• Business transfers: parties involved in a merger, acquisition, financing, reorganization, sale of assets, or similar corporate transaction.

We do not sell personal information in the ordinary sense of exchanging it for money. We also do not share customer content with advertising networks for cross-context behavioral advertising.

8. Security

Pharaoh uses administrative, technical, and organizational safeguards designed to protect information, including access controls, encryption in transit, encryption at rest where appropriate, monitoring, logging, and operational security practices. OAuth access tokens, refresh tokens, and similar credentials are protected using security controls designed for sensitive authentication material. No system is perfectly secure. Customers are responsible for configuring access, integrations, endpoint permissions, approval policies, and secrets management in a way that matches their risk requirements.

9. Retention

We keep information for as long as needed to provide Pharaoh, comply with agreements, maintain security and audit records, resolve disputes, enforce terms, meet legal obligations, and support legitimate business needs. Customer-controlled content may be deleted or exported according to product settings, written agreements, and applicable law. Backup, archive, security, and billing records may persist for a limited period after deletion.

10. International processing

Pharaoh may process information in the United States, Canada, and other countries where Pharaoh or its service providers operate. These countries may have data protection laws that differ from the laws where you live. Where required, Pharaoh uses appropriate contractual, organizational, and technical safeguards for cross-border processing.

11. Your privacy rights

Depending on where you live, you may have rights to request access, correction, deletion, portability, restriction, objection, withdrawal of consent, or information about how we process your personal information. California residents may also have rights to know, delete, correct, opt out of sale or sharing, limit certain uses of sensitive personal information, and be free from discrimination for exercising privacy rights.

To exercise rights, contact us using the details below. We may need to verify your identity and may direct enterprise users to their organization if Pharaoh processes the relevant data on behalf of a customer.

12. Children's privacy

Pharaoh is intended for business use and is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided personal information to Pharaoh, contact us so we can take appropriate action.

13. Changes to this policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a revised date. If changes are material, we will provide notice as required by law or contract.

14. Contact

To contact Pharaoh about privacy, data protection, or this policy, email privacy@getpharaoh.com or write to Pharaoh, San Francisco, California, United States.