mobius

How it worksPricingDocsAboutRequest access
Request access
Legal

Privacy Policy

Your privacy and data security are fundamental to how we build Mobius.

Last Updated: April 20, 2026

Mobius (“Mobius,” “our,” “us,” and “we”) knows that you care about how we collect, use, and share information when you interact with our work coordination platform and services (our “Services”), and we value the trust you place in us.

This Privacy Policy explains how we collect and use your information, what information we may share with others and under what circumstances, your choices regarding our collection, use, and sharing practices, and details regarding our use of third-party services and tracking technologies.

Information we process through our Services

Mobius is designed to coordinate work across mixed teams of humans, systems, and AI agents. To provide the Services, we process information that you, your organization, your workers, and end users submit — such as automation definitions, run inputs and outputs, worker heartbeats, and messages exchanged during a run. We handle this information in accordance with your organization's instructions and these policies.

How and what information we collect

Information you provide to us

We may collect and store the following categories of personal information when you interact with our Services:

  • Contact information: your name and email address.
  • Professional information: your organization name, role, and other work-related details.
  • Account information: your account preferences, subscription details, and authentication information.
  • Automation and worker configuration: automation definitions, trigger and webhook configuration, worker registrations, agent configuration, and API keys.
  • Run data: inputs, outputs, step results, logs, and messages associated with automation runs.
  • Communications: messages and other communications with Mobius support.

Information we collect automatically

When you interact with our Services, we may automatically collect:

  • Technical information: IP address, device information, browser type, and operating system.
  • Usage information: how you interact with the Services, including pages and features accessed and actions taken.
  • Log data: system logs, error reports, and performance data.
  • API and worker usage: request patterns, rate limit usage, and integration activity.

How we process your information

Customer data processing

Customer Data is used by Mobius in accordance with the instructions of the customer organization, including any applicable terms in a Customer Agreement, the customer's use of Services functionality, and as required by applicable law. Mobius is a processor of Customer Data and the customer is the controller. Customers may, for example, use the Services to:

  • Create, edit, and run automations and view their execution history.
  • Register workers and service accounts and manage their credentials.
  • Configure triggers, webhooks, channels, and integrations with third-party systems.
  • Manage organization members, projects, roles, and access assignments.
  • Export or delete their Customer Data, and otherwise apply their policies to the Services.

General service operations

We use the collected information to:

  • Provide, operate, and improve the Services.
  • Respond to your queries and support requests.
  • Maintain reliability and performance, including diagnosing incidents.
  • Understand how the Services are used so that we can improve them.
  • Ensure the security of the Services and detect abuse.
  • Comply with legal obligations and enforce our terms of service.

We do not use Customer Data to train foundation or generative AI models.

Data security

We implement reasonable technical and organizational measures to protect your information, including encryption in transit, encryption at rest through our cloud providers, logical isolation of customer data by organization and project, and least-privilege access for operators. No method of transmission over the Internet or electronic storage is 100% secure; while we strive to protect your personal information, we cannot guarantee its absolute security. See our Security page for additional detail.

Data retention

Mobius retains Customer Data in accordance with customer instructions, including any applicable terms in a Customer Agreement and the customer's use of Services functionality. Customers can manage retention and deletion through the product and our API.

Deletion of Customer Data through the Services may result in the deletion and/or de-identification of certain associated information. Some information may be retained longer where required for legal obligations or legitimate business purposes such as audit logs and incident investigation.

Information sharing and disclosure

We strictly limit the sharing of your information to what is essential for providing the Services. When we share information, we ensure appropriate safeguards are in place and share only the minimum necessary data. Specifically:

  • Sub-processors: we share limited information with service providers that are fundamental to operating the Services, including Clerk (user authentication and organization management), Google Cloud (application hosting), Cloudflare (edge and web hosting), and Neon (managed Postgres).
  • Customer-configured integrations: when your organization configures a third-party integration (for example Slack, email, S3, or Twilio), data is transmitted to that third party in accordance with your configuration. You are responsible for the policies of services you connect.
  • Legal requirements: we may share information when required by law, such as in response to a valid court order, subpoena, or other legal process. We evaluate each request carefully and only share what is legally required.
  • Business transfers: in the event of a merger, acquisition, or sale of all or part of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any change in ownership or uses of your information.

We do not sell, rent, or share your information with third parties for their marketing purposes. Any third party that receives your information is contractually obligated to handle it in accordance with this policy and applicable data protection laws.

Age limitations

The Services are not directed to individuals under 16. We do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information.

International data transfers

We may transfer your information to servers located outside of your country. By using the Services, you consent to the transfer of information to countries outside your country of residence, which may have different data protection rules.

Your rights and choices

You have the right to:

  • Access your personal information.
  • Request correction of inaccurate data.
  • Request deletion of your data, subject to legal and contractual obligations.
  • Opt out of marketing communications.
  • Manage API keys, service accounts, and integration settings for your organization.
  • Export your Customer Data.

To exercise these rights, contact us at support@mobiusops.ai or use the controls available in your account settings.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on our website and updating the “Last Updated” date. For significant changes, we will provide additional notice such as email notification.

Contact

If you have any questions about this Privacy Policy or our practices, please contact us at support@mobiusops.ai.