Legal

Privacy Policy

How Mobius handles account data, loop data, worker data, integrations, and the operational telemetry needed to run the service.

Cloud Cmds LLC d/b/a Deep Noodle AI operates Mobius (“Mobius,” “we,” “us,” or “our”). This Privacy Policy explains how we collect, use, share, and protect information when you use the Mobius web application, HTTP API, client SDKs, worker protocol, webhooks, websites, and related services (collectively, the “Services”).

Mobius is built for organizations running loops across humans, systems, and AI agents. That means the Services will process account information, loop definitions, run events, run config, run outputs, worker connection data, integration payloads, messages, logs, and other operational records that your organization submits or causes us to process.

Information we process

For this policy, “Customer Data” means information submitted to or generated by the Services on behalf of a customer organization, including loop definitions, run events, run config, run outputs, worker configuration, agent configuration, project settings, artifacts, messages, and integration payloads.

For Customer Data that contains personal data, Mobius generally acts as a service provider or processor on behalf of the customer organization. The customer organization determines the purposes and means of processing, including which loops, workers, integrations, and end-user workflows it configures.

How we collect information

Information you provide

We may collect and store the following categories of information when you interact with the Services:

  • Contact information: name, email address, and related business contact details.
  • Account information: account preferences, authentication records, organization membership, role assignments, subscription state, and billing contact details.
  • Loop and worker configuration: loop definitions, trigger and webhook configuration, worker registrations, agent configuration, integration settings, API clients, and API keys.
  • Run events and config: event payloads and configuration your organization submits for loop runs.
  • Communications: messages and other communications with Mobius support, security, or sales.

Information we collect automatically

When you interact with the Services, we may automatically collect:

  • Technical information: IP address, device information, browser type, operating system, and request metadata.
  • Usage information: pages and features accessed, actions taken, API calls made, rate-limit usage, integration activity, and worker connection activity.
  • Log and diagnostic data: system logs, error reports, performance data, security events, and incident response records.
  • Billing data: plan selection, usage counters, invoices, checkout or portal events, and payment status. Payment card details are processed by our payment provider, not stored as full card numbers by Mobius.

Cookies and analytics

On our public website we use cookies and similar technologies (including browser local storage) to keep the site working, remember your preferences, and understand how visitors use it:

  • Strictly necessary: required for the site and application to function, such as authentication and session management (provided by Clerk) and remembering your cookie-consent choice. These are always active and cannot be turned off.
  • Analytics: we use Google Analytics (GA4) to measure traffic and Microsoft Clarity for aggregated heatmaps and session replay of site interactions, so we can understand what’s useful and improve the site. These are enabled only after you opt in.

Analytics is governed by consent. When you first visit, analytics storage is disabled by default; we enable it only if you choose “Accept” in the cookie banner. You can change or withdraw your choice at any time:

We do not use advertising or cross-site tracking cookies, and we do not run analytics inside the authenticated application.

How we use information

Customer Data processing

We process Customer Data in accordance with the instructions of the customer organization, the customer's use of Services functionality, any applicable customer agreement, and applicable law. Customers may use the Services to:

  • Create, edit, and run loops and view their execution history.
  • Register workers and API clients and manage their credentials.
  • Configure triggers, webhooks, channels, and integrations with third-party systems.
  • Manage organization members, projects, roles, and access assignments.
  • Export or delete Customer Data and otherwise apply their organization policies to the Services.

Service operations

We use information we collect to:

  • Provide, operate, secure, and improve the Services.
  • Respond to support, security, and sales requests.
  • Maintain reliability and performance, including diagnosing incidents and abuse.
  • Understand how the Services are used so that we can improve them.
  • Process subscriptions, invoices, and usage-based billing.
  • Comply with legal obligations and enforce our Terms of Service.

Mobius does not use Customer Data to train foundation or generative AI models. Customer-configured model providers and integrations may process data according to your configuration and their own terms.

Data security

We implement reasonable technical and organizational measures designed to protect your information, including encryption in transit, encryption at rest through our cloud providers, logical isolation of customer data by organization and project, and least-privilege access for operators.

No method of transmission over the Internet or electronic storage is completely secure. While we work to protect personal information, we cannot guarantee absolute security. See our Security page for additional detail.

Data retention

Mobius retains Customer Data in accordance with customer instructions, any applicable customer agreement, and the customer's use of Services functionality. Customers can manage retention and deletion through the product and our API.

Deletion of Customer Data through the Services may result in deletion or de-identification of associated information. Some information may be retained longer where required for legal obligations or legitimate business purposes, such as billing records, audit logs, security logs, and incident investigation records.

Information sharing and disclosure

We limit information sharing to what is reasonably necessary to provide, secure, support, bill for, and improve the Services. We may share information in the following circumstances:

  • Service providers and sub-processors: we share limited information with providers that help operate the Services, including Cloudflare, Clerk for authentication, Google Cloud for backend services, Stripe for payments and billing, and — for our public website only, after you opt in — Google Analytics and Microsoft Clarity for website analytics.
  • Customer-configured integrations: when your organization configures a third-party integration, model provider, webhook, or worker, data is transmitted to that third party or worker in accordance with your configuration. You are responsible for the policies and permissions of services you connect.
  • Legal requirements: we may share information when required by law, such as in response to a valid court order, subpoena, or other legal process.
  • Business transfers: in the event of a merger, acquisition, financing, reorganization, or sale of all or part of our business or assets, information may be transferred as part of that transaction.

We do not sell your information or share it with third parties for their own marketing purposes. Service providers that process information for us are required to handle it in accordance with their contracts with us and applicable data protection laws.

Age limitations

The Services are business tools for users who are at least 18 years old. They are not directed to children under 13 or to anyone under 18. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us and we will take appropriate steps to delete it.

International data transfers

We may process and transfer information in the United States and other countries where we or our service providers operate. Where required by applicable law, we use appropriate safeguards for international data transfers.

Your rights and choices

Depending on where you live and how you use the Services, you may have rights regarding your personal information. These rights may include the ability to:

  • Access personal information.
  • Request correction of inaccurate data.
  • Request deletion of data, subject to legal and contractual obligations.
  • Opt out of marketing communications.
  • Manage API keys, API clients, and integration settings for your organization.
  • Export Customer Data where the Services support export.

To exercise these rights, contact us at support@mobiusops.ai or use the controls available in your account settings. If your data is controlled by a customer organization, we may direct your request to that organization.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will post the updated policy on our website and update the “Last updated” date. For material changes, we may provide additional notice, such as email notification or in-product notice.

Contact

If you have questions about this Privacy Policy or our practices, contact us at support@mobiusops.ai.