Privacy Policy

Effective Date: 9th June 2026

  1. IntroductionAsk Mitoto (“Platform”, “Service”) is an AI-powered business intelligence system developed by Verve Systems Pvt. Ltd. (“Company”, “We”, “Our”). This Privacy Policy describes how we collect, store, process, share, retain, and protect information when you use our software, website, APIs, mobile interfaces, or related services.

    By accessing Ask Mitoto, you acknowledge and agree to this Privacy Policy and our Terms and Conditions. Acceptance of this Policy is mandatory to use the Platform.

    Where Ask Mitoto accesses data via Google OAuth, our use of that data is additionally governed by the Google API Services User Data Policy, including the Limited Use requirements.

  2. Types of Data We Collect
    1. Personal Information:
      Full name, email address, phone number, company name, account credentials, authentication metadata, subscription details and billing information, support communication records.
    2. Uploaded and Connected Data (Customer Data):
      Documents, spreadsheets, databases, tables, third-party data sources, external tools, cloud storage, metrics, reports, structured and unstructured datasets.
    3. Google User Data (OAuth-Connected Services):
      When you connect your Google account, we may access data from Google services only as necessary to provide specific features you have explicitly enabled. Google user data is used strictly to operate the features you request and is never used for advertising, model training, or sold to third parties. See Section 3 for full details.
    4. Usage & Interaction Data:
      Prompts, queries, filters, selected fields, dashboards created, analytics usage, BI operations, reporting logs, time-stamps, feature usage patterns, workflow logs.
    5. Device & Technical Data:
      Device ID, IP address, browser/OS version, network details, ISP metadata, error logs, crash logs, performance metrics.
    6. Payment Information:
      Payment processing is handled exclusively by third-party PCI-compliant providers. We do not store full credit/debit card details.
  3. How We Use Your Data
    1. Core Platform Functions
      We process your data to:

      • Generate dashboards, insights, visualizations, and query responses
      • Validate, structure, optimize, and analyze uploaded inputs
      • Operate, maintain, and secure the Platform
    2. Google User Data — Limited Use Policy
      Our use of data obtained through Google OAuth APIs is strictly limited to:

      • Providing the specific feature(s) you have enabled that require Google data
      • Improving the functionality of those specific features within the Platform

      Google user data will NOT be used for:

      • Training or improving AI/ML models (including our own)
      • Profiling users for advertising or marketing purposes
      • Commercial analytics resale or third-party data sharing
      • Any purpose unrelated to the specific feature you authorized

      This complies with the Google API Services User Data Policy and its Limited Use requirements.

    3. Service Improvements (Non-Google Data Only)
      Aggregated and anonymized data derived from non-Google Customer Data may be used for:

      • Product enhancements
      • Algorithm training and architecture improvement
      • Research, analytics, and performance optimization
    4. Free Plan vs. Paid Plan (Non-Google Data)
      • Free Plan Users
        • Aggregated, anonymized behavior data (non-Google) may be analyzed for commercial and research purposes
        • Prompts and outputs may be used to improve feature relevance
      • Paid Plan Users
        • Data is used strictly for providing subscribed features
        • No behavioural analytics used for commercial resale
    5. Communications
      We may send:

      • Service announcements, updates, billing alerts
      • Security notifications
      • Optional marketing communications
  4. Data Storage & Security
    1. Storage Location
      All Customer Data is stored securely on AWS Ohio (USA) Region.
    2. Security Practices
      We employ:

      • Encryption in transit (TLS 1.2+) and at rest
      • Role-Based Access Control (RBAC)
      • Continuous monitoring and anomaly detection
      • Segregated multi-tenant architecture
      • Regular vulnerability assessments and audits

      However, no system is 100% secure. You must maintain secure credentials and internal data protection measures.

  5. Sharing of Information
    1. Authorized Sub-Processors
      To operate the Platform, we may share limited necessary data with:

      • Cloud hosting providers
      • AI/LLM service partners
      • Analytics and performance tools
      • Payment service providers
      • Security monitoring vendors

      All sub-processors follow contractual confidentiality and security obligations.

    2. Legal & Compliance Requirements
      We may disclose data:

      • To comply with government, regulatory, or court orders
      • To enforce our Terms or defend legal claims
    3. Business Transfers
      In the event of merger, acquisition, restructuring, or asset sale, Customer Data may be transferred to the successor entity with appropriate notice.
  6. User Rights and Account Management
    1. User Rights:Subject to jurisdiction, you have the right to access, request corrections, request deletion (with exceptions), withdraw consent, and request export of Customer Data. Requests may be submitted to info@askmitoto.com.

      You may revoke Google OAuth access at any time via your Google Account settings at myaccount.google.com/permissions. Revoking access will disable Google-connected features within the Platform.

    2. Data Retention & Account Deletion:
      We may retain:

      • Uploaded datasets, logs, models, prompts, reports
      • System-generated enhancements
      • Compliance and financial records
      • Audit trails and security logs

      Google user data is not retained beyond what is necessary to fulfill an active user request. Upon revocation of Google OAuth access or account deletion, Google user data will be deleted promptly, subject only to legally required retention obligations.

      Upon account deletion, Verve Systems Pvt. Ltd. will retain financial records, billing details, and compliance-required data, as well as system-generated enhancements and anonymized derivatives of non-Google Customer Data for product improvement purposes.

  7. Indemnification:
    By using the Service, you agree to indemnify and hold harmless Verve Systems Pvt. Ltd. and its affiliates, officers, agents, and employees from any and all claims, liabilities, damages, losses, and expenses (including reasonable legal fees) arising from your use of the Service, your violation of these terms or any associated policies, or any data you upload that infringes upon the rights of any third party.

    1. Shipping Policy:
      Upon successful payment, you will digitally receive the following:

      • A welcome/introduction email with access credentials to our application
      • Purchase confirmation email along with invoice
    2. Cancellation & Refund Policy:
      Ask Mitoto does not offer cancellation or refunds once the service is purchased or the account is activated.
  8. Cookies & Tracking
    We use cookies and similar tools for:

    • Analytics
    • Feature optimization
    • Session management
    • Personalization

    Disabling cookies may impair performance.

  9. Children’s Privacy
    Ask Mitoto is not intended for individuals under 18. We do not knowingly collect data from minors.
  10. Policy Updates
    We may update this Policy to reflect new laws, technologies, or platform changes. an updated Effective Date will be posted.
  11. Contact Us
    For privacy concerns, requests, or clarifications: info@askmitoto.com 
go top