JARO BOT

Legal

Privacy Policy

This public privacy notice covers lead capture, consent state, hosted browser operations, and future cloud delivery boundaries for JARO BOT.

Open workspaceView pricing

Version

1.0

Effective

2026-03-21

Updated

2026-03-21

External legal review pending.

This public trust surface is active for operational transparency, but attorney review, trademark validation, and company-formation hardening remain tracked as external owner blockers before broader public launch claims.

Draft pending qualified review

This policy is implementation-ready and live for F3, but it still awaits review by a qualified legal professional.

Who processes your data

JARO BOT is operated by JARO AI. Privacy and data-rights questions can be sent to [email protected].

What data JARO BOT processes on the public surface

  • Lead-capture data such as email address, optional name, product-intent signal, optional company/use-case notes, and page locale.
  • Operational browser data needed to defend the public intake lane, including consent state, bot-defense signals, and minimal security logging.
  • UTM attribution and request metadata when provided, so the public trust surface can understand which public entry points are effective.
  • Hosted-product account, billing, and AI-processing data only when those separate product lanes are activated.

How data is used and shared

JARO BOT uses this data to operate the public trust surface, record consent, process lead requests, defend against abuse, respond to support inquiries, and deliver future hosted services where applicable.

Data is shared only with processors needed to run the service. The current F3 processor posture includes Railway for hosting, approved LLM providers when hosted AI processing is active, and email-delivery infrastructure when confirmation or operational mail is enabled.

JARO SENTINEL CLI local-only boundary

  • JARO SENTINEL CLI reads your project and runs checks on your machine. Project source, local reports, and the project-level sentinel.yaml remain under your control.
  • No project data is sent to JARO BOT cloud services by default. External egress happens only when you explicitly enable a provider or hosted lane, or when your own toolchain/environment performs outbound network operations.
  • Do not place secrets in sentinel.yaml. Keep provider credentials in environment variables or the user-global credentials file only.

Cookies and consent

The public browser surface uses host-scoped public cookies such as consent and locale state. Non-essential analytics must not run before consent where consent is required.

Consent records are retained separately from analytics telemetry. Essential operational telemetry remains privacy-sterile and must not use persistent identifiers before consent.

Retention

Public lead and consent records are retained only for the operational and legal periods needed to manage the request, prove consent, and defend the service against abuse.

  • Public lead submissions: up to 12 months after the latest relevant interaction unless a shorter or longer legal retention period applies.
  • Consent proof records: retained according to the active compliance posture for auditability.
  • Security and abuse-prevention logs: retained for the minimum operational period required to investigate misuse and protect the service.

Rights and requests

For the F3 public surface, JARO BOT covers marketing leads and anonymous telemetry only. Registered-product DSAR automation is outside this sprint. Access, correction, deletion, restriction, or objection requests for the public trust surface can still be sent through the privacy contact mailbox.

Contact

[email protected][email protected]