MuninMunin
Sign inStart free →

Privacy Policy — Munin Cloud

Last updated: 2026-05-31

This policy covers Munin Cloud — the hosted SaaS at app.getmunin.com and its API endpoints (api.getmunin.com, mcp.getmunin.com). It is published by Apps AS, registered at Vulkan 16, 0178 Oslo, Norway ("we", "us", "Munin").

1. The two roles we play

Munin Cloud handles personal data in two distinct capacities:

If you are an end-user of one of our customers (e.g. you submitted a support request through a customer's chat widget), the customer is the controller of that interaction. Direct privacy requests about that data to them. We will refer such requests on to the customer.

2. Data we collect as controller

CategoryDataWhen collected
AccountEmail, name, hashed password (BetterAuth), organisation membership, roleSign-up and team-invitation flow
AuthenticationSession tokens, OAuth 2.1 tokens issued to your connected agents, hashes (never plaintext) of API keys you mintSign-in and key minting
Usage countersMCP tool calls, embedding requests, voice minutes (if Vapi enabled), SMS volume (if Twilio enabled), storage bytesAutomatically as you use the service
SupportName, email, message contentWhen you contact support@getmunin.com or use in-product help
Operational logsRequest timestamps, IP, user agent, response status, correlation id, audit-log entries (tool name, arguments, result code, actor, organisation)Automatically on every API and MCP request

We do not currently offer paid plans, so we do not collect payment information. If we introduce paid plans we will update this table and notify account admins.

We do not read or analyse the content of customer business data (KB documents, conversations, contacts, deals, CMS entries) to operate the service, except where strictly necessary to provide a feature you've enabled (e.g. generating embeddings for kb_search) or to investigate a confirmed abuse or security report.

3. Why we process this data (legal basis)

PurposeLegal basis (GDPR Art. 6)
Providing the service to your organisationPerformance of contract (Art. 6(1)(b))
Security, abuse prevention, fraud detectionLegitimate interest (Art. 6(1)(f))
Audit log retentionLegitimate interest, and (where required) legal obligation
Support correspondencePerformance of contract; legitimate interest (Art. 6(1)(b),(f))
Service announcements (security, breaking changes)Legitimate interest; performance of contract
Marketing emailsConsent (Art. 6(1)(a)); you can opt out at any time

We do not sell personal data, and we do not use customer business data to train AI models.

4. Subprocessors

We rely on the following processors to run Munin Cloud. Material changes will be announced at least 30 days in advance.

SubprocessorRoleData categoryRegion
Scaleway SASHosting (Postgres + pgvector, application servers, object storage, backups), transactional email (Scaleway Transactional Email), embedding generation for KB and CMS hybrid search (qwen3-embedding-8b via Scaleway Generative APIs)All processed data, including the text you store in kb_documents and cms_entries (sent transiently to Scaleway Generative APIs for vector generation; not retained or used for model training)EU (Netherlands for application + storage, France for embeddings + email)
Functional Software, Inc. (Sentry)Error and exception tracking; performance and profiling traces (10 % sampled); session replay on the dashboard captured only when an error occurs, with all text masked and media blockedStack traces, exception messages, URL paths, browser/runtime version, request correlation IDs, IP address. We disable Sentry's default PII attachment (sendDefaultPii: false) and do not pass account email, name, or customer business data into events.EU (Sentry EU region, Germany)

A current subprocessor list is available at any time on request.

4a. Third-party integrations you connect (BYOK)

Munin Cloud also routes data to providers you contract with directly and configure on your tenant with your own credentials. These providers act under your contract, not ours — they are your processors, and you are responsible for the DPA and disclosures with them. Munin handles the data only in transit between your customers and the provider you've chosen.

IntegrationProvider you supplyWhat flows through
SMS channelTwilio, MessageBird, or compatiblePhone numbers, SMS metadata and content
Voice channelVapiPhone numbers, call audio, transcripts, tool-call metadata
Custom SMTP / IMAPAny provider you have credentials forSender, recipient, subject, body
Custom LLM / embedding endpointAny OpenAI-compatible provider you point us atThe text you submit for inference

4b. Identity providers (sign-in)

If you choose to sign in via Google or GitHub instead of email + password, the provider authenticates you and returns your email and display name to Munin Cloud. The OAuth apps are operated by us (Apps AS). Google and GitHub act as independent identity controllers for the authentication event itself — they're identity providers, not subprocessors of yours or ours.

ProviderWhen involvedData exchanged
Google LLCYou click "Sign in with Google"Your Google email + name returned via OAuth
GitHub, Inc.You click "Sign in with GitHub"Your GitHub email + name returned via OAuth

5. International transfers

Cloud infrastructure runs entirely in the EU (Scaleway, France and Netherlands; Sentry, Germany). We do not transfer customer business data outside the EU. The third-party integrations you configure under section 4a may move data outside the EU depending on the provider you contract with — that flow is governed by your agreement with that provider, not ours.

6. Retention

DataDefault retention
Account, organisation, membership recordsActive for the life of the account; deleted within 30 days of account closure
Audit log90 days, then automatic purge
Customer business data (KB, CRM, conversations, CMS entries)Until you delete it or close your account. On account closure, deleted within 30 days; backups roll off within 35 days
Operational logs30 days
Support correspondence24 months from last interaction
Backup snapshots35 days rolling

7. Customer data ownership and export

You own the customer business data you put into Munin Cloud. At any time you can:

8. Security

We do not query Anthropic's Claude memory, chat history, conversation summaries, or files you've uploaded to Claude. The MCP tools operate exclusively on data within your Munin organisation.

9. Prompt injection and connected agents

Inbound channel content (emails, chat-widget messages, voice transcripts, SMS) may include attempts to manipulate connected AI agents. We apply defences (sanitisation, constrained tool surfaces, scoped delegated tokens, audit logging) but cannot guarantee absolute prevention. If a connected agent acts on instructions delivered through inbound content, the customer remains responsible for those actions. We will work with you in good faith to investigate any incident.

10. Your rights

You have the right to access, correct, delete, restrict, port, and object to processing of your personal data. EU/EEA residents may lodge a complaint with their supervisory authority — for users based in Norway this is Datatilsynet (datatilsynet.no). California residents have CCPA/CPRA rights including the right to know and delete; we do not sell or share personal information as those terms are defined under California law.

To exercise these rights, email privacy@getmunin.com from the address associated with your account. We respond within 30 days and may extend by up to 60 additional days in complex cases.

If you are an end-user of one of our customers, contact that customer first; we will assist them in fulfilling your request.

11. Children

Munin Cloud is a B2B service not directed at children under 16; we do not knowingly create accounts for children. If you believe we hold data about a child, contact privacy@getmunin.com and we will delete it.

12. Cookies

Munin Cloud sets only the cookies required to operate the service:

CookiePurposeDuration
NEXT_LOCALERemember language choice12 months
__Host-munin-sessionAuthenticated session (BetterAuth)Session duration, sliding
CSRF tokensCross-site request forgery protectionSession

We do not run third-party analytics or ad pixels on app.getmunin.com. The error-tracking SDK (Sentry, section 4) captures a session-replay snapshot when an error occurs in the dashboard — all text is masked and media is blocked, so the replay shows interaction shape but not content.

13. Changes

We will post material changes here and update the "Last updated" date. For substantive changes affecting how we process data, we will email account admins at least 30 days in advance.

14. Contact and DPA

For privacy enquiries, requests to exercise your rights, or to request our Data Processing Agreement (DPA):

Apps AS Vulkan 16, 0178 Oslo, Norway privacy@getmunin.com

A standard DPA reflecting GDPR Article 28 is available on request and is incorporated by reference into our Terms of Service. We sign DPAs with any customer who processes personal data through Munin Cloud, regardless of plan.