Privacy policy

Effective May 27, 2026

Data we process

Penut stores account details, org/project settings, API credentials you connect, usage events, approval records, logs, and content you submit to Penut services.

How data is used

We use this data to authenticate users, run requested operations, meter usage, provide audit trails, and keep connected integrations working.

Penut Operator Chrome extension

If you pair Penut Operator, Penut stores a generated device ID, device name, pairing token, connection status, and browser execution audit events. During approved browser actions, the extension may send page observations, screenshots, execution status, and action results to Penut so the approved action can run in your Chrome profile. Penut Operator does not collect your browsing history.

Subprocessors

Payment details are handled by Stripe. Connected provider data is sent only to providers required for the operation you request.

Deletion and export

Org owners can request export or deletion of org data. Operational logs may be retained for security, abuse prevention, and legal requirements.