The Agentic Org

Privacy Policy

Version 1.0 · Effective 2026-04-21 · English

1. Who we are

The Agentic Org is a product of Xtal 2000 S.a.s. di Marco Di Giura & C. ("we", "us"), registered in Italy. References to "MDG WMS", "MDG UFCP", "MDG FSP" below denote the individual products that form the Agentic Org platform.

2. Data we process

We act as a data processor on behalf of your organization (the data controller). We process:

Account data: name, work email, tenant membership, role, hashed password, two-factor secret, login timestamps.
Operational data: any records your users enter (schedules, tickets, plants, technicians, documents, chat transcripts with agents, voice transcriptions, agent decision logs).
Technical data: browser user-agent, IP address on authentication events, token usage counters, audit trail for agentic actions.

We do not deliberately collect special categories (health, biometrics, religious beliefs). If your operational data contains such categories, you remain controller and are responsible for lawful basis.

3. Lawful basis

Contract performance (Art. 6(1)(b) GDPR) for providing the service.
Legitimate interest (Art. 6(1)(f)) for security, abuse prevention, platform integrity.
Legal obligation (Art. 6(1)(c)) for billing records and mandatory retention.

4. Sub-processors

We use a minimal set of sub-processors listed in our DPA. Current set (as of the version date above):

Hetzner Cloud (infrastructure, EU region) — application hosting, PostgreSQL, backups.
Cloudflare (CDN, Pages) — static asset delivery and DDoS protection for public PWAs.
LLM providers (Anthropic, OpenAI, Google) — agent reasoning on text sent to chat endpoints. No training on your data (enterprise tiers). See section 7 for details.

5. Data residency

Primary data storage is in EU data centres (Hetzner Nuremberg/Helsinki or Falkenstein). LLM API calls may be routed to US regions when you select US-based providers; this is disclosed at provider selection time and can be disabled per-tenant from Governance settings.

6. Retention

Account data: retained while the account is active and for 12 months after tenant termination, then anonymized.
Operational data: retained under your tenant's retention policy (configurable in Governance). Default: indefinite until explicit delete.
Audit logs (agentic decisions, login events): retained 24 months, then archived.
Backups: encrypted, rolling 30-day retention.

7. Agent reasoning and AI providers

Content sent to agent chat endpoints (user messages, recalled context, operational data used for reasoning) is forwarded to the LLM provider you selected in Governance settings. We send only the minimum necessary context for the current reasoning step. We instruct providers to operate under their enterprise terms (no training on customer data). Selection of provider is entirely under your control.

When you enable Dynamic agentic behaviour, additional tool-call outputs (simulations, queries) may be included in the reasoning trace. All reasoning traces are stored in your tenant, accessible via Agent Decisions.

8. Your rights

This policy is written under the EU General Data Protection Regulation (GDPR) framework, as we are an Italian data processor and Italy is our primary market. Users located outside the EEA retain equivalent rights under their local data-protection law (for example UK-GDPR, California's CCPA/CPRA, Brazil's LGPD, Switzerland's revFADP). We honour those local rights where applicable; contact us at the address below for your regional specifics.

Under GDPR Articles 15–22 (and their equivalents) you can:

Request a copy of your personal data (right of access).
Request correction of inaccurate data.
Request deletion, subject to contractual and legal retention.
Request export in a portable format.
Object to processing and request restriction.
EU/EEA users: lodge a complaint with the Italian Data Protection Authority (Garante). Non-EU users: lodge a complaint with your local supervisory authority.

9. Security

We apply technical and organizational measures appropriate to the risk:

TLS in transit, at-rest encryption on the database volume (LUKS).
Per-tenant logical isolation at the database and routing layer.
Two-factor authentication enforced for admin roles.
Full audit trail for agentic actions, user impersonation, and admin operations.
Least-privilege access for operators; no standing access to customer data.

10. Cookies

We use a minimal set of strictly necessary cookies for session management and CSRF protection. We do not use analytics cookies or third-party trackers.

11. Changes

When this policy materially changes we bump the version and prompt you at next sign-in to review and accept the updated text. Your acceptance is recorded with timestamp, user identifier, and version.

12. Contact

Data Protection point of contact: privacy@mdgsuite.com.