Privacy Policy

Nikhil Bajpai, trading as Monti is the data controller responsible for your personal data under the General Data Protection Regulation (GDPR) and applicable EU/EEA national data protection law.

Data protection contact: privacy@monti.works

If you are located in the UK or another jurisdiction with its own data protection law, the same contact applies. We will respond to all requests within 30 days.

2.1 Account data

When you create a Monti account, we collect:

• Your email address, used for login and service communications
• A password, stored as a one-way cryptographic hash. We never store your password in readable form
• Your name, if you choose to provide it
• Your organisation name

2.2 Business context you provide

To deliver decision intelligence features, Monti asks you to describe your business. This may include:

• A free-text business description
• Goals you set for your business
• Business Model Canvas components extracted from your description by an AI model
• Notes, wiki pages, decisions, tasks, and project information you create inside the platform

This information is stored so that Monti can give you contextually relevant recommendations. It is never used to train AI models and is never shared with third parties except as described in Section 5.

2.3 Email data (if you connect your email account)

Connecting your email account is entirely optional. If you choose to connect it, Monti will:

• Access emails in your inbox and sent folder using the IMAP protocol
• Store email content, sender and recipient addresses, subject lines, and timestamps in Monti's EU-based database (Hetzner, Germany)
• Thread and display these emails within the Monti interface so you can track client conversations

Important: Email data is used exclusively to provide you with the Service. We do not read your emails for any other purpose. We do not process them for advertising. We do not share them with any third party except the infrastructure sub-processors listed in Section 5, who process data only to host and operate the Service on our behalf.

You can disconnect your email account and request deletion of your synced email data at any time from Settings.

2.4 GitHub repository data (if you connect GitHub)

Connecting your GitHub account is optional. If you connect it, Monti will:

• Read commit activity and repository names from repositories you explicitly authorise
• Link commit references to tasks you choose to associate them with

We do not access repository code, file contents, or any data beyond the commit activity you have authorised. You can disconnect GitHub at any time from Settings, at which point we stop fetching new data.

2.5 Usage and technical data

We collect standard server logs and application events to operate and improve the Service, including:

• Pages visited and features used within the platform
• Error logs and performance diagnostics
• IP address and browser or device type

We do not use any third-party analytics services anywhere on the Service, including the marketing website. Usage monitoring is handled through internal tooling that does not share data with third parties.

2.6 Payment data

Payments are processed by GoCardless. Monti stores only a reference identifier returned by GoCardless (a mandate reference and subscription identifier). We do not store bank account details, card numbers, or any other payment credentials. GoCardless is an independent data controller for payment data. Their privacy policy is available at gocardless.com/privacy.

We use your data for the following purposes. Each has a legal basis under GDPR.

3.1 To provide the Service (legal basis: contract performance)

• Authenticate your account and keep you logged in
• Generate personalised AI briefings, task suggestions, and decision recommendations based on your business context
• Sync, thread, and display your emails if you have connected an email account
• Link GitHub commit activity to your tasks if you have connected GitHub
• Send transactional emails: password reset, email verification, task reminders, weekly summaries
• Process your subscription payment via GoCardless

3.2 To operate and improve the Service (legal basis: legitimate interest)

• Monitor system performance and diagnose errors
• Prevent abuse, fraud, and security incidents
• Understand which features are used most so we can prioritise improvements. This is done using internal tooling only; no third-party analytics provider receives your data.

Our legitimate interest is to run a reliable and secure product. We balance this against your privacy rights. We do not use your personal business data (emails, notes, decisions, tasks) for product analytics.

3.3 To comply with legal obligations (legal basis: legal obligation)

• Respond to lawful requests from regulatory or judicial authorities
• Maintain records required by applicable tax and commercial law

Monti uses artificial intelligence to generate briefings, suggest tasks, classify decisions, and draft email replies. This section explains exactly how your data is used in AI processing.

4.1 Which AI models we use

We use models from the following providers only:

• Anthropic (Claude models), USA
• Mistral AI, France (EU-based)

We do not use OpenAI models and have no plans to do so. AI requests are routed via OpenRouter, an API aggregation service. OpenRouter routes requests exclusively to Anthropic and Mistral on our behalf.

4.2 Zero Data Retention on all AI calls

Every AI request made by Monti is sent with a Zero Data Retention (ZDR) flag enforced both at the account level and on every individual request. This means:

• OpenRouter does not log or store the content of your requests or responses
• The AI provider processes your data only to return a response and does not retain it
• Your data is not used to train any AI model

Your business descriptions, emails, notes, and decisions are never used to train any AI model by any party.

4.3 What context is sent to an AI model

When Monti generates a recommendation for you, it may include the following in the prompt sent to an AI model:

• Your business description and Business Model Canvas summary
• Your active goals
• Task titles and statuses (not full task descriptions unless needed)
• Relevant email subject lines or conversation summaries
• Decision records you have captured

We do not send your full email body content to an AI model unless you explicitly request an AI-drafted reply for a specific email thread. In that case, the thread content is included in that single request and is subject to the ZDR policy above.

To operate the Service, we share limited data with a small number of sub-processors: infrastructure and database hosting, payment processing, transactional email delivery, AI inference routing, AI model providers, and optional third-party integrations you choose to connect (such as GitHub). All sub-processors are contractually bound to process data only on our instructions and in accordance with GDPR. Where data is transferred outside the EEA, Standard Contractual Clauses apply.

The full current list of sub-processors, including company names, countries, and data categories, is maintained at https://monti.works/sub-processors. We will notify you at least 30 days before adding a new sub-processor that processes personal data.

We do not use advertising networks, data brokers, or analytics services that share data with third parties. We do not use OpenAI.

All personal data, including connected email content, is stored on servers physically located in Germany and the Netherlands within the EU. Hetzner is a German company subject to EU law only, which means no US Cloud Act exposure for your primary data store.

Security measures we apply:

• All data in transit is encrypted using TLS 1.2 or higher (HTTPS everywhere)
• Database access is restricted by Row-Level Security: your organisation's data is logically isolated from all other organisations at the database layer
• AI API keys are encrypted at rest using AES-256 (Fernet encryption)
• Passwords are stored as one-way cryptographic hashes and are never stored in readable form
• Login is rate-limited and automatic brute-force lockout is enforced after repeated failed attempts
• Access to production systems is restricted to authorised personnel only
• CSRF protection is enforced on all state-changing requests

We keep your data for as long as your account is active.

When you delete your account, the following data is permanently and immediately deleted:

• Your personal account data (name, email address, password hash)
• All business data you created: tasks, projects, goals, notes, wiki pages, decisions, contacts, companies, negotiations
• Connected email data and GitHub commit data
• AI-generated content stored in your account (briefings, suggestions, decision classifications)

Deletion is permanent. We do not maintain soft-deleted records or recoverable backups of your personal data after account deletion. Database backup snapshots are purged on a 7-day rolling cycle.

We may retain the following minimal records after account deletion, as required by law: GoCardless payment reference identifiers and subscription records, for the period required by applicable tax law (typically 7 years in Germany). These records do not contain your business data or email content.

If you are based in the EU, EEA, or UK, you have the following rights. We will respond to all requests within 30 days and will not charge a fee for reasonable requests.

• Right of access: You can request a copy of the personal data we hold about you.
• Right to rectification: You can ask us to correct inaccurate or incomplete data.
• Right to erasure: You can ask us to delete your personal data. Deleting your account from Settings achieves this automatically and immediately.
• Right to restriction of processing: You can ask us to pause processing of your data while a dispute is resolved.
• Right to data portability: You can request your data in a structured, machine-readable format (JSON).
• Right to object: You can object to processing based on legitimate interests.
• Right to withdraw consent: Where processing is based on your consent, you can withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, email privacy@monti.works. We will acknowledge your request within 5 business days and complete it within 30 days.

You also have the right to lodge a complaint with your national supervisory authority. The lead authority for Monti (operating from Germany) is the Bavarian State Office for Data Protection Supervision (BayLDA) at lda.bayern.de. You may also contact the supervisory authority in your own country of residence.

Monti uses only the cookies that are strictly necessary to operate the Service:

• A session cookie to keep you authenticated while you use the platform
• A CSRF token cookie to protect against cross-site request forgery attacks

We do not use tracking cookies, advertising cookies, or third-party analytics cookies. Because we use only strictly necessary cookies, we do not show a cookie consent banner. There is nothing to consent to beyond what is required for the platform to function.

The Service is intended for adults aged 18 and over who are building or running a business. We do not knowingly collect personal data from anyone under 18. If you believe a minor has created an account, please contact us at privacy@monti.works and we will delete the account promptly.

We will update this policy when our practices change in a way that affects your privacy. If a change is material, we will notify you by email at least 30 days before it takes effect. Adding a new sub-processor triggers at least 30 days' notice. The date at the top of this document always reflects the most recent version.

Continued use of the Service after a change takes effect constitutes acceptance of the updated policy. You may also choose to delete your account if you do not accept a change.

For any privacy-related questions, access requests, or complaints:

• Email: privacy@monti.works
• Website: https://monti.works
• Sub-processors list: https://monti.works/sub-processors

This policy was written and last reviewed on 11 March 2026 by Nikhil Bajpai.