Strata logo Strata

Privacy Policy

Last updated: May 19, 2026

Somi Labs Technologies, Inc. ("Somi Labs," "we," "us," or "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use our websites, software, applications, APIs, AI systems, products, services, and related tools, including Strata (collectively, the "Services").

Strata is a product and service operated by Somi Labs. References to Strata in this Privacy Policy refer to the Strata product and related Services provided by Somi Labs.

By accessing or using the Services, you acknowledge that you have read this Privacy Policy and understand how we process personal information.

If you have entered into a separate written agreement with Somi Labs, that agreement may include additional privacy, security, or data-processing terms. To the extent there is a conflict, the separate written agreement controls for the Services covered by that agreement, unless this Privacy Policy provides more protective terms required by applicable law.

1. Privacy Commitments

Somi Labs is designed with the following privacy commitments:

  • We run zero data retention by default for customer content processed by Somi Labs-controlled systems.
  • We do not train models on your data.
  • Your files stay on your computer unless you intentionally enable a feature that sends content elsewhere.
  • We do not sell your personal information.
  • We do not share your personal information for cross-context behavioral advertising.

"Your data" includes customer prompts, inputs, files, documents, code, images, outputs, and other content you provide through the Services.

2. Information We Collect

We collect limited personal information needed to operate the Services.

Information you provide

We may collect:

  • Account information, such as your name, email address, company name, role, login credentials, preferences, and related account details.
  • Payment and billing information, such as subscription plan, billing status, transaction records, and limited payment details processed by our payment providers.
  • Communications, such as messages you send to us, support requests, survey responses, and feedback.
  • Business information, such as organization name, team members, workspace settings, and administrator-provided information.

Information collected automatically

When you use the Services, we may automatically collect:

  • Device and browser information, such as operating system, browser type, device type, IP address, identifiers, language settings, and network information.
  • Usage information, such as pages viewed, features used, actions taken, timestamps, session activity, error logs, performance data, and interaction patterns.
  • Approximate location, such as country, region, or city inferred from your IP address.
  • Cookies and similar technologies used to operate, secure, measure, and improve the Services.

3. Local Files and Customer Content

Files, documents, code, images, and other local content you use with the Services remain on your computer unless you intentionally enable a feature, integration, or workflow that sends content elsewhere. We do not upload, retain, or store your files on Somi Labs servers by default.

The Services may process local content on your device to provide functionality. Where a feature requires connecting to an external service, we will make that behavior clear or require your action to enable it.

Unless we have entered into a separate written agreement expressly permitting it, you should not submit protected health information, patient data, or other sensitive regulated data to the Services.

We do not use your files, prompts, inputs, outputs, or other customer content to train models.

4. Zero Data Retention by Default

Somi Labs runs zero data retention by default for customer content processed by Somi Labs-controlled systems. This means that, unless you intentionally save, publish, export, share, submit feedback, or enable a feature that requires retention, we do not retain prompts, inputs, submitted content, files, or generated outputs after processing is complete.

If you enable an integration, model provider, storage provider, or other external service that receives customer content, that external service may process or retain content under its own terms and privacy policy unless we expressly state otherwise for that feature.

We may retain limited operational information where necessary to operate and secure the Services, such as account records, billing records, authentication logs, abuse-prevention signals, usage analytics, system diagnostics, legal compliance records, and communications you send to us.

5. How We Use Information

We use personal information to:

  • Provide, maintain, and improve the Services.
  • Create, authenticate, administer, and secure accounts.
  • Process transactions, subscriptions, invoices, and payments.
  • Respond to support requests and communicate with you.
  • Personalize your experience and remember preferences.
  • Monitor performance, debug issues, and maintain reliability.
  • Detect, prevent, and investigate fraud, abuse, security incidents, policy violations, and unlawful activity.
  • Comply with legal obligations and enforce our agreements.
  • Send product, service, and company updates, including marketing communications where permitted by law.
  • Conduct analytics using aggregated, de-identified, or anonymized information.

We do not use customer content to train models.

6. Cookies and Similar Technologies

We use cookies and similar technologies to operate the Services, maintain sessions, remember preferences, understand usage, improve performance, and protect against abuse. We may also use analytics technologies to understand how people find and use our Services.

You can control cookies through your browser settings. Some cookies are necessary for the Services to function, and disabling them may affect availability or performance.

7. How We Share Information

We may disclose personal information in the following circumstances:

  • Service providers: We share limited information with vendors that help us operate the Services, including cloud hosting, infrastructure, analytics, payment processing, customer support, communications, security, and compliance providers.
  • Business customers and administrators: If your account is associated with an organization, administrators may access and manage certain account, usage, billing, and workspace-related information.
  • Integrations: If you connect third-party services, we may share information as needed to enable the integration.
  • Legal and safety reasons: We may disclose information to comply with law, legal process, or government requests; enforce our terms; protect rights, privacy, safety, and property; or detect and prevent fraud, abuse, or security incidents.
  • Business transfers: We may disclose or transfer information in connection with a merger, acquisition, financing, reorganization, sale of assets, bankruptcy, or similar transaction.
  • Affiliates: We may share information with entities under common ownership or control, consistent with this Privacy Policy.
  • Consent: We may share information when you direct us to do so or otherwise give consent.

We do not sell personal information. We do not share personal information for cross-context behavioral advertising.

8. Data Retention

Because Somi Labs runs zero data retention by default for customer content processed by Somi Labs-controlled systems, we do not retain prompts, inputs, files, outputs, or other customer content after processing unless you intentionally save, publish, export, share, submit feedback, or enable a feature that requires retention.

For other categories of personal information, we retain information only for as long as reasonably necessary to provide the Services, maintain accounts, comply with legal obligations, resolve disputes, enforce agreements, prevent abuse, and support legitimate business purposes.

When information is no longer needed, we delete, de-identify, anonymize, or otherwise process it in accordance with applicable law.

9. Security

We use commercially reasonable technical and organizational measures designed to protect personal information from unauthorized access, disclosure, alteration, loss, misuse, or destruction. No system or method of transmission is completely secure, and we cannot guarantee absolute security.

You are responsible for maintaining the confidentiality of your credentials and for using the Services in a secure and lawful manner.

10. Your Rights and Choices

Depending on where you live, you may have rights to access, correct, delete, restrict, object to, or receive a copy of your personal information. You may also have the right to withdraw consent or appeal a decision we make about a privacy request.

You may update certain account information through your account settings. You may opt out of marketing emails by using the unsubscribe link in those emails. We may still send transactional, administrative, security, or service-related messages.

To exercise privacy rights, contact us at [email protected]. We may ask you to verify your identity before processing your request. We will not discriminate against you for exercising privacy rights available under applicable law.

11. International Transfers

Somi Labs is based in the United States, and we may process limited account, billing, support, security, and operational information in the United States and other countries where we or our service providers operate. These countries may have data protection laws different from those in your jurisdiction. Where required, we use appropriate safeguards for international transfers.

12. Children

The Services are not intended for children under 13, and we do not knowingly collect personal information from children under 13. Some Services may require users to be at least 18 or the age of majority in their jurisdiction. If you believe a child has provided us personal information, contact us so we can take appropriate action.

13. Third-Party Services

The Services may contain links to third-party websites, applications, integrations, or services. We are not responsible for the privacy practices of third parties. Your use of third-party services is governed by their own terms and privacy policies.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes, we will post the updated policy with a new "Last updated" date. If required by law, we will provide additional notice. Your continued use of the Services after an updated policy becomes effective means you acknowledge the updated policy.

15. Contact Us

If you have questions about this Privacy Policy or our privacy practices, contact Somi Labs Technologies, Inc. at [email protected].