Legal

Privacy Policy

Last updated: June 28, 2026

This Privacy Policy explains how Effortless Labs (“Effortless Labs”, “we”, “us”), the operator of fnMoa (the “Service”), collects, uses, and shares information when you use our website, dashboard, CLI, and API. By using the Service, you agree to this Policy.

1. Information we collect

Information you provide

• Account & identity — when you sign in with GitHub, we receive your GitHub profile information (such as username, email, and avatar) and the access tokens you authorize.
• Early access & contact requests — when you submit our forms, we collect your name, email, company, and message. These requests are stored in Airtable on our behalf.
• Communications — information you send us by email or other support channels.

Information from your connected repositories

• To provide the Service, we access and process content from the repositories and accounts you connect — code, issues, pull requests, comments, commits, CI results, and related metadata.

Information collected automatically

• Usage & logs — workflow runs, steps, token and cost metering, error logs, timestamps, and similar operational data.
• Device & connection — IP address, browser type, and basic request metadata used to operate and secure the Service.

2. How we use information

• to operate, provide, and maintain the Service and its workflows;
• to send relevant content to AI model and infrastructure providers in order to generate output for you;
• to meter usage and cost, and to bill where applicable;
• to respond to your requests, including early-access and dedicated-server inquiries;
• to secure the Service, prevent abuse, and debug problems;
• to improve the Service, using aggregated or de-identified data where feasible;
• to comply with legal obligations and enforce our terms.

3. AI processing

To generate code, reviews, and other output, we transmit relevant portions of your content to AI model providers (such as Anthropic). We aim to send only what is necessary for the requested task. These providers process the data under their own terms and data-handling commitments. We do not sell your data, and we do not use the contents of your private repositories to train our own foundation models.

4. How we share information

We share information only as described here:

• Service providers — GitHub, AI model providers, cloud and hosting providers, Airtable (for lead and contact requests), and analytics or email providers, each processing data on our behalf to run the Service.
• Within your organization — runs and data may be visible to other members of your organization, subject to per-organization isolation.
• Legal & safety — where required by law, or to protect the rights, safety, and security of fnMoa, our users, or the public.
• Business transfers — in connection with a merger, acquisition, or sale of assets, subject to this Policy.

5. Multi-tenant isolation

fnMoa is designed so that each organization is isolated — its own repositories, identity, billing, and memory. Dedicated deployments run on your own compute, so your data and secrets remain in your environment.

6. Data retention

We retain information for as long as needed to provide the Service and for legitimate business and legal purposes. You may request deletion of your account data, and you can disconnect repositories and revoke access at any time through GitHub. Some data may persist in backups or as required by law for a limited period.

7. Security

We use technical and organizational measures to protect information, including encryption of sensitive secrets at rest and access controls. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

8. Your rights

Depending on your location, you may have rights to access, correct, delete, or port your personal data, or to object to or restrict certain processing. To exercise these rights, contact us at nasim@effortlesslabs.xyz. We will respond as required by applicable law.

9. International transfers

We and our providers may process information in countries other than yours. Where required, we rely on appropriate safeguards for such transfers.

10. Children

The Service is not directed to children under 16, and we do not knowingly collect personal information from them.

11. Changes to this Policy

We may update this Policy from time to time. If we make material changes, we will take reasonable steps to notify you, and we will update the “Last updated” date above.

12. Contact

Questions about this Policy or your data? Contact us at nasim@effortlesslabs.xyz.