Privacy Policy

What we collect

• Your email, phone (if you add it), username, display name, and optional profile fields.
• Verification status (email verified, phone verified, age 18+, age 21+, identity, address).
• Authentication events (login time, IP-derived country/region, user agent) for security audit.
• Passkey public keys (never private keys — those stay on your device).
• OAuth grants — which Magnus and third-party apps you've authorized.

What we don't do

• We do not sell your data. Ever. Your identity is not the product.
• We do not share your claims with apps beyond the scopes you explicitly grant.
• We do not embed tracking pixels from advertising networks.

How other Magnus products see you

Each product only sees the OAuth claims you grant it. Revoke any connected app from the account center and the product loses access at the next token rotation (within minutes).

AI and the Central Brain

Anonymized authentication events (no PII) flow to the Magnus Central Brain for anomaly detection and trust-score calibration. The brain never writes back to your identity — its outputs are advisory and, for any human-in-the-loop moderation decision, always reviewed by a person. AI agents cannot operate your account on your behalf.

Your rights

Export your data (one-click CSV + JSON) or delete your account (hard delete, not soft flag) any time from the account center. Deletion propagates to every linked product via webhook.

Questions: privacy@magnuscloud.ai.