Privacy Policy

Who we are

Anchor is a platform for shared artifacts that AI agents and humans use together, operated by Anchor Technologies, Inc. ("Anchor", "we", "us"), a Delaware corporation, at anchor.cc. AI agents use Anchor to create, host, and manage tables, apps, and all kinds of files on behalf of users. This Privacy Policy explains what personal data we collect when you use Anchor, how we use it, who we share it with, how long we keep it, and the rights and choices available to you.

When we say "you" we mean the person using Anchor, whether as an individual or on behalf of an organization. When we say "your content" we mean the tables, apps, files, and metadata you or your AI agent create or upload to Anchor.

Our registered address is shown in the footer of this page. You can reach our privacy team at privacy@anchor.cc.

Who interacts with Anchor

Everyone who interacts with content in Anchor is a signed-in Anchor account holder. We do not support anonymous visitors, public link-based access for non-users, or unauthenticated browsing of hosted apps, tables, or files. There are three ways someone appears in Anchor:

• Account holders — people who have signed in with a supported identity provider and have an active Anchor account.
• Invited collaborators — people invited by email to a folder or file. They must create an Anchor account before they can access anything; until they do, we retain only the invitation (email address, inviter, scope, timestamp).
• Organization members — account holders who belong to an organization. Membership is administrative and does not by itself grant access to any content.

Because every interaction with content is authenticated, each access is attributable to a specific Anchor account.

What information we collect

We collect only what we need to provide the Service, grouped into five categories.

Account information

When you sign in with a supported identity provider (currently Google), we receive your email address, name, profile picture URL, and a stable user identifier. We use this to create and authenticate your Anchor account and to identify you to organizations and collaborators.

Content you or your agent creates

We store the items that you or your AI agent create in Anchor:

• Apps hosted at anchor.cc/app/<appID>.
• Tables (structured, spreadsheet-like data) at anchor.cc/table/<tableID>.
• Files of any type — PDFs, documents, images, audio, video, markdown, CSVs, and more — at anchor.cc/file/<fileID>.
• Metadata around those items: folder structure, titles, timestamps, owners, sharing permissions, and version history.

We store your content encrypted and serve it only to accounts you have explicitly authorized. We do not inspect or analyze the contents of your files, tables, or apps except as strictly necessary to operate the Service or as described under Security below.

AI agent connection data

When you connect an AI agent (Claude, ChatGPT, Gemini, Grok, Codex, or any MCP-compatible agent), we record the information needed to authorize that agent and keep an audit trail:

• The registered client identifier and redirect URIs supplied by the agent client.
• OAuth authorization codes, access tokens, and refresh tokens. Tokens are stored hashed where possible and transmitted only over TLS.
• The scope of access you granted and the timestamp of each grant or revocation.
• Each tool invocation the agent performs against your account — tool name, input parameters, response size, outcome, and timestamp — so you have an audit trail of actions taken on your content.

Usage and device data

We collect standard server logs when you visit anchor.cc, access a shared Anchor item, or connect an agent: IP address, user-agent string, referring URL, request paths, response codes, and timestamps. We use these for security, abuse prevention, debugging, and capacity planning.

Cookies and similar technologies

We use a small number of cookies and comparable storage mechanisms:

• Session cookie — a first-party, HttpOnly, Secure, SameSite=Lax cookie that keeps you signed in to anchor.cc. Required for the Service to function.
• Product analytics and error monitoring — we use PostHog to understand how anchor.cc is used, measure feature adoption, and investigate errors. PostHog is configured to avoid collecting the contents of your files, tables, or apps and to respect Do Not Track signals where applicable.

We do not use third-party advertising cookies and we do not participate in cross-context behavioral advertising.

How we use your information

We use the information above to:

• Provide the Service — authenticate you, host your apps, store your tables and files, and route requests to the correct items.
• Execute the actions your AI agent requests on your behalf, within the scope you have granted.
• Enforce sharing and permissions at the org, folder, and file levels (owner, editor, viewer).
• Keep the Service secure — detect abuse, fraud, and attacks, and meet our legal obligations.
• Improve the product — diagnose bugs, understand performance, and plan new features.
• Communicate with you — respond to support requests and send important service notices.

We do not use your content to train third-party AI models, we do not sell your personal information, and we do not share your personal information for cross-context behavioral advertising.

Legal basis for processing (EEA, UK, Switzerland)

If you are in the European Economic Area, the United Kingdom, or Switzerland, we rely on the following lawful bases under Article 6 of the GDPR and equivalent laws:

• Performance of a contract — to provide the Service you requested, including account creation, storing your content, executing agent-initiated operations, and enabling sharing.
• Legitimate interests — to keep the Service secure, prevent fraud and abuse, improve the product, and communicate with you about material changes.
• Legal obligation — to comply with tax, accounting, security, and other applicable laws.
• Consent — where we specifically ask for it (for example, optional marketing emails). You can withdraw consent at any time.

AI agents and your data

Anchor is the storage and hosting layer — not the AI agent itself. The agent you connect (Claude, ChatGPT, Gemini, Grok, Codex, or any MCP-compatible agent) is provided by a third party and is subject to that provider's terms and privacy policy.

• Agents act as you. Anything an agent does in Anchor under your authorization is attributable to you.
• Agent providers see what the agent reads. When you prompt an agent to work with content in Anchor, the tool's response is returned to the agent and therefore to the agent provider. Anchor cannot control what the provider does with that data once it leaves our systems.
• Revoking access is in your hands. Disconnect the Anchor connector from the agent's own settings — we immediately invalidate the associated tokens.
• Audit trail. Anchor records every agent-initiated operation on your content so you can review what has been done.

Sharing and collaboration

Nobody gets access to anything automatically — someone always has to explicitly share it with them. Being in an org doesn't mean you can see its content.

Organizations

An organization is the top-level boundary — your team, company, or any group that works together. Org membership is administrative only; it does not automatically grant access to any content.

Folders and files

All content lives inside folders. Every folder and every file has its own permissions with three roles: owner (full control), editor (can view, edit, and invite others), and viewer (view only). Folder permissions flow down — the highest access level wins.

Who can see your content

Only signed-in Anchor account holders you have explicitly granted access to can see a given folder or file. Content shared with you from outside your organizations appears in your Shared with me view.

Subprocessors and third-party services

We rely on a small, vetted set of subprocessors to run the Service. Each is contractually bound to appropriate confidentiality, security, and data-protection obligations.

Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure

Cloud hosting, compute, and object storage for Anchor's infrastructure and your content. Data is processed primarily in the United States.

Google LLC

Identity provider for Google OAuth sign-in. Google receives only the minimum information required to authenticate you.

Anthropic, OpenAI, Google, xAI, and other AI model providers

When you connect an AI agent, the provider receives the data your agent requests from Anchor as part of the agent's context. These providers act under their own terms.

PostHog, Inc.

Product analytics and error monitoring for anchor.cc. Configured to avoid collecting the contents of your files, tables, or apps.

Payment processors

For paid plans, a PCI-DSS-compliant payment processor handles your payment details. Anchor does not store full card numbers.

Business customers may request our current subprocessor list and our Data Processing Addendum by writing to privacy@anchor.cc.

Storage, retention, and deletion

We keep personal data only for as long as we need it. Representative retention periods:

• Your content — retained while your account or organization is active. Deleted items enter a 30-day soft-deletion window, then are permanently removed.
• Backups — encrypted backups are rotated out within 90 days.
• Account closure — account data and owned content deleted within 30 days, backups purged within a further 60 days.
• Access logs — up to 90 days.
• Audit trails and security logs — up to 12 months.
• Invoices and transaction records — kept as required by law, typically 7 years.
• Invitations to non-users — kept until accepted, revoked, or expired (90 days).

Security

• Encryption in transit using TLS 1.2 or higher for every connection, including all MCP traffic.
• Encryption at rest for databases, object storage, and backups using AES-256 or stronger.
• Tenant isolation — every query and storage access is scoped by organization and user.
• Least-privilege access for employees, with multi-factor authentication, audit logging, and periodic access reviews.
• OAuth 2.0 with PKCE for all MCP client connections, short-lived access tokens, and rotating refresh tokens.
• Continuous monitoring for abuse, anomalous activity, and vulnerabilities.
• Incident response. If we confirm a personal data breach likely to result in a risk to your rights, we will notify affected users and applicable regulators without undue delay.

Report suspected vulnerabilities to security@anchor.cc.

Your rights

Depending on where you live, you may have rights to access, correct, export, or delete the personal data we hold about you. You can exercise most of these directly from your Anchor account. For anything else, email privacy@anchor.cc.

To revoke an AI agent's access, disconnect the Anchor connector from the agent's own settings — Anchor immediately invalidates the tokens.

Rights of residents in the EEA, UK, and Switzerland

• Access — request a copy of the personal data we hold about you.
• Rectification — correct inaccurate or incomplete data.
• Erasure — request deletion of your personal data.
• Restriction — limit how we process your data.
• Portability — receive your data in a structured, machine-readable format.
• Object — object to processing based on legitimate interests.
• Withdraw consent — where processing is based on consent.
• Complain — lodge a complaint with your local supervisory authority.

The data controller is Anchor Technologies, Inc. Contact privacy@anchor.cc for any GDPR-related request.

Rights of California residents (CCPA/CPRA)

We do not sell personal information and we do not share personal information for cross-context behavioral advertising.

• Right to know — the categories and specific pieces of personal information we have collected.
• Right to delete — request deletion of personal information we collected from you.
• Right to correct — inaccurate personal information we maintain about you.
• Right to non-discrimination — we will not discriminate against you for exercising your rights.

To exercise these rights, email privacy@anchor.cc.

International data transfers

Anchor is operated from the United States. If you are outside the United States, your personal data will be transferred to, and processed in, the United States. For transfers out of the EEA, UK, or Switzerland, we rely on the European Commission's Standard Contractual Clauses supplemented with encryption in transit and at rest.

Changes to this policy

We may update this Privacy Policy as Anchor evolves. When we make material changes, we will update the "Last updated" date and notify you at least 14 days before the changes take effect.

Contact us

Privacy questions: privacy@anchor.cc. Security issues: security@anchor.cc. General inquiries: hello@anchor.cc.