# Privacy · Onto
> How Onto collects, uses, and protects information when you use our APIs, SDKs, and dashboard.

**Source:** /legal/privacy
**Extracted:** 2026-05-20T20:59:17.571Z

---
Legal

## Privacy Policy

How Onto collects, uses, retains, and protects information when you use our APIs, SDKs, MCP server, and dashboard.

Status

Drafting · pre-launch

Effective

Upon public availability

Document

v0.1 · draft

Contact

[founder@buildonto.dev](mailto:founder@buildonto.dev)

What this document will cover

*   01What account, billing, and usage data we collect from developers using the Onto Read API, Serve SDK, and MCP server
*   02How AI agents and crawlers interacting with sites served by Onto are logged and rate-limited
*   03Subprocessors we rely on (Vercel, Polar, Cloudflare, Supabase) and the data each one receives
*   04Retention periods for request logs, scoring artifacts, and cached payloads at the edge
*   05Your rights under GDPR, CCPA, and India's DPDP Act — and how to exercise them
*   06How we handle data residency, deletion requests, and account closure

Onto is operating in private preview. We're finalising this policy ahead of general availability. If you need a copy under NDA or have a specific compliance question, email [founder@buildonto.dev](mailto:founder@buildonto.dev) and we'll respond within one business day.

[Back to home](/)