mumo — Privacy Policy

Effective: April 30, 2026 Last updated: April 30, 2026

mumo is a multi-model AI deliberation platform operated by Sourced LLC ("mumo," "we," "us," or "our"). This Privacy Policy explains what data we collect, how we use it, how it is routed to model and inference providers, and what controls you have.

We've written this in plain language. If something is unclear, contact us at support@mumo.chat.

1. What we collect

Account data

Google profile information (name, email address, profile photo) provided via Google OAuth at sign-in
Account identifiers generated by our authentication system
Workspace, plan, billing, and entitlement information where applicable
Account settings and privacy preferences

We do not collect or store your Google password.

Conversation data

Prompts — the questions, instructions, and context you submit
Annotations — excerpts you highlight, the bucket actions you take (Keep, Explore, Challenge, Core, Shift), and the commentary you add
Steering decisions — which content you choose to share with which models, response selections, and routing targets
Model responses — the text generated by AI models in response to your curated input
Session metadata — timestamps, active models, round counts, token counts, model routes, provider routes, session status
Share-link status and sharing metadata
Other content you provide through the web app, API, MCP, agents, or integrations

Analysis-feedback data

mumo may collect or generate structured assessments of deliberation sessions ("Analysis-Feedback Data"). Analysis-Feedback Data may be submitted by users, generated by agents or tools operating under user credentials, or generated by mumo features.

Analysis-Feedback Data may include ratings, labels, summaries, critiques, reasoning-quality assessments, model comparisons, routing recommendations, panel-composition observations, skill-behavior observations, failure analyses, and references to prompts, annotations, model responses, or other session content.

Analysis-Feedback Data is treated as content derived from the applicable session. It is not the same as anonymous clickstream analytics. It may contain excerpts, summaries, topics, labels, or references derived from session content, and is subject to your tier and Platform Improvement settings (Section 4).

Programmatic access data

If you use mumo through API, MCP, scripts, agents, or other automated tools, we may collect request and security metadata, including:

API key identifier or credential identifier
account or workspace identifier
client, tool, or agent identifiers where available
timestamps, request IDs, session IDs, model routes, and provider routes
IP address, user agent, error logs, rate-limit events, and safety/security events
token counts, latency, cost, and usage metadata
improvement_consent values sent with requests
the resolved Platform Improvement state for each session

API keys and credentials

mumo uses platform-managed provider credentials to call third-party model and inference providers. User-supplied provider keys (BYOK) are not currently supported.

If you create a mumo API key, only a hashed form is retained server-side. We cannot retrieve or view your full key after it is first displayed to you.

Usage and analytics data

We collect product analytics to understand how mumo is used and to improve reliability and usability. This may include page views, feature usage, session duration, navigation events, and product interaction patterns.

We use PostHog for product analytics and session replay. Session replay records interaction patterns such as mouse movements, clicks, scrolls, and page navigation. Text content in session recordings is masked so that conversation content, prompts, model responses, and personal information are not intentionally captured or transmitted to PostHog through session replay. Only structural UI elements (button labels, navigation items, model names) are visible in recordings.

We do not use third-party advertising trackers.

2. How we use your data

We use data to:

Provide mumo — store conversations, assemble prompts, route content to selected models, display responses, maintain session history, and generate share links
Authenticate users and secure accounts
Provide API, MCP, and agentic access
Enforce plan limits, rate limits, safety controls, and provider-policy requirements
Debug errors, monitor reliability, prevent abuse, and protect platform integrity
Communicate service-related notices, including terms changes, outages, and security issues
Comply with law, legal process, and enforceable requests
Improve mumo, as described in Section 3

3. Model training versus Platform Improvement

This is a deliberate distinction. Read this section carefully.

What mumo does not do

mumo does not use your prompts, model outputs, annotations, steering decisions, conversation transcripts, Analysis-Feedback Data, or other mumo session content to train, fine-tune, distill, align, pretrain, or reinforcement-learn AI models that generate text, reasoning, embeddings made commercially available to third parties, audio, images, video, or other generative outputs. mumo does not use your content to develop AI models that compete with the underlying model providers' products or services.

mumo does not authorize model providers or inference providers to use your mumo session content to train their AI models, except where you separately and explicitly opt in through a feature or provider relationship that clearly says so. mumo configures third-party model and inference-provider routes so that prompts and outputs sent through those routes are not used by the providers to train their models. Provider policies and account-level settings may change over time; we will update this Policy if a route materially differs from this posture.

We do not sell your data. We do not use your data for advertising. We do not build user profiles for targeting or marketing.

What Platform Improvement is

Platform Improvement is separate from training generative AI models on your content. Depending on your tier, account settings, and per-session settings, mumo may use session data, model outputs, annotations, steering decisions, session metadata, and Analysis-Feedback Data to improve mumo as a product. Platform Improvement includes:

panel composition and default model selection
routing configuration
prompt assembly
skill behavior configuration
evaluation methods
reliability, latency, and cost optimization
safety and abuse prevention
user-interface and workflow design
product analytics
developing internal orchestration tooling (described below)

Internal orchestration tooling

mumo may develop internal models, classifiers, rankers, or scoring functions used solely to operate and improve the mumo orchestration layer — for example, classifiers that categorize incoming requests, rankers that score model-suitability for a prompt, or pipelines that inform default panel composition. These internal models are not distributed, licensed, or made commercially available to third parties as standalone products. They are subject to your tier and Platform Improvement settings.

What Platform Improvement is not

Platform Improvement does not include training generative AI models on your content. It does not include selling your content to model providers. It does not include using provider API data to build a model that competes with the underlying providers' products or services. It does not include allowing third-party model providers to train on your mumo sessions.

Where practicable, we remove or separate direct account identifiers before using data for Platform Improvement. However, Analysis-Feedback Data may still contain excerpts, summaries, labels, topics, or references derived from session content. You should not submit confidential, regulated, proprietary, or sensitive data to a tier or session that is eligible for Platform Improvement unless you are comfortable with that use.

4. Platform Improvement use by tier

Your session's eligibility for Platform Improvement depends on your plan, account settings, and per-session settings.

Free Tier

Free-tier sessions are eligible for Platform Improvement by default as part of the free service.

This may include use of conversation data, model responses, annotations, steering decisions, session metadata, and Analysis-Feedback Data to improve mumo's product behavior, routing, defaults, evaluations, reliability, safety, and usability.

Free-tier users may upgrade to a paid plan to access exclusion controls.

Paid Tier

Paid-tier sessions are eligible for Platform Improvement by default if the Platform Improvement setting is enabled at enrollment or in account settings. The Platform Improvement toggle is shown in the paid enrollment flow and is operable before purchase activation.

Paid users may turn this setting off:

at the time of subscription / enrollment
later in account settings, at any time
per session, through the supported API/MCP improvement_consent flag

Per-session API/MCP control

API and MCP session-creation requests may include an optional boolean:

{ "improvement_consent": true }

Resolution works as follows:

Plan	Account setting	Request value	Transport	Result
Free	(n/a)	omitted	any	Include
Free	(n/a)	`true`	any	Include
Free	(n/a)	`false`	REST API	Reject with error
Free	(n/a)	`false`	MCP tool surface	Include, with disclosure
Paid	Include (default)	omitted	any	Include
Paid	Include (default)	`true`	any	Include
Paid	Include (default)	`false`	any	Exclude
Paid	Exclude	omitted	any	Exclude
Paid	Exclude	`true`	any	Include
Paid	Exclude	`false`	any	Exclude

For paid users, false exclusion requests are honored for the session, regardless of transport.

For free users, exclusion is not available because Free Tier participation in Platform Improvement is part of the free service. Free-tier false requests are handled differently depending on surface:

On the REST API, the request is rejected with the error consent_exclusion_unavailable. The session is not created.
On the MCP tool surface, the request is accepted, the session is created and included in Platform Improvement, and the response carries an explicit disclosure explaining that Free-tier sessions are included under accepted terms and the exclusion request was not applied.

The disclosure is returned in-band so that inclusion is visible to the calling client or agent. The MCP path is not a privacy escape hatch: the resolved outcome is inclusion, and the requested value plus resolved Platform Improvement state are recorded on the session.

We record both the requested improvement_consent value and the resolved Platform Improvement state for each session, regardless of transport.

Agent-submitted analysis-feedback

Analysis-Feedback Data may be generated outside mumo by your agent, tool, or client and submitted to mumo through the API/MCP or other supported interfaces. mumo treats those records as content submitted under your credentials. Unless a feature clearly says otherwise, mumo does not send excluded sessions to a separate third-party model provider solely to generate Analysis-Feedback Data.

5. Who receives your data

AI model providers and inference providers

When you use mumo, we send the content needed for a model response to the provider or inference host for the selected model route.

Model route	Recipient of inference payload	What they receive
Claude	Anthropic	Prompt, selected context, generation parameters, technical metadata
GPT	OpenAI	Prompt, selected context, generation parameters, technical metadata
Grok	xAI	Prompt, selected context, generation parameters, technical metadata
Gemini	Google	Prompt, selected context, generation parameters, technical metadata
Kimi, GLM, Qwen, and other Fireworks-hosted open-weight models	Fireworks AI (U.S.-based inference provider)	Prompt, selected context, generation parameters, technical metadata

For proprietary model routes, mumo sends inference payloads directly to the applicable model provider. Proprietary model providers may temporarily retain API inference data for limited periods for abuse monitoring, security, and policy enforcement, per each provider's own policies. As described in Section 3, providers do not use mumo's API traffic to train their models.

For Fireworks-hosted open-weight model routes, mumo sends inference payloads to Fireworks AI, a U.S.-based inference provider that hosts and serves those model weights. Fireworks AI receives your inference payload; the original model architect (e.g., Moonshot, Zhipu, Alibaba) does not receive that inference payload from mumo.

We use Fireworks AI for these routes as a deliberate part of mumo's privacy posture: it lets mumo offer open-weight models without sending ordinary inference payloads to the original model architects' hosted systems.

Fireworks AI zero data retention. Fireworks AI operates under a zero data retention architecture for open-model inference: prompt and generation data exist only in volatile memory for the duration of the request and are not written to persistent storage. Fireworks' published materials also describe encryption in transit (TLS 1.2+) and at rest (AES-256), access logging, workload isolation, SOC 2 Type II certification, and additional compliance controls. mumo uses Fireworks' standard chat completions endpoints and has not opted into any Fireworks features that would change this retention behavior (such as FireOptimizer, persistent prompt logging for advanced features, or the Response API's longer retention window). If we enable such features in the future, we will update this Policy and provide additional notice where required.

Fireworks AI's commitments are Fireworks AI's commitments. They govern Fireworks' processing, not mumo's storage, retention, or Platform Improvement practices, which are described separately in this Policy.

What providers do not receive. Model providers and inference providers do not receive your Google password, mumo API key, billing information, or unrelated account credentials. A provider for one model route does not receive payloads for a different model route merely because both models are available in the same mumo session.

Infrastructure providers

We use infrastructure and service providers to operate mumo, including:

Supabase — database and authentication, hosted in the United States
Vercel — application hosting
PostHog — product analytics and session replay (see PostHog's Privacy Policy)
payment, email, monitoring, logging, and support providers as needed

These providers process data on our behalf under their own terms, privacy policies, and contractual obligations.

Human review

Access to user data is limited to Sourced LLC personnel acting under confidentiality obligations and on a need-to-know basis, for purposes including operating, supporting, securing, debugging, auditing, and improving the platform.

mumo does not currently engage third-party contractors, vendors, or partners to access or process user session content. If we do in the future, we will update this Policy and provide notice where required.

Where access is for Platform Improvement purposes, that review is limited to sessions eligible for Platform Improvement under the user's tier and settings.

Shared conversations

When you create a share link, the shared conversation may become accessible to anyone with the link. Shared content may include:

the conversation transcript
model responses
annotations and commentary
steering decisions
other content included in the shared view

Share links do not expose your Google password, mumo API keys, or private account credentials.

Legal disclosures

We may disclose data if required by law, subpoena, court order, legal process, or enforceable governmental request. We may also disclose data where we believe it is necessary to protect mumo, users, providers, or the public from harm, fraud, abuse, or security threats.

We will attempt to notify you of legal requests unless legally prohibited or where notice would create risk.

6. Where your data is stored and protected

Conversation data and account information are stored in a PostgreSQL database hosted by Supabase in the United States.

Data in transit is encrypted using TLS. Sensitive stored credentials are encrypted or hashed as appropriate. mumo API keys are stored only in hashed form after first display.

We use access controls, logging, monitoring, and other safeguards designed to protect user data. No system is perfectly secure.

7. How long we keep your data

Conversations — stored until you delete them or delete your account, unless retention is required for law, security, abuse prevention, dispute resolution, backup integrity, provider compliance, or ordinary business records.
Account data — retained while your account exists. If you delete your account, we will delete or de-identify account data and stored conversation data associated with your account within 30 days, subject to the exceptions above.
mumo API keys — stored until you revoke them, rotate them, or delete your account.
Share links — accessible until you delete the underlying session or revoke the share link where revocation is supported.
Analysis-Feedback Data and Platform Improvement records — Analysis-Feedback Data linked to a deleted session will be deleted where it remains associated with that session. De-identified, aggregated, or account-separated Platform Improvement records that are no longer reasonably associated with your account or session may be retained unless applicable law or your plan-specific controls require deletion.
Backups — may retain deleted data for a limited period before being overwritten according to our backup practices.

8. Your rights and controls

You can:

View your data — all conversations are accessible in your session history
Delete conversations — remove individual sessions at any time
Delete your account — removes your account and associated data
Manage API keys — create, revoke, or rotate mumo API keys
Revoke share links — delete the underlying session or revoke the share link where supported
Review Platform Improvement settings — see your account-level setting at any time
For paid accounts — set account-level Platform Improvement inclusion or exclusion
For supported API/MCP sessions — set improvement_consent per session
Contact us — for help with access, correction, deletion, or privacy questions

Platform Improvement setting by tier (summary)

Free tier — Free accounts are included in Platform Improvement by default. This is disclosed during signup. Free-tier users may upgrade to access exclusion controls.
Paid tier — Paid accounts may set an account-level Platform Improvement preference and may set per-session controls via API/MCP. The setting is shown in the enrollment flow and is operable any time after.

Platform Improvement history (where supported)

Where available, mumo may provide a Platform Improvement history view showing:

session ID and timestamp
plan at time of session
models used and providers routed to
requested improvement_consent value
resolved Platform Improvement state
whether Analysis-Feedback Data was generated
whether the session was included in Platform Improvement

Changing your account-level setting applies to future sessions. Revoking inclusion for a past session prevents future Platform Improvement use of linked records where technically feasible, but may not remove de-identified, aggregated, or account-separated records that are no longer reasonably associated with that session.

9. Users in the EU/EEA

If you are located in the European Economic Area, you may have rights under GDPR or similar laws, including rights to access, rectification, erasure, portability, restriction, and objection. Contact us at support@mumo.chat to exercise these rights.

10. Users in California

If you are a California resident, you may have rights under California privacy laws, including the right to know what personal information we collect, the right to delete certain personal information, and the right to opt out of sale or sharing of personal information.

We do not sell personal information. We do not use personal information for third-party advertising targeting.

11. Children

mumo is not intended for users under 18. We do not knowingly collect data from children. If we learn that we collected data from a user under 18, we will delete it promptly.

12. Changes to this Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the platform, email, or other reasonable means.

Material changes to model routing, provider architecture, or Platform Improvement data use may require renewed affirmative acceptance before further platform use.

The "Last updated" date reflects the most recent revision.

13. Contact

Questions or concerns about privacy? Contact us at support@mumo.chat.