Legal

Privacy Policy

How we collect, store, and protect your data. Plain language, no legalese where we can help it.

Last updated: 11 May 2026Effective: 11 May 2026

1. Who we are

Managable is operated by Managable FZE, a company registered in the United Arab Emirates with EU and US subsidiaries handling regional data. "We", "us", and "Managable" in this policy refer collectively to the operating company and its data sub-processors.

2. Data we collect

Account data

Email address, workspace name, billing details, plan tier. Collected when you sign up or change your subscription.

Workspace data

Anything you put into Managable: clients, projects, documents, files, credentials, AI conversations, and connected bank transactions. This is your data, held in trust on your behalf.

Operational data

Logs of API calls, sign-in events, and error reports. Used only for service reliability and security forensics. Not used for advertising or model training.

3. How we use it

  • To provide the Managable service to you and your team.
  • To reconcile transactions, draft documents, and operate Aether — strictly inside your workspace, with your context.
  • To diagnose problems and prevent abuse.
  • To bill you for the plan you have chosen.

We do not sell your data, use it to train public AI models, or share it with advertisers.

4. Sub-processors

We share data only with the infrastructure providers required to run the service:

  • Amazon Web Services (hosting · eu-central-1, us-east-1, me-central-1)
  • Stripe (payments & billing)
  • Plaid & GoCardless (bank connections)
  • Anthropic & OpenAI (Aether — model providers; data not used for training)
  • Postmark (transactional email)

5. Your rights

Under GDPR, CCPA, and Gulf data-protection laws, you have the right to access, correct, export, and delete your data. Most of these are available as one-click actions in your workspace settings. For anything that is not, email us — see below.

6. Retention & deletion

While your account is active, we keep your data as long as you keep it in your workspace. If you cancel, we retain a backup for 30 days, then perform a hard delete across all systems. Audit logs are kept for 12 months for compliance.

7. How to contact us

Email [email protected] for any privacy question, GDPR request, or to designate a data protection contact for your workspace.