MonkMonk

    Privacy Policy

    Last Updated: October 29, 2025

    This Privacy Policy ("Privacy Policy") governs the processing and transfer of personal data collected or processed by MonkOS Inc. (collectively with its subsidiaries and affiliated companies "Company", "we", "us" or "our") when we provide our services, through the use of our deployment and management platform ("Platform"), or when you access or use our website available at monk.io ("you" or "your" and "website" or "services"). This Privacy Policy is an integral part of any other agreement between us (Terms). Any capitalized terms not defined herein shall have the meanings ascribed to them in the Terms, or under the applicable privacy laws.

    This Privacy Policy explains what data we may collect from you, how such data may be used or shared with others, how we safeguard it and how you may exercise your rights related to your Personal Data (as defined below), as required under relevant privacy regulation, including without limitation and where applicable: the EU General Data Protection Regulation ("GDPR"), relevant US Privacy Laws, the California Consumer Privacy Act ("CCPA"), and the Israeli Privacy Protection Law, 1981. In addition, any reference to the GDPR shall also include the UK Data Protection Act, 2018 (UK-GDPR).

    Additional Notice to California Residents: In the event you are a California resident -- please review our CCPA Notice to learn more about our privacy practices with respect to the CCPA.

    If you have any questions regarding this Privacy Policy or our data practices, you are welcome to contact us at: privacy@monk.io.

    Important: You are not required by law to provide us with any Personal Data. However, please note that some of our services require the processing of certain Personal Data and without such data we may not be able to provide you with all or part of such services.

    Policy Amendments

    We reserve the right to amend this Policy from time to time, at our sole discretion. The most recent version of the Policy will always be posted on the website. The updated date of the Policy will be reflected in the "Last Modified" heading. Any amendments to the Policy will become effective immediately, unless we notify you otherwise. If we materially change the way in which we process your previously collected Personal Data, we will provide you with prior notice, or where legally required, request your consent prior to implementing such changes. We strongly encourage you to review this Policy periodically to ensure that you understand our most updated privacy practices.

    Contact Information and Data Controller Information

    MonkOS Inc. is the Data Controller (as such term is defined under the GDPR or equivalent privacy legislation) of your Personal Data collected from you as a user of our services.

    You may contact us as follows:

    • By email: privacy@monk.io
    • By Mail: 330 Wythe Ave, Brooklyn, NY 11249, United States

    Data Sets We Collect and For What Purpose

    Below you can find information regarding the purposes for which we process your personal data as well as our lawful basis for processing, the definition of "personal" and "non-personal" data, and how it is technically processed.

    Non-Personal Data

    During your interaction with the services, we may collect aggregated, non-personal non-identifiable information ("Non-Personal Data"). We are not aware of the identity of the user from which the Non-Personal Data is collected. We collect Non-Personal Data regarding your use of the services, such as the scope, frequency, latency, pages accessed and viewed, time and date stamp, interactions with content and materials displayed through our services, language preference, and other technical information regarding the device used to access the services, for example type of device, type of browser, operating system, etc.

    We may sometimes process and anonymize or aggregate Personal Data and identifiable information in a manner that shall create a new set of data that will be Non-Personal Data. Such a new data set can no longer be associated with any identified natural person. Non-Personal Data may be used by us without limitation and for any purpose.

    Personal Data

    We may also collect from you, directly or indirectly, during your access or interaction with the services, individually identifiable information, namely information that identifies an individual or may, with reasonable effort, be used to identify an individual ("Personal Data"). The types of Personal Data that we collect as well as the purpose for processing and the lawfulness are specified below.

    Important: As part of our services, we do not knowingly collect or process any Personal Data constituting or revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning a person's health or data concerning a person's sex life or sexual orientation ("Special Categories of Personal Data"). Additionally, we do not knowingly collect, process or use any of your Sensitive Data or Information as such term is defined under "US Privacy Laws".

    Data Collection Categories

    Contact and Customer Support Information

    If you voluntarily contact us in order to purchase our services, or receive our support, you may be required to provide us with certain Personal Data such as your name, email address, and any additional information you decide to share with us. We process this data subject to our legitimate interest and to perform our contract with you.

    Platform User Account Basic Information

    Any user of the Platform must have an account. The information provided during the registration process through GitHub or Google may include your name, email, phone number, username, password, and profile picture (if available). We process this information to verify your identity and grant you access to the Platform.

    Payment Data

    When you make a payment to receive our services, you will be asked to submit payment information data such as your credit card number, bank account data, debit card, etc. We use third party payment processors and any transactions that are processed by these third-party payment processors will be governed by their privacy policies and terms.

    Platform Use Data

    As part of your usage of our services, we may access and process Customer Data for the purpose of generating the automated deployment Outputs. Customer Data is analyzed using our AI/ML models solely for the purpose of providing the Services.

    How We Collect Your Information

    Depending on the nature of your interaction with us, we may collect the above detailed information from you, as follows:

    • Automatically: We may use cookies (as elaborated in the section below) or similar tracking technologies (such as pixels, tags, agent, etc.) to gather some information automatically.
    • Provided by you or about you voluntarily: We will collect information if and when you choose to provide us with the information, such as through registering to the services, etc.
    • Provided from third parties: Where permitted under applicable law and provided with your consent for cookie usage, we may enrich the Personal Data collected about you with data provided by third parties.

    Cookies

    When you access or use the website, we use "cookies" or similar tracking technologies, which store certain information on your device (i.e., locally stored). The use of cookies is standard industry-wide practice. A "cookie" is a small piece of information that a website assigns and stores on your computer while you are viewing a website.

    There are several types of cookies, including without limitation:

    • Essential, Functionality, Operation & Security Cookies: These cookies are essential for enabling visitor movement around the website, for the website to function properly, and for security purposes.
    • Analytic, Measurement & Performance Cookies: These cookies are used to collect information about how visitors use our website, in order to improve our website, content, and the way we offer them.
    • Preference, Targeting & Advertising Cookies: These cookies are used to advertise across the internet and to display relevant ads tailored to visitors based on the parts of the website they have visited.

    We also honor browser-based opt-out signals, such as the Global Privacy Control (GPC) and Universal Opt-Out Mechanisms (UOOM), by automatically disabling non-essential cookies when such signals are detected.

    Cookie Settings

    Data Sharing

    We share your data with third parties, including our partners or service providers that help us operate and make the most of the website:

    Our Affiliated Companies

    We may share Personal Data with our affiliated companies and subsidiaries in order to provide joint services, for example, marketing, improving our services, etc.

    Our Service Providers

    We share your Personal Data with our trusted service providers and business partners that perform business operations for us on our behalf (as data processors) and pursuant to our instructions. This includes the following categories of service providers:

    • AI/ML systems: Who help us improve our services
    • Advertising and marketing service providers: Who help us with advertising measurements, email marketing, etc.
    • Data storage providers: With whom we entrust the hosting and storage of our data
    • General IT and SaaS providers: Providing us with IT systems for the management of our daily conduct

    Legal and Law Enforcement

    We may disclose certain Personal Data to law enforcement, governmental agencies, or authorized third parties, in response to a verified request relating to criminal investigations or alleged illegal activity or any other activity that may expose us, you, or any other visitor to legal liability.

    Corporate Transactions

    In the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation, or asset sale) we will share the Personal Data we store with our acquiring company.

    Data Retention

    In general, we retain the Personal Data we collect for as long as it remains necessary for the purposes set forth above, all under the applicable regulation, or until you express your preference to opt out, where applicable. Please note that except as required by applicable law, we will not be obliged to retain your data for a particular period, and we may delete it for any reason and at any time, without providing you with prior notice of our intention to do so.

    Security Measures

    We take great care in implementing physical, technical, and administrative security measures for the website and services, that we believe comply with applicable regulation and industry standards to prevent your information from being accessed without the proper authorization, improperly used or disclosed, unlawfully destructed, or accidentally lost. If you feel that your privacy was not dealt with properly or was dealt with in a way that was in breach of our Privacy Policy or if you become aware of a third party's attempt to gain unauthorized access to any of your Personal Data, please contact us at privacy@monk.io.

    International Data Transfer

    Due to our global business operation, we may store or process your Personal Data in several territories, including, for example in Israel, the UK, EU, US or in other countries (whether directly or indirectly through the use of our vendors). Thus, your Personal Data may be transferred to and processed in countries other than the country from which you accessed our websites or otherwise the country of your jurisdiction. We will take appropriate measures to ensure that your Personal Data receives an adequate level of data protection upon its transfer in accordance with applicable law.

    Your Rights

    Data protection and privacy laws may grant you certain rights with regards to your Personal Data, all according to your jurisdiction. The rights may include one or all of the following:

    • Request to amend your Personal Data we store
    • Review and access your Personal Data that we hold
    • Request to delete your Personal Data that we hold (as long as we do not have a legitimate reason for retaining the data)
    • Restrict or object to the process your Personal Data
    • Exercise your right of data portability
    • Contact to a supervisory authority in your jurisdiction and file a complaint
    • Withdraw your consent (to the extent applicable)

    If you wish to submit a request to exercise your rights, please fill out our Data Subject Request (DSR) Form and send it to our email at: privacy@monk.io.

    You have the right to lodge a complaint with the EU Member State supervisory authority if you are not satisfied with the way in which we handled the complaint.

    Third Party Websites

    Our Privacy Policy only addresses the use and disclosure of Personal Data we collect from you. To the extent that you disclose your Personal Data to other parties via the website (e.g., by clicking on a link to any other website or location), different rules may apply to their use or disclosure of the Personal Data you disclose to them, and this Privacy Policy does not apply to any such third-party products and services. You agree that we shall have no liability whatsoever with respect to such third-party sites and your usage of them.

    Eligibility and Children Privacy

    Our services are not directed nor is it intended for use by children, and we do not knowingly process, sell or share children's information. We will discard any information that we receive from a user who is considered a "child" immediately upon our discovery that such a user shared information with us. Please contact us at privacy@monk.io, if you have reason to believe that a child has shared any information with us.

    Contact Us

    If you have questions about this Privacy Policy or our privacy practices, please contact us at:

    Email: privacy@monk.io

    Address: MonkOS Inc., 330 Wythe Ave, Brooklyn, NY 11249, United States