Privacy Policy
Last updated: June 25, 2026
1. Introduction
At Mira OS ("we", "us", or "our"), provided by deAI Labs, we believe that your digital life requires absolute sovereignty. This Privacy Policy explains how we collect, use, and protect your personal data when you use our website and the Mira OS services (collectively, the "Service"). We are committed to complying with the General Data Protection Regulation (GDPR).
Data Controller
deAI Labs GmbH
Grubenweg 4B
82327 Tutzing, Germany
Email: hello@deai-labs.com
2. Our Zero-Trust Philosophy
Mira OS is built on a "Zero-Trust" architecture. Unlike traditional assistants that mine your data for advertising, Mira isolates your data in a private digital vault. We process your data solely to provide the Service to you. We do not sell your personal data to third parties.
3. Data We Collect
We collect and process the following types of personal data:
- Account Information: Name, email address, and authentication credentials necessary to create and manage your account.
- Contextual Data ("Living Memory"): Information you explicitly provide to Mira (e.g., goals, priorities, schedule, preferences) to enable the assistant's memory and personalization features.
- Communication Data: Content of your conversations with Mira, voice inputs, and text inputs.
- Usage Data: Technical information about how you access the Service (IP address, browser type, device information) for security and performance optimization.
4. Legal Basis and Purpose of Processing
Under GDPR, we process your data based on the following legal grounds:
- Contractual Necessity (Art. 6(1)(b) GDPR): To provide the Mira OS service, manage your account, and fulfill your requests.
- Consent (Art. 6(1)(a) GDPR): For specific optional features or sensitive data processing where you have given explicit permission. You may withdraw consent at any time.
- Legitimate Interests (Art. 6(1)(f) GDPR): To ensure the security of our infrastructure, prevent fraud, and improve the performance of our Service, provided these interests are not overridden by your rights.
- Legal Obligation (Art. 6(1)(c) GDPR): When we are required to comply with applicable laws and regulations.
5. Data Retention
We retain your personal data only for as long as necessary to provide the Service or as required by law. Because Mira allows for a "Living Memory," your contextual data remains in your private vault until you choose to delete it or close your account. You have full control over your memory graph and can request deletion of specific data points.
6. Data Sharing and Processors
We strictly limit data sharing. We do not sell your data. We may share data with trusted third-party service providers (Data Processors) who assist us in operating our Service, each bound by a data processing agreement to ensure your data remains protected in accordance with GDPR. The processors used on this website include:
- Calendly (USA): Appointment scheduling. If you open the in-page scheduler, the booking details you enter are processed by Calendly LLC to arrange the call. The scheduler only loads when you choose to open it. Privacy policy: calendly.com/privacy.
- Web3Forms: Contact-form delivery. Messages you submit through our contact form are transmitted via Web3Forms so they reach us by email. Privacy policy: web3forms.com/privacy-policy.
- hCaptcha (USA): Spam protection on our contact form, provided by Intuition Machines, Inc., which verifies that a submission comes from a human. Privacy policy: hcaptcha.com/privacy.
- Microsoft Clarity (USA): Aggregated product analytics — heatmaps and session replays that help us see how pages are used. Loaded only after you accept analytics; text content is masked by default. Provided by Microsoft. Privacy: privacy.microsoft.com.
For "Human-in-the-Loop" features, specific authorized personnel may access limited data segments only with your explicit permission and confirmation for each task.
7. Cookies, Analytics & Consent
Our website uses cookies and similar technologies. Non-essential technologies run only with your consent, which you can review or change at any time.
- Essential: Strictly necessary cookies that make the site work and store your consent and language choices. These run without consent (Art. 6(1)(f) GDPR).
- Analytics — consent only: With your consent, we use Google Analytics 4 (via Google Tag Manager) and Microsoft Clarity (heatmaps and session replays) to understand how the site is used and improve it. Analytics storage is denied by default via Google Consent Mode, and Clarity loads only after you opt in (Art. 6(1)(a) GDPR).
You can withdraw or change your consent at any time via "Cookie preferences" in the cookie banner. Withdrawing consent does not affect the lawfulness of processing carried out before the withdrawal.
8. Your Rights
You have the following rights regarding your personal data:
To exercise any of these rights, contact us at hello@deai-labs.com. You may also lodge a complaint with the competent data protection supervisory authority — for us, the Bavarian Data Protection Authority (BayLDA).
9. Security
We implement appropriate technical and organizational measures to protect your data against unauthorized access, loss, or alteration. This includes encryption in transit and at rest, strict access controls, and regular security audits.
10. International Transfers
If we transfer your personal data to countries outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission, to guarantee an adequate level of data protection.
11. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us:
deAI Labs GmbH
Attn: Data Protection Officer
Grubenweg 4B
82327 Tutzing, Germany
hello@deai-labs.com