Matter/Forma
request invite

Legal

Privacy Policy

Last updated: February 25, 2026

This Privacy Policy describes how Matterforma, Inc. ("Matterforma," "we," "us," or "our") collects, uses, stores, and protects your personal information when you use our website, platform, APIs, and related services (collectively, the "Services"). By using our Services, you acknowledge that you have read and understood this Privacy Policy.

1. Information We Collect

1.1 Information You Provide

  • Account Information: Name, email address, company name, and password when you create an account.
  • Profile Information: Optional information you add to your account profile.
  • Payment Information: Billing address and payment method details, processed securely by our payment processor, Stripe, Inc. We do not store full credit card numbers on our servers.
  • Communications: Information you provide when you contact us, submit support requests, or participate in surveys.
  • User Content: Programs, configurations, protocols, and other materials you create or upload to the platform.
  • Early Access Requests: Name, email, company, and any message you submit through our early access form.

1.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, actions taken, timestamps, and referring URLs.
  • Device Information: Browser type and version, operating system, device type, and screen resolution.
  • Network Information: IP address, approximate geographic location (city/country level), and internet service provider.
  • Platform Telemetry: Execution metrics, governance decisions, and system performance data generated during platform use. This data is used for observability, debugging, and service improvement.

1.3 Information from Third Parties

  • Authentication Providers: If you sign in via GitHub or another SSO provider, we receive your name, email, and profile information as authorized by you.
  • Payment Processor: Stripe provides us with transaction confirmation, payment status, and limited billing information.

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Services.
  • Authenticate your identity and manage access controls.
  • Process transactions and manage your subscription.
  • Enforce governance policies and maintain audit trails for compliance and safety.
  • Respond to your inquiries, support requests, and communications.
  • Send service-related notifications (security alerts, account changes, billing updates).
  • Analyze usage patterns to improve platform performance, reliability, and user experience.
  • Detect, prevent, and address fraud, abuse, and security incidents.
  • Comply with legal obligations and enforce our Terms of Service.

We do not sell your personal information. We do not use your User Content to train machine learning models without your explicit consent.

3. Cookies & Tracking Technologies

We use the following types of cookies:

  • Essential Cookies: Required for authentication, session management, and security. These cannot be disabled.
  • Analytics Cookies: Help us understand how visitors interact with our website and platform. These can be opted out of.

We do not use advertising cookies or share cookie data with third-party advertisers. We do not participate in cross-site tracking or behavioral advertising networks.

4. Data Sharing & Disclosure

We share your information only in the following circumstances:

  • Service Providers: We use third-party service providers who process data on our behalf, including Stripe (payments), Amazon Web Services (infrastructure), and email delivery services. These providers are contractually bound to use your data only as instructed by us.
  • Legal Requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
  • Safety & Security: We may disclose information to protect the rights, property, or safety of Matterforma, our users, or the public.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such transfer.
  • With Your Consent: We may share information for purposes not described here with your explicit consent.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Services. After account deletion, we retain certain data for a limited period as necessary to comply with legal obligations, resolve disputes, enforce our agreements, and maintain audit trails required by governance policies.

Governance records (execution logs, policy decisions, audit entries) may be retained for longer periods as required by the consequence tier associated with the relevant operations.

6. Data Security

We implement industry-standard technical and organizational measures to protect your information, including:

  • Encryption of data in transit (TLS 1.2+) and at rest (AES-256).
  • Access controls enforced at application, network, and infrastructure layers.
  • Regular security assessments and monitoring.
  • Secure credential storage using bcrypt hashing for passwords.

No method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Your Rights

Depending on your location, you may have the right to:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete personal information.
  • Deletion: Request deletion of your personal information, subject to legal retention requirements.
  • Portability: Request a machine-readable copy of your data.
  • Objection: Object to certain processing activities.
  • Restriction: Request restriction of processing in certain circumstances.
  • Withdraw Consent: Where processing is based on consent, withdraw that consent at any time.

To exercise any of these rights, contact us at privacy@matterforma.com. We will respond within 30 days.

8. European Users (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the following additional provisions apply:

  • Legal Bases: We process your data based on: (a) contractual necessity (to provide the Services); (b) legitimate interests (to improve and secure the platform); (c) consent (where you have provided it); and (d) legal obligations.
  • International Transfers: Your data may be transferred to and processed in the United States. We rely on Standard Contractual Clauses (SCCs) as approved by the European Commission to safeguard these transfers.
  • Data Protection Officer: You may contact our data protection team at dpo@matterforma.com.
  • Supervisory Authority: You have the right to lodge a complaint with your local data protection supervisory authority.

9. California Residents (CCPA)

If you are a California resident, you have the right to: (a) know what personal information we collect and how it is used; (b) request deletion of your personal information; (c) opt out of the sale of your personal information (we do not sell personal information); and (d) not be discriminated against for exercising your rights. To exercise these rights, contact us at privacy@matterforma.com.

10. Children's Privacy

The Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on the platform. The "Last updated" date at the top of this page reflects the most recent revision. Your continued use of the Services after any changes constitutes acceptance of the updated policy.

12. Contact Us

For privacy-related questions or to exercise your data rights, contact us at:

privacy@matterforma.com

Matterforma, Inc.
169 Madison Ave STE 15945
New York, NY 10016