Privacy Policy

Last updated: April 28, 2026

1. Who we are

Catentio is a multi-agent runtime — the platform successor to the internal Hachimi agent system built and operated by Forjio. This policy describes how the hosted Catentio service collects, stores, and processes data. The BYO (self-hosted) distribution runs in your own infrastructure and is not covered here.

2. Information we collect

Account data. When you sign in via Huudis SSO we receive your name, email, and Huudis account identifier. We do not store passwords — authentication is fully delegated to Huudis.

Agent payload data. The messages you (or your users) send to your agents, the tool calls those agents make, and the responses returned. This is the operational data of the runtime and is required to provide the service.

Credentials. If you connect a managed Anthropic OAuth account or paste an API key, the credential is stored encrypted at rest and used only to spawn agent sessions on your behalf. BYO credentials never leave the runtime environment in which they are mounted.

Telemetry. Request traces, token counts, latency, and error metadata for the agent sessions you run. We use this to bill, debug, and improve the runtime.

3. How we use your data

Account and credential data is used to authenticate you and route requests to your agents. Agent payloads are used to execute the runs you trigger and to render history in the portal. Telemetry is used to bill you, surface diagnostics, and improve reliability. We do not sell your data. We do not use your agent payloads to train models — neither ours nor anyone else's.

4. Third-party services

Catentio relies on a small set of upstream services to operate. Anthropic (via either your BYO key or a managed OAuth account) executes model inference for spawned agents. DigitalOcean hosts the managed-plan runtime droplets. Huudis handles SSO. Plugipay handles billing for paid plans. Each service operates under its own privacy policy.

5. Data retention

Agent payload data and traces are retained for 90 days by default and then archived to cold storage for an additional 12 months before deletion. Billing records are retained as long as required for tax and reconciliation. When you delete your account we permanently delete account data within 30 days; archived traces follow the existing retention clock.

6. Security

All data in transit is encrypted with TLS. Credentials at rest are encrypted with AES-256. Agent runtimes run isolated per workspace. Access to production infrastructure is restricted to the operator (Forjio) and audited.

7. Cookies

The portal uses essential session cookies to maintain your authenticated state. We do not use advertising cookies or third-party analytics trackers.

8. Your rights

You can request access to, correction of, export of, or deletion of your account data at any time by emailing the address below. We respond within 30 days.

9. Changes to this policy

We will notify you of material changes by email at least 14 days before they take effect. The date at the top of this page reflects the latest revision.

10. Contact

Privacy questions and data subject requests go to adi@forjio.com with subject line tag [privacy].