Legal

Privacy Policy

Last updated: March 2026

1. Introduction

This Privacy Policy explains how Ma-anah Corp ("Feature1", "we", "us", "our"), a company organized under the laws of India, collects, uses, discloses, and protects your personal information when you use our AI-powered SDLC platform and related services.

By accessing or using Feature1 services, you agree to the collection and use of information in accordance with this policy. Our services are not intended for individuals under the age of 18.

2. Data Protection Framework

We are committed to protecting your personal data in accordance with applicable data protection laws, including:

  • Information Technology Act, 2000 and IT Rules, 2011 (India)
  • General Data Protection Regulation (GDPR) — where applicable to EEA users
  • California Consumer Privacy Act (CCPA) — where applicable to California residents

3. Data Controller

Ma-anah Corp is the data controller for personal data collected through Feature1 services. For data protection queries, contact us at info@feature1.ai.

4. What Data We Collect

We may collect the following categories of personal data:

Identity Data

Name, job title, company name, profile picture, and social media identifiers.

Contact Data

Email address, phone number, and business address.

Account Data

Username, password (hashed), account preferences, role, and team membership.

Transactional Data

Payment information, billing history, subscription plan, and invoice records.

Technical Data

IP address, browser type and version, device information, operating system, time zone, and referral source.

Usage Data

Feature usage patterns, interaction logs, workflow activity, session duration, and platform navigation.

Customer Content

Repository URLs, codebase metadata, feature descriptions, user stories, acceptance criteria, and other content you provide to the platform. We do not store your source code beyond what is necessary to provide the service.

Marketing & Communications Data

Newsletter preferences, communication opt-ins, and feedback submissions.

5. How We Collect Data

  • Direct interactions: When you create an account, fill out forms, subscribe to our service, join the waitlist, contact support, or correspond with us by email.
  • Automated technologies: When you interact with our platform, we automatically collect Technical Data and Usage Data through cookies, server logs, and analytics tools (Google Analytics, Microsoft Clarity).
  • Third-party sources: When you authenticate via third-party providers (e.g., GitHub OAuth), we receive identity and contact data as authorized by you.

6. How We Use Your Data

We use your personal data for the following purposes:

  • Providing, operating, and maintaining Feature1 services
  • Processing subscriptions, payments, and billing
  • Creating and managing your account
  • Communicating with you about your account, support requests, and service updates
  • Sending product updates and newsletters (with your consent)
  • Analyzing usage patterns to improve the platform
  • Detecting, preventing, and addressing security issues and abuse
  • Complying with legal obligations
  • Enforcing our terms of service and other agreements

Legal bases for processing: Performance of contract, legitimate interests (service improvement, security), and consent (marketing communications).

7. AI-Generated Content and Data

Feature1 processes Customer Content (feature descriptions, user stories, codebase metadata) to generate AI outputs including acceptance criteria, implementation plans, and code suggestions. This processing is performed solely to deliver the contracted services.

We may use aggregated, de-identified usage data (not Customer Content or source code) to improve our AI models and platform capabilities. This data cannot be used to identify individual customers or their projects.

8. Disclosure of Data

We may share your personal data with:

  • Service providers: Hosting providers, payment processors, analytics services, and communication tools that help us operate the platform.
  • AI model providers: We send prompts (which may include anonymized content) to third-party AI providers (e.g., Anthropic, OpenAI) to power platform features. No personally identifiable information is included in these prompts.
  • Legal requirements: When required by law, regulation, legal process, or governmental request.
  • Business transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity.

We do not sell your personal data to third parties.

9. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence, including India and the United States (where our infrastructure and AI providers are located). We ensure appropriate safeguards are in place for such transfers in accordance with applicable data protection laws.

10. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption of data in transit (TLS) and at rest
  • Access controls and role-based permissions
  • Regular security assessments
  • Secure authentication (JWT, OAuth)
  • Multi-tenant data isolation

In the event of a data breach that affects your personal data, we will notify you and the relevant supervisory authority as required by applicable law.

11. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes described in this policy, comply with legal obligations, resolve disputes, and enforce our agreements.

  • Account data: Retained for the duration of your subscription and for a reasonable period after termination to enable data export.
  • Usage and technical data: Retained for up to 24 months for analytics purposes.
  • Financial records: Retained as required by tax and accounting laws (typically 5-7 years).
  • Marketing data: Retained until you withdraw consent.

12. Cookies and Tracking

We use the following tracking technologies:

  • Google Analytics (GA4): For website usage analytics and traffic measurement.
  • Microsoft Clarity: For session recording, heatmaps, and user experience analysis.
  • Essential cookies: For authentication, session management, and security.

You can control cookies through your browser settings. Disabling cookies may affect platform functionality.

13. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure: Request deletion of your personal data ("right to be forgotten").
  • Restriction: Request that we limit how we process your data.
  • Portability: Request your data in a structured, machine-readable format.
  • Objection: Object to processing based on legitimate interests.
  • Withdraw consent: Withdraw consent for marketing communications at any time.
  • Complaint: Lodge a complaint with a supervisory authority.

To exercise any of these rights, contact us at info@feature1.ai. We will respond within 30 days.

14. Third-Party Links

Our platform may contain links to third-party websites and services (e.g., GitHub, GitLab, Figma). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. Continued use of our services after changes constitutes acceptance of the updated policy.

16. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at: