Privacy Policy

Last updated: 24 May 2026 · Version 2026-05-24

This Privacy Policy explains how Murmur Intelligence (Pty) Ltd ("we", "us") collects, uses, shares, and protects personal information when you use LLMeKnow (the "Service").

1. Where we operate and where data is processed

We operate from South Africa. Our infrastructure and subprocessors may process data in South Africa, the European Union, the United States, and other regions where those providers host services. International transfers rely on appropriate safeguards (such as standard contractual clauses offered by our subprocessors).

2. Information we collect

  • Account information (name, email address, organisation membership)
  • Authentication and session data (strictly necessary cookies)
  • Campaign and market content you submit (questions, segments, brand lists)
  • LLM responses and derived analytics from your campaigns
  • Billing and payment metadata (we do not store full card numbers)
  • Technical data (browser, device, IP address, application logs)
  • Marketing site analytics, only if you accept analytics cookies

3. How we use information

  • To provide, secure, and improve the Service
  • To run campaigns, extraction, and analytics you request
  • To process subscriptions and prepaid credits
  • To support customers and respond to enquiries
  • To comply with law and enforce our terms

4. Legal basis

We process personal information under contract (providing the Service), legitimate interests (security, product improvement), legal obligation (tax and billing records), and consent where required (analytics cookies, Privacy Policy acceptance at registration). South Africa's POPIA applies; where you are in the EEA/UK, GDPR may also apply.

5. Cookies

Essential cookies. Supabase authentication cookies are required to keep you signed in. They cannot be switched off while using the app.

Analytics cookies.On our public marketing site we may load Google Tag Manager only after you choose "Accept analytics" in the cookie banner. You can reject analytics and still use the Service after sign-in.

6. Sub-processors

We use the following categories of sub-processors to run the Service. Each provides a data processing agreement (DPA) or equivalent contractual protections:

Prompts sent to LLM providers contain campaign questions and segment context you define. Do not include personal data about identifiable individuals unless you have a lawful basis to do so.

7. Data retention

We retain data only as long as needed for the purposes below, then delete or anonymise it:

  • Campaign run outputs (raw LLM text and response metadata): 12 months from creation, then cleared while aggregated analytics may remain.
  • Billing and payment records: 7 years (statutory and tax requirements).
  • API usage / cost logs: 2 years.
  • Deleted accounts: 30 days after deletion is confirmed, then personal identifiers on the profile are anonymised. Organisation data you created may be retained where other members still use the workspace, unless the organisation is deleted.
  • Marketing analytics: per Google's retention settings, only if you accepted analytics cookies.

Automated retention jobs run daily. You may request earlier deletion where the law allows.

8. Security

We use technical and organisational measures including encryption in transit, access controls, row-level security in our database, and secret management. No method of transmission or storage is completely secure.

9. Your rights

Depending on applicable law, you may request access, correction, deletion, restriction, portability, or object to processing. Contact us using the details below. You may lodge a complaint with the Information Regulator (South Africa) or your local supervisory authority.

10. Data processing agreements

Enterprise customers may request a DPA covering Murmur Intelligence's processing of personal data on your behalf. Contact [email protected].

11. Contact

Privacy enquiries: [email protected]
General support: [email protected]