Privacy Policy

Last updated: June 2, 2026

Plain-English summary

We're an AI consultancy. This policy covers our website and public demos. It does not cover the detailed data handling inside a client engagement, which lives in your signed agreement.
The demos don't keep your files. Anything you upload to a public demo is processed once to generate the result, then discarded. We never store the file or its contents. We keep only a minimal usage record, and nothing is used to train AI models.
We don't sell data. Ever. No advertisers, no data brokers.
Client data stays yours. Documents and information you share during an engagement are used only to do that work, under your contract. They are never used to train models.
Minimal collection. The website collects what you send us through a contact form, plus standard server logs.

This summary is provided for convenience only. The binding terms are in the full policy below. If there is any conflict, the full policy controls.

1. Who We Are

MuniNow Inc. ("MuniNow," "we," "our," or "us") is an AI consultancy for the people who build and run communities: local governments, construction firms, engineering and architecture practices, and special districts. We help organizations find the workflows where AI pays off first, then build the custom AI agents that run them. This Privacy Policy explains how we handle information collected through our website at muninow.com, our public AI demos, and our consulting engagements.

2. Scope of This Policy

This policy governs information we collect through our public website and demos, and it describes at a high level how we treat information shared with us during a consulting engagement. The detailed terms that govern data handling within an engagement (including any processing of regulated or confidential records) are set out in the master services agreement, statement of work, and, where applicable, the data processing agreement signed with each client. Where this policy and a signed engagement agreement conflict, the engagement agreement controls for that client's data.

3. Information We Collect

Inquiry Information. When you contact us through our website forms or by email, we collect the information you provide: typically your name, work email address, organization, role, and the contents of your message.
Demo Submissions. When you use a public AI demo, you may upload a document or enter sample data (for example, an invoice, a license application, or a payment file). See Section 5 for how these are handled.
Usage & Log Data. Like most websites, our servers automatically record technical information such as IP address, browser type, pages visited, referring URLs, and timestamps. We use this for security, abuse prevention, and understanding how the site is used.
Cookies. We use a small number of essential and preference cookies. See Section 11.

We do not operate a citizen portal, process consumer payments, or collect payment-card data through this website.

4. How We Use Information

To respond to your inquiry, schedule a discovery conversation, and follow up about a potential engagement.
To operate the public AI demos and return results to you.
To secure the site, prevent abuse, enforce rate limits, and diagnose technical issues.
To understand aggregate usage so we can improve our content and demos.
To comply with applicable law and respond to lawful requests.

We do not use the information you submit to send you advertising, and we do not sell or rent it.

5. The Public AI Demos

Our public demos let you watch an AI agent work on a real document. They are designed to keep nothing:

Files and inputs you submit to a demo are processed once to generate the on-screen result and are then discarded. We do not store your uploaded file or its contents. To keep the demos available and prevent abuse, we retain a minimal audit record: a one-way hash of the input (not the input itself), the requesting IP address, and usage metrics such as token count and cost. We never retain the file or its text.
Demo inputs are processed by our third-party AI model provider (Anthropic) under a zero-data-retention configuration, solely to generate the result. They are not used to train AI models.
Demos are rate-limited to keep them available and to prevent abuse. To enforce limits we temporarily process technical signals such as IP address.
The demos are for evaluation only. Do not upload confidential, regulated, or personal information that you are not authorized to share. Use the sample files we provide if you are unsure.

6. Client Engagement Data

During a Workflow Audit or an agent build, a client may share documents, workflow details, and operational data with us. We treat that information as confidential and:

use it solely to perform the engagement described in the statement of work;
do not use it to train AI models or for any purpose outside the engagement;
process it under the security measures in Section 8 and the terms of the signed agreement and any data processing agreement;
acknowledge that the client retains ownership of its data at all times. Ownership and licensing of deliverables (including any custom AI agents we build) are defined in the statement of work.

7. Third-Party Sub-Processors

We rely on a small set of vendors to run the website and demos. Each is bound by its own terms and processes data on our behalf:

Hosting. Vercel (website) and Railway (application services).
Database. Neon (PostgreSQL) stores inquiries submitted through the site.
Email. Resend delivers inquiry notifications and our replies.
AI Model Provider. Anthropic powers the public AI demos under a zero-data-retention configuration.
Rate Limiting & Caching. Upstash (Redis) enforces demo rate limits.

Sub-processors used within a specific client engagement are identified in that engagement's agreement.

8. Data Storage & Security

We use commercially reasonable, industry-standard safeguards, including encryption in transit (TLS 1.2+), encryption at rest for stored inquiry data, access controls and least-privilege practices for our team, and rate limiting on public endpoints. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security.

9. Data Sharing

We do not sell or rent personal information. We share information only:

with the sub-processors in Section 7, solely to operate the site and demos;
when required by law, subpoena, or court order;
with a client, regarding that client's own engagement;
in connection with a merger, acquisition, or sale of assets, in which case we will seek to ensure the successor honors this policy; and
as aggregated or de-identified data that cannot reasonably identify any individual.

10. Data Retention

We keep inquiry information for as long as needed to respond and to maintain a record of our business communications, then delete or anonymize it on a periodic basis. Demo submissions are not retained (Section 5). Server logs are kept for a limited period for security and diagnostics. Engagement data is retained, returned, or deleted according to the signed agreement.

11. Cookies & Tracking

We use essential cookies required for the site to function and basic preference cookies (such as theme). We do not use advertising cookies, third-party ad-network pixels, or cross-site tracking. Any analytics we use are privacy-respecting and aggregate.

12. Your Rights

Depending on where you live, you may have rights to access, correct, delete, or receive a copy of the personal information we hold about you, and to opt out of non-essential communications. To exercise these rights, email privacy@muninow.com and we will respond within a reasonable period and as required by law.

13. Children's Privacy

Our website and services are directed to organizations and professionals, not to children. We do not knowingly collect personal information from children under 13. If you believe a child has provided us information, contact us and we will delete it.

14. Changes to This Policy

We may update this policy as our practices, technology, or legal obligations change. When we make material changes, we will update the date at the top of this page. Your continued use of the site after an update constitutes acceptance of the revised policy.

15. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

MuniNow Inc.

Chicago, IL

Privacy inquiries: privacy@muninow.com

General inquiries: contact@muninow.com