Privacy Policy

Operator: MU Inc.

Contact: info@mu-med.com

Shirabe AI may collect account information, authentication information, billing and subscription information, usage logs, chat history, prompts, uploaded files, generated outputs, job metadata, device/browser information, and inquiry details.

Where users connect external tools through MCP or OAuth-based integrations, authorization data necessary to provide the connected feature is securely managed in the relevant LLM vendor's cloud environment, separate from the Shirabe AI application itself.

Information is used to provide, maintain, secure, bill for, analyze, improve, and support the service; to respond to inquiries; to prevent abuse; and to comply with legal obligations.

Input and output data may be used to evaluate service quality and resolve errors where necessary.

Inputs, uploaded files, and generated outputs processed by Claude Managed Agents are stored and processed in Anthropic's managed cloud environment.

Data processing may occur globally depending on the infrastructure and external services used by the AI model providers, MCP providers, cloud services, and integration providers.

Data processed by Claude Managed Agents is separated from the Shirabe AI application-side database.

The application side may store account information, chat history, job metadata, usage status, and billing state to the extent necessary to provide the service. Authorization data necessary for MCP or OAuth-based integrations is securely managed in the relevant LLM vendor's cloud environment, not in the Shirabe AI application itself. The service does not store AI model provider API keys in user-accessible records or pass application secrets to AI agents in plain text.

Users must not enter passwords, private keys, access tokens, or other unnecessary secrets into chat prompts or uploaded files.

User inputs, uploaded files, generated outputs, and chat history are not used by the Company to train, retrain, or fine-tune foundation models.

The service uses external providers for AI processing, cloud infrastructure, authentication, billing, analytics, support, and integrations where necessary.

The Company does not sell personal information. Information may be provided to third parties only as necessary to provide the service, with user consent, or when required by law.

The Company takes reasonable organizational and technical measures to prevent unauthorized access, leakage, loss, or damage.

Information is retained only for the period necessary for the purposes above, legal obligations, dispute handling, security, and operational records, and is deleted or anonymized when no longer necessary.

Requests regarding disclosure, correction, deletion, or suspension of use of personal information should be sent to the contact address above.

The Company may update this Privacy Policy as needed. The revised policy becomes effective when posted on the website unless otherwise stated.