Last updated: March 30, 2026
Configure AI, Inc. ("Configure", "we", "us", "our") operates the Configure platform and Memory service. Configure is the identity layer for AI agents — it gives users a persistent profile that includes identity information, preferences, memories, and connected tools, accessible across any AI agent that integrates our SDK.
This Privacy Policy applies to all users of the Configure platform, including:
By using Configure, you agree to the collection and use of information as described in this policy.
We collect your phone number for identity verification via SMS one-time passcode (OTP) through our verification provider, Prelude. Your phone number is stored as an irreversible cryptographic hash. We cannot recover raw phone numbers from our database.
When you use Configure through an integrated AI agent, we collect and store identity information (such as name, email, bio, occupation, and interests), preferences, and memories extracted from your conversations. This data forms your persistent Memory profile.
When you connect third-party services, we access metadata and content necessary to enrich your profile:
We only access data from services you explicitly connect and authorize.
We collect standard server logs, including IP addresses, timestamps, and request paths, to operate and improve our services.
For developers using the Configure API or SDK, we collect API keys, agent configurations, and usage metrics.
Profile portability is a core feature of Memory. By default, your profile is readable by any AI agent authorized through the Configure network. When you authenticate with a developer's application, that application can access your profile data, including identity information, preferences, and memories.
This means your context follows you across agents — you do not need to re-introduce yourself or re-state your preferences each time you interact with a new application.
For end users: Your profile may contain personally identifiable information (PII), including your name, email, occupation, interests, and other details you provide or that are extracted from your conversations and connected tools. When you authenticate with a developer's application, that developer can access this information. By using Configure, you acknowledge and accept this risk.
For developers: Profile data you receive through the Configure API may contain PII. You are contractually prohibited from selling, licensing, or transferring this data to any third party outside the Configure network, as described in the Developer Terms.
Configure enforces the Developer Terms but cannot guarantee that every developer or end user will comply with their respective obligations. Configure disclaims liability for misuse of profile data by any party.
Granular portability controls, allowing you to restrict which agents can access specific parts of your profile, are planned for a future release.
Conversations between you and AI agents using Configure are processed by AI models to extract relevant facts, preferences, and contextual information for your profile.
Currently, only extracted data is stored in your profile. Raw conversation content is not retained.
We may in the future retain conversation content to improve profile accuracy and service quality. This policy will be updated before any such change takes effect, and we will provide notice as described in Section 16.
We use third-party service providers for identity verification, AI model inference, application hosting, OAuth integration management, caching, and static site delivery. These providers process data only as necessary to operate the Configure platform and are subject to contractual obligations to protect your data.
When you connect third-party services (such as Gmail, Calendar, Drive, or Notion), we access those services through their official APIs using credentials you authorize.
Configure is not responsible for the data practices of developers who access user profiles through the Configure API, or for end users who provide inaccurate or sensitive information in their profiles. Developers are bound by the Developer Terms, and end users are bound by the Terms of Service, but Configure does not monitor or control how either party handles data outside the Configure platform.
While we implement industry-standard security measures, no system is completely secure. Configure cannot guarantee that personal information will never be accessed by unauthorized parties, and disclaims liability for any such unauthorized access to the maximum extent permitted by law. This applies equally to end user profile data and developer account data.
In the event of a data breach that compromises the security of your personal information, we will:
Configure may retain and use aggregated, anonymized, or de-identified data that does not identify any individual, for any purpose including analytics, service improvement, and research. Such data is not subject to deletion requests.
Under applicable data protection laws, including the EU General Data Protection Regulation (GDPR), the UK GDPR, and the California Consumer Privacy Act (CCPA), you have the right to:
To exercise any of these rights, contact us at privacy@configure.dev. We will respond to your request within 30 days.
For users in the European Economic Area (EEA), UK, and Switzerland, we process personal data on the following legal bases:
Configure AI, Inc. is based in the United States. Your data is processed and stored in the US.
For users in the European Economic Area (EEA), UK, or Switzerland, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission to provide adequate safeguards for international data transfers.
By using our services, you acknowledge that your data will be transferred to and processed in the United States, where data protection laws may differ from those in your jurisdiction.
When you integrate the Configure SDK or API into your application:
Configure disclaims all liability for your use, storage, or disclosure of profile data after it has been transmitted to your application through the API.
For end users: You acknowledge that the Memory service is designed to share your profile — which may include PII — across AI agents in the Configure network. Configure is not liable for any disclosure, exposure, or misuse of PII that results from this profile portability, including PII accessed by developers through the Configure API. You are responsible for reviewing and managing the content of your profile.
For developers: You acknowledge that profile data received through the Configure API may contain PII. Configure is not liable for any claims, damages, or regulatory penalties arising from your handling, storage, disclosure, or misuse of PII obtained through the Configure platform. You bear sole responsibility for complying with all applicable data protection laws in connection with your use of profile data.
To the maximum extent permitted by applicable law, Configure disclaims all liability for any unauthorized disclosure, exposure, breach, or leakage of personally identifiable information, whether caused by third-party developers, end user actions, security incidents, AI processing errors, or any other cause.
Our services are not directed at children under 16. We do not knowingly collect personal information from children under 16. If we learn that we have collected data from a child under 16, we will delete that information promptly. If you believe a child under 16 has provided us with personal data, please contact us at privacy@configure.dev.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements.
We will provide at least 30 days' notice for material changes — through our website, through the service, or by email where possible. The "Last updated" date at the top of this page indicates when this policy was last revised.
Your continued use of Configure after changes take effect constitutes acceptance of the revised policy.
If you have questions about this Privacy Policy or wish to exercise your data protection rights, contact us at:
Configure AI, Inc.