Privacy Policy

This Privacy Policy explains how Reword Limited, trading as Juno, collects, uses, stores, shares, and otherwise processes personal data when you visit askjuno.co, create an account, use the Juno application, interact with agents, connect third-party services, communicate with us, or otherwise engage with our products and services.

This policy is intended to provide the privacy information required under UK GDPR and related data protection law. It should be read alongside any customer agreement, data processing agreement, or other terms that apply to your use of Juno.

Juno is the trading name of Reword Limited, a company based in the United Kingdom. For the purposes described in this policy, Reword Limited is the data controller for personal data relating to our website, marketing activities, account administration, product analytics, billing, support, and our own business operations.

In some cases, a Juno customer or workspace owner will be the data controller and Reword Limited will process personal data on that customer's behalf as a processor or service provider. This is usually the case where users upload, generate, store, or connect personal data in workspace content, prompts, chats, files, automations, artifacts, or third-party integrations for their own business purposes.

The personal data we collect depends on how you use Juno. We may collect the following categories of personal data:

• identity and contact data, such as your name, email address, organisation, team, and workspace details
• account and profile data, such as login credentials, authentication method, role, permissions, onboarding details, and preferences
• billing and transaction data, such as subscription information, billing owner details, invoices, payment status, and related records processed through payment providers
• technical, device, and security data, such as IP address, user agent, browser or device information, session identifiers, audit events, and authentication logs
• usage and analytics data, such as feature interactions, page views, product events, diagnostics, and service performance information
• workspace content and customer data, such as prompts, chats, files, artifacts, generated outputs, connection metadata, and information made available through connected third-party platforms
• communication data, such as support requests, emails, feedback, survey responses, and other correspondence with us

We collect personal data directly from you when you sign up, log in, configure a workspace, connect tools, use Juno features, contact us, or otherwise submit information to us.

We also collect personal data automatically through your use of Juno, including through cookies, session technologies, logs, analytics tools, and security monitoring.

We may receive personal data from other sources, including your employer or workspace admin, users who invite you to a workspace, authentication providers such as Google where single sign-on is used, billing providers, analytics providers, model or infrastructure providers used to operate Juno features, and third-party services that you choose to connect.

We use personal data to provide, secure, maintain, and improve Juno; manage accounts, workspaces, and subscriptions; process payments; authenticate users; respond to support requests; operate agents and connected services; investigate misuse; enforce our terms; and communicate with users.

Our lawful bases will depend on the context. We generally rely on contract where processing is necessary to provide Juno, legitimate interests where processing is necessary to run, secure, analyse, and improve our service and business, legal obligation where we must comply with law or regulatory requirements, and consent where consent is required, such as for certain optional cookies or marketing communications.

Where we act as a processor on behalf of a customer, our processing is carried out under that customer's instructions and applicable contractual terms.

Juno uses automated systems and AI-driven features to process prompts, files, messages, workflow context, and connected service data in order to generate outputs and perform requested tasks. This can include sending content to model, infrastructure, browsing, or integration providers where necessary to operate a requested feature.

If you submit personal data in prompts, chats, files, artifacts, or connected services, that data may be processed as part of generating responses, carrying out automations, maintaining history, and improving service reliability and abuse prevention. You are responsible for ensuring you have a lawful basis and authority to submit that personal data and to instruct Juno to process it.

Where workspace content contains personal data that a customer controls, that customer is typically responsible for determining the purposes and lawful basis of that processing. We process that data on the customer's behalf to provide the service they requested.

We use cookies and similar technologies for essential service functions such as login, session continuity, security, fraud prevention, and preference storage. If you block essential cookies, some parts of Juno may not function properly.

We also use analytics technologies to understand product usage, performance, and reliability. In our current stack this includes PostHog for product analytics and event measurement. We may update the specific providers we use over time as our service evolves.

Where required by law, we will rely on consent for non-essential cookies or similar technologies.

We may share personal data with service providers, subprocessors, and partners who help us operate Juno. Depending on the feature and context, this may include hosting and infrastructure providers, analytics providers, authentication providers, payment processors, communications tools, customer support providers, model and AI infrastructure providers, and integration providers.

Examples of providers reflected in our current technical stack include PostHog for product analytics, Stripe for billing workflows, Google for single sign-on where used, and model or infrastructure providers such as OpenRouter and OpenAI where needed to operate model and embedding features. This list is illustrative, not exhaustive, and may change over time.

We may also share personal data with your organisation, workspace admins, connected third-party services you enable, professional advisers, auditors, acquirers or investors in connection with a corporate transaction, and regulators, law enforcement, or courts where required or appropriate by law.

Some of our providers and the services you connect to Juno may process personal data outside the UK. Where we transfer personal data internationally, we take steps intended to ensure an appropriate level of protection, such as relying on adequacy regulations, contractual safeguards, or other recognised transfer mechanisms where available and appropriate.

Because the tools and providers used by a workspace may vary, international transfer locations may depend on the specific features and integrations you choose to use.

We retain personal data for as long as reasonably necessary for the purposes described in this policy, including to provide Juno, maintain accounts and workspaces, comply with legal, tax, accounting, and regulatory obligations, resolve disputes, enforce agreements, and protect against fraud or abuse.

Retention periods vary depending on the type of data and the context in which it was collected. For example, account and workspace data may be retained while an account is active, billing and transaction records may be retained for longer where required by law, and certain logs, backups, and security records may persist for a limited period after deletion until they are overwritten or no longer needed.

Depending on your location and the circumstances, you may have rights to request access to your personal data, rectification, erasure, restriction of processing, portability, and objection to certain processing. Where we rely on consent, you may withdraw that consent at any time for future processing.

You may also have the right to complain to the UK Information Commissioner's Office if you believe your personal data has been handled unlawfully.

If you want to exercise any of your rights, contact us at gdpr@askjuno.co. We may ask for information necessary to verify your identity or authority before acting on a request.

If you want us to delete personal data under applicable data protection law, you can email gdpr@askjuno.co with details of the information you want erased and the account, workspace, or context it relates to.

We will review deletion requests in line with applicable law, including UK GDPR. In general, we may delete, anonymise, restrict, or decline to erase data depending on whether we are the controller, whether an exception applies, and whether retention is necessary for legal obligations, security, fraud prevention, billing, dispute resolution, backups, or the establishment, exercise, or defence of legal claims.

If we need to verify your identity or authority, the response period will begin once we receive the necessary verification information. We aim to respond without undue delay and ordinarily within one calendar month. If a request is complex or involves multiple requests, we may take longer where the law allows and will explain why.

If the personal data is controlled by a Juno customer or workspace owner rather than by Reword Limited, we may direct you to that organisation or coordinate with them, because they may be the controller responsible for deciding whether the data should be erased.

Deleting data from live systems does not always mean immediate removal from every backup or audit log. Where deletion is required, we will take reasonable steps to delete or irreversibly anonymise data from active systems and allow residual backup copies to expire or be overwritten through normal backup cycles, unless a longer retention period is legally required.

We use technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, or alteration. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

You are also responsible for maintaining the confidentiality of your credentials and for controlling access to your workspace, connected accounts, and data.

Juno is not intended for children, and we do not knowingly collect personal data from children in connection with the service. If you believe a child has provided personal data to us, contact gdpr@askjuno.co.

We may update this Privacy Policy from time to time to reflect changes in law, guidance, technology, or our services. When we do, we will update the effective date on this page.

For privacy questions, rights requests, or GDPR deletion requests, contact gdpr@askjuno.co.