--- title: "Yorph AI - Agentic Data Platform" description: "Yorph AI is a pioneering data platform that combines agentic AI with modern data practices, bringing reliable AI capabilities to everyone. Founded in 2025 and based in Austin, TX, Yorph empowers both technical and non-technical users to build reliable, scalable data workflows with AI-powered automation, while maintaining human control and clear explainability." category: "product-overview" tags: - "agentic data platform" - "data engineering" - "data integration" - "data visualization" - "data merging" - "data cleaning" - "AI-powered analysis" - "workflow automation" - "smart data transformations" - "pipeline scheduling" author: "Yorph AI Team" url: "https://yorph.ai" created: "2025-08-06" last_updated: "2025-11-21" source: "internal" visibility: "public" embedding_priority: "high" keywords: ["data workflow automation", "AI agents", "self-healing workflows", "data orchestration", "instant visualizations", "AI powered analysis"] company: "Yorph AI" headquarters: "Austin, TX" founded: 2025 industry: "Artificial Intelligence / Data Platform" language: "en" related_posts: - "you-know-what-you-need-now-build-it-ai-for-analysts" - "ai-powered-data-for-product-managers" - "security-at-yorph-agentic-ai" - "multi-agent-systems-abstraction-or-overkill" - "real-key-to-ai-driven-data-engineering" - "lessons-learned-building-reliable-multi-agent-systems" - "the-tech-behind-our-ai" related_pages: - "privacy-policy" - "data-processing-addendum" - "notice-at-collection" --- # Yorph AI - Agentic Data Platform ## Section: About [About Us](https://yorph.ai/about-us): Learn more about who we are and our company background Yorph is a pioneering data platform that combines the power and flexibility of agentic AI with the reliability and scalability of modern, state-of-the-art data practices. Our team has a proven track record building enterprise-grade AI agents and solving complex data challenges at scale. Now, we're focused on making these capabilities accessible to everyone—so more people can work smarter with data. Founded in 2025, based in Austin, TX, and with team members around the globe, we've set out to build the next generation of tools that empower organizations and individuals to harness the power of their data. At Yorph, we believe in the power of AI to revolutionize data tasks—but we also recognize the complexities involved. What we've learned is that the real key to AI-driven data tasks lies not in what the AI does, but in what it doesn't do. The critical factor is, and always will be, the human user. We're building a solution that blends AI with strong validation, clear explainability, and complete user control. Yorph will empower non-technical users and technical users alike to become curators of their data workflows—equipped with the tools to make processes more efficient, scalable, and reliable. ## Section: Our Users [See How Yorph Works for Your Team](https://yorph.ai/#our-users) Yorph is built for business users who need powerful data capabilities without technical expertise: ### Analysts **From Data Wrangling to Strategic Insights** - Yorph helps automate repetitive data workflows with AI-powered pipelines that self-heal when source systems change. Transform raw data into analysis-ready datasets while you focus on strategic analysis and game-changing insights. Whether you're a product analyst, a HR analyst, an Operations analyst, a Financial analyst, a Business analyst - if you're wrangling datasets, Yorph is for you. ### Product Managers **Stop Waiting on Engineering for Data** - Build your own data pipelines without writing code. Get accurate product metrics, automated cohort analysis, and funnel insights – all without engineering tickets. Make data-driven decisions at the speed of conversation. ### Analytics Managers **Scale Analytics Without an Engineering Team** - Democratize data pipeline creation across your organization. Empower business teams with self-service analytics while maintaining governance and security controls. Scale your data capabilities without massive infrastructure investment. ### Business Leaders, Operations & Marketing **From Data Requests to Data-Driven Decisions** - No more waiting weeks for your data team to deliver insights. Yorph empowers PMs, analysts, operations teams, and marketing professionals with self-service analytics, enabling faster decision-making and competitive advantage across all business functions. Make decisions at the speed of business, not the speed of IT. ## Section: Yorph University [Learn Yorph with Video Tutorials](https://yorph.ai/yorph-university) Yorph University is your comprehensive learning hub for mastering the Yorph platform. Our curated video tutorials guide you through every aspect of Yorph, from getting started to advanced features, helping you unlock the full potential of AI-powered data workflows. ### Getting Started Learn the fundamentals of Yorph including account setup, uploading your first dataset, creating your first workflow, understanding the interface, and exploring sample data to get hands-on experience. ## Section: Core Features [Explore Yorph Features](https://yorph.ai/features) ### Integration Across Data Sources - **Diverse Data Sources**: Connect to various data types and storage systems - spreadsheets, delimited text (CSV), JSON, XML, in file systems, cloud services, databases (coming soon), and APIs (coming soon) - **Unifying Multiple Data Sources**: Combine data from different systems into a single, coherent view that works as if it came from one source - **Automatic Schema Detection**: Yorph automatically understands the structure and format of your data without manual setup ### Semantic Awareness and Instant Visualizations - **Semantic Layer and Relationship Visualization** (coming soon): Yorph automatically creates a semantic layer that understands your data's meaning, relationships, and business context. See how your data models connect through interactive visual diagrams showing all relationships and dependencies - **Recommended Analyses and Next Steps**: Get intelligent suggestions for what to analyze next based on your data and previous transformations - **Instant AI-Powered Visualizations**: Generate relevant charts and graphs automatically based on your data transformations and business questions ### Customizable and Repeatable Transformations - **Reusable Transformation Templates**: Save your data processing steps as templates that can be applied to new data automatically - **Version Controlled Logic**: Keep track of all changes to your data processing rules with automatic versioning and change history - **Custom Code Availability**: Edit code directly when you feel comfortable doing so, while the agent reviews and validates your changes ### Scaling, Scheduling, and Validation - **Transforming Large Volumes of Data with Auto-Scaling Infrastructure** (coming soon): Process massive amounts of data automatically, with computing power that adjusts based on your workload - **Pipeline Orchestration Based on Any Cadence** (coming soon): Schedule and coordinate complex data processing workflows that run automatically at whatever frequency you need - **Data Reliability at Scale**: Built-in safety that ensures your data processing runs reliably and produces as accurate results as possible through quality checks, retry, and fallback logic ## Section: Why Yorph [Why Yorph](https://yorph.ai/#why-yorph): Understand the benefits of our platform Transform your data with powerful AI data tools that help you visualize data, analyze data, automate data preparation, and perform intelligent data cleaning. Experience next-generation AI workflow automation with semantic awareness capabilities for business users. ### Increased efficiency & productivity Scale better and reduce hours spent on data tasks with AI data tools that automate cleaning, transform data intelligently, and sync seamlessly across systems. Upload a file or connect to Google Drive, Dropbox, OneDrive, or use drag & drop for CSV, Excel, JSON, XML files. ### Competitive advantage through faster data access Accelerate time to market with AI data tools that analyze data faster, join multiple sources, and visualize data instantly. Business users no longer wait days or weeks for data insights—they get answers immediately and make decisions at the speed of business, not the speed of IT. ### Lower spend Reduce hidden data costs and tool costs by democratizing data preparation for business users. Empower teams to handle their own data workflows without expanding your data headcount. ## Thought Leadership & Insights [Blog Posts](https://yorph.ai/blogs): Read our latest insights and thought leadership ### Section: Thought leadership and Insights --- title: "You Know What You Need—Now Build It: AI for Analysts" author: "Yorph AI Team" published: "2025-08-14" tags: ["analysts", "data pipelines", "AI automation", "business intelligence", "self-service analytics"] summary: "Empowering analysts to break free from data bottlenecks by building their own AI-powered pipelines. This post explores how modern AI can serve as a personal data mentor, enabling analysts to take control of their data timeline and iterate at the speed of thought." url: "https://yorph.ai/blogs/you-know-what-you-need-now-build-it-ai-for-analysts" --- **You Know What You Need—Now Build It: AI for Analysts** - By Yorph (August 2025) Empowering analysts to break free from data bottlenecks by building their own AI-powered pipelines. This post explores how modern AI can serve as a personal data mentor, enabling analysts to take control of their data timeline and iterate at the speed of thought. --- title: "Stop Waiting on Engineering: AI-Powered Data for Product Managers" author: "Yorph AI Team" published: "2025-09-10" tags: ["product managers", "self-service analytics", "data independence", "product metrics", "AI-powered insights"] summary: "How product managers can build their own data pipelines without writing code or waiting on engineering tickets. This post shows how AI enables PMs to get accurate product metrics, automated cohort analysis, and funnel insights at the speed of conversation." url: "https://yorph.ai/blogs/ai-powered-data-for-product-managers" --- **Stop Waiting on Engineering: AI-Powered Data for Product Managers** - By Yorph (September 2025) How product managers can build their own data pipelines without writing code or waiting on engineering tickets. This post shows how AI enables PMs to get accurate product metrics, automated cohort analysis, and funnel insights at the speed of conversation. --- title: "Security at Yorph: Agentic AI designed for Real-World data" author: "Yorph AI Team" published: "2025-07-18" tags: ["security", "data retention", "no data for training", "agentic AI"] summary: "Yorph AI takes a security-first approach to data systems with zero data retention by default, transparent agent behavior, and strict user control.**Your data is never used to train models**—ensuring privacy, explainability, and trust are foundational, not optional." url: "https://yorph.ai/blogs/88bc4fc1-3b3e-4ada-a103-987809f0d6d2" --- **Security at Yorph: Agentic AI designed for Real-World data** - By Yorph (July 2025) Yorph AI takes a security-first approach to data systems with zero data retention by default, transparent agent behavior, and strict user control. **Your data is never used to train models**—ensuring privacy, explainability, and trust are foundational, not optional. --- title: "Multi-Agent Systems: Useful Abstraction or Overkill?" author: "Yorph AI Team" published: "2025-06-15" tags: ["multi-agent systems", "AI architecture", "system design", "complexity"] summary: "This post examines whether multi-agent systems are a meaningful architectural evolution or just unnecessary complexity.It argues that in the right contexts—like specialization, modular deployment, and scoped control—multi-agent setups move beyond prompt chaining and become a scalable foundation." url: "https://yorph.ai/blogs/multi-agent-systems" --- **Multi-Agent Systems: Useful Abstraction or Overkill?** - By Yorph (June 2025) This post examines whether multi-agent systems are a meaningful architectural evolution or just unnecessary complexity. It argues that in the right contexts—like specialization, modular deployment, and scoped control—multi-agent setups move beyond prompt chaining and become a scalable foundation. --- title: "The Real Key to AI-Driven Data Engineering - It's Not What AI Does, But What It Doesn't Do" author: "Yorph AI Team" published: "2025-05-20" tags: ["AI limitations", "data engineering", "human-in-the-loop", "AI boundaries"] summary: "This post examines whether multi-agent systems are a meaningful architectural evolution or just unnecessary complexity. It argues that in the right contexts—like specialization, modular deployment, and scoped control—multi-agent setups move beyond prompt chaining and become a scalable foundation." url: "https://yorph.ai/blogs/ai-data-engineering-boundaries" --- **The Real Key to AI-Driven Data Engineering - It's Not What AI Does, But What It Doesn't Do** - By Yorph (May 2025) This post explores why successful AI in data engineering depends less on automation and more on human oversight, explainability, and control. It argues that true value comes not from what AI can do—but from knowing where to hold it back in the face of open-ended, sensitive, and high-scale data challenges. --- title: "Lessons Learned Building Reliable Multi-Agent Systems" author: "Yorph AI Team" published: "2025-10-27" tags: ["multi-agent systems", "AI architecture", "production AI", "agent frameworks", "domain knowledge"] summary: "Key lessons from building a production-ready agentic data platform. This post explores the importance of domain knowledge, architecture, balancing deterministic code with LLM capabilities, and leveraging modern agent frameworks for reliable multi-agent systems." url: "https://yorph.ai/blogs/lessons-learned-building-reliable-multi-agent-systems" --- **Lessons Learned Building Reliable Multi-Agent Systems** - By Yorph (October 2025) We are getting ready to launch our agentic data platform and wanted to share what we think are the most important things we've learned. Turns out that building a reliable agentic system is largely about good engineering fundamentals and clear written communication. Key lessons include: - **Domain knowledge is your differentiator**: Whether it's tools, evals, or fine-tuning, your agent's domain knowledge sets you apart from being just a wrapper around an LLM - **Architecture matters**: The difference between a flashy demo and a reliable product comes down to how agents are structured, their tools, callbacks, and context management - **Balance deterministic code and LLM "magic"**: A good production system finds the middle ground between letting the LLM cook and making sure it doesn't burn down the kitchen - **Use frameworks, don't rebuild them**: Stand on the shoulders of fast-evolving Agent frameworks like Google's ADK Related articles: Multi-Agent Systems: Useful Abstraction or Overkill?, The Real Key to AI-Driven Data Engineering, and You Know What You Need, Now Build It: AI for Analysts --- title: "Security Concerns When Using AI for Data Tasks — and How Yorph Addresses Them" author: "Yorph AI Team" published: "2025-11-16" tags: ["security", "AI safety", "prompt injection", "data privacy", "agent security"] summary: "AI tools with access to data and tools create security concerns including privacy exposure, prompt injection, remote code execution, and data exfiltration. Yorph addresses these through severely limited tool access and keeping data values out of agent context entirely." url: "https://yorph.ai/blogs/security-concerns-ai-data-tasks" --- **Security Concerns When Using AI for Data Tasks — and How Yorph Addresses Them** - By Yorph (November 2025) AI tools like ChatGPT and Claude with connected tools create distinct security concerns: **Security Concerns:** - **Privacy Exposure**: Non-enterprise versions may log or train on user inputs - **Prompt Injection**: Malicious text can hide commands inside normal-looking data - **Remote Code Execution**: Injected instructions can execute arbitrary code through legitimate interfaces - **Data Exfiltration**: Attackers can trick models into leaking private data **Yorph's Security Practices:** - Severely limit tools available to agents (no external tools, no code execution) - No sensitive information in tool inputs/outputs - Agents never see actual data values - only rigorously sanitized schemas and metadata These practices ensure data privacy and prevent harmful agent behavior while maintaining AI-assisted data workflows and business logic definition. --- title: "Lessons for Agentic AI from the Human Microwork Playbook" author: "Alex Braylan" published: "2025-11-24" tags: ["agentic AI", "crowdsourcing", "quality control", "task decomposition", "response aggregation", "NL2SQL"] summary: "Drawing from PhD research in aggregating annotations, this post explores how proven crowdsourcing strategies—task decomposition and response aggregation—apply to agentic AI systems. Yorph AI leverages these techniques through multi-agent frameworks and self-consistency methods to achieve maximum accuracy in data tasks." url: "https://yorph.ai/blogs/lessons-for-agentic-ai-from-the-human-microwork-playbook" --- **Lessons for Agentic AI from the Human Microwork Playbook** - By Alex Braylan (November 2025) As a PhD researcher focused on aggregating annotations, my work centered on transforming noisy human inputs into reliable ground truth labels. The same architectural solutions developed for human annotation workflows found relevance with LLMs—break the task down, let multiple workers attempt subtasks, and combine the most reliable outputs. AI quality control is critical in domains requiring absolute objective correctness, such as data work. Yorph AI leverages these proven quality control blueprints through multi-agent frameworks that divide complex data tasks into specialized sub-tasks and aggregation techniques that select the best response from multiple LLM generations, achieving state-of-the-art NL2SQL accuracy through self-consistency and self-correction. - Learn more at [yorph.ai](https://yorph.ai) - Contact our team at [queries@yorph.ai](mailto:queries@yorph.ai) --- title: "The Tech Behind Our AI" author: "Yorph AI Team" published: "2025-12-04" tags: ["AI architecture", "ADK", "dbt", "GCP", "multi-agent systems", "Google Cloud"] summary: "A quick rundown of the technology powering Yorph's AI system—Google's ADK for multi-agent orchestration, dbt for SQL validation and version control, and GCP for reliable, secure infrastructure—all wrapped in a simple conversational AI experience." url: "https://yorph.ai/blogs/the-tech-behind-our-ai" --- **The Tech Behind Our AI** - By Yorph (December 2025) We've been getting this question a bit lately - "Okay, but what's actually powering your AI system?" So we thought we'd give a quick rundown, minus the architecture diagrams. **ADK runs our agents** We use Google's agent framework to run our multi-agent system which handles different tasks. **dbt helps us keep things in order** The AI works in the background iteratively with dbt to ensure the SQL is correct, version controlled and compiles. **GCP makes the whole system reliable & secure** We run on Google Cloud - Cloud Run, Pub/Sub, BigQuery, GCS etc. Nothing weird, nothing experimental. All of this is wrapped inside an AI experience that feels simple. You talk to Yorph about what workflow you need and it happens in the background. We have setup best practices behind the scene and abstracted the complexity so you can focus on building by simply asking. --- # Platform Comparisons ## Yorph AI vs Julius AI, Hex & Other Data Analysis Tools **URL:** [yorph.ai/comparisons](https://yorph.ai/comparisons) Comprehensive feature comparison showing Yorph AI's competitive advantages over leading data analysis platforms: ### Feature Comparison Matrix (Yorph vs Julius AI vs Hex) | Feature | Yorph AI | Julius AI | Hex | |---------|----------|-----------|-----| | Natural language data queries | ✓ | ✓ | ✓ | | Dry run workflows on sample data before scaling | ✓ | ✗ | ✗ | | Semantic layer management | ✓ | ✗ | ✓ | | Multi-source data integration & join | ✓ | ✓ | ✓ | | Upload various file types (not just CSV) | ✓ | ✓ | ✗ | | Ability to opt-out of data retention | ✓ | ✗ | ✗ | | Blocks LLM from seeing data content | ✓ | ✗ | ✗ | | Free sign-up (no business email required) | ✓ | ✓ | ✗ | | Revert to previous draft workflow | ✓ | ✗ | ✓ | | No notebook technical expertise needed | ✓ | ✗ | ✗ | | Data know-how built into workflow builder | ✓ | ✗ | ✗ | ### Key Differentiators **Yorph AI Advantages:** - Privacy-first with opt-out data retention - LLM never sees actual data content - only metadata and schemas - Workflow dry-run capability on sample data - Built-in data best practices - No technical notebook expertise required - Accessible with personal email accounts - Semantic layer management --- # Privacy, Legal, and Compliance ## Privacy Policy **Last Updated:** October 16, 2025 **Full Policy:** [yorph.ai/privacy-policy](https://yorph.ai/privacy-policy) ### Overview Yorph AI's Privacy Policy governs how we collect, use, share, and protect personal information when you use our Services (Website, Products, and Community). ### Key Privacy Principles **Data Minimization by Default:** - We do not retain user-submitted files or outputs persistently unless you explicitly opt in - When you upload data for AI analysis, we process it only for that session unless you choose to store data - Temporary 30-day retention window available for opted-in users - Files, input data, and output data are not stored by default **No Sale or Training:** - We do NOT sell personal information or share it as defined under CCPA/CPRA - We do NOT use your personal or customer data to train AI models - Only anonymized, aggregated usage metrics may be analyzed to enhance performance **Sensitive Data Restrictions:** - Yorph AI does NOT intentionally collect or process sensitive personal information (SSN, genetic data, health information, religious information) - Users are STRICTLY PROHIBITED from uploading Protected Health Information (PHI) or data subject to HIPAA or similar healthcare privacy laws - Platform is not designed or certified for HIPAA-compliant processing ### Information We Collect **Information You Provide:** - Account information: name, email, password, profile details - Payment information: processed securely via third-party payment processors (we don't store credit card details) - Communications: support requests, feedback, demo requests - Customer Data: data sets, prompts, files you voluntarily upload **Automatically Collected:** - Usage data: browser type, device info, IP address, pages visited, features used - Cookies and tracking technologies for analytics and functionality - Error logs and performance metrics ### How We Use Your Information - Provide, maintain, and improve Services - Process payments and transactions - Communicate about updates, support, and marketing (with consent) - Analyze usage patterns and enhance user experience - Ensure security and prevent fraud - Comply with legal obligations ### Data Storage and Retention **No Persistent Storage by Default:** - Files, input data, and output data are NOT stored unless you explicitly opt in - Data processed in-memory or temporarily cached during session only - Automatically deleted after session completion **Optional 30-Day Retention:** - Available if you opt-in for session persistence - Securely stored for up to 30 days - Can opt-out anytime via settings **Anonymized Metadata:** - Aggregated usage statistics retained indefinitely for performance improvement - Does not include personal information **Other Retention:** - Account data: Duration of relationship plus 1 year for backups - Support communications: 2 years for dispute resolution - Audit logs: 90 days for security monitoring - Payment data: Handled by third-party payment processors per their policies ### Model Training and AI Use **Ethical Data Practices:** - We NEVER use your actual data (PII or non-PII) for training AI models - Improve platform using anonymized interaction patterns and synthetic test cases - Enterprise-grade model providers with strict security - Data never leaked through API calls, internal tools, or prompt injection **Security Measures:** - Strict data segregation - Isolated processing environments (enterprise/team plans) - Regular compliance audits ### Sharing and Disclosure We do NOT sell your personal information. We share only as necessary: - **Service Providers:** Google Cloud Platform, Fastn, Mailchimp - **Legal Compliance:** As required by law or to protect safety - **Business Transfers:** During M&A with user notice - **With Consent:** For purposes not in this policy ### Your Rights and Choices Depending on location (CCPA, GDPR): - Access or download your data - Correct or update personal information - Request deletion (30-day timeline) - Opt-out of marketing or data storage - Data portability (CSV/JSON format) - Withdraw consent - Rights related to automated decision-making **Marketing Opt-Out:** Click "unsubscribe" in emails **No Discrimination:** We don't deny services for exercising rights ### Cookies and Tracking **Types Used:** - Strictly Necessary: Authentication, fraud prevention - Functional: Preferences, language, customizations - Analytics: Usage trends, feature popularity - Marketing: Personalized ads (with consent) **Your Choices:** - Disable via browser settings - May affect functionality (e.g., session persistence) ### Security Measures - Encryption in transit (TLS 1.2+) and at rest (AES-256) - Role-based access control ### International Data Transfers - Data processed in United States - EU Standard Contractual Clauses for EEA/UK/Switzerland transfers - UK Addendum and Swiss FDPIC extensions apply ### Children's Privacy - Services not directed to children under 18 - No knowing collection of data from anyone under 18 - Users must be at least 18 years old to use Services - Report violations to legal@yorph.ai ### Contact for Privacy - Email: legal@yorph.ai - Support: queries@yorph.ai - Address: Austin, Texas --- ## Terms of Service **Effective Date:** October 16, 2025 **Full Terms:** [yorph.ai/terms-and-conditions](https://yorph.ai/terms-and-conditions) ### Key Definitions - **Services:** Yorph AI platform, software, APIs, and related products - **Customer Data:** Data, files, content you upload through Services - **AI Outputs:** Results generated by Yorph AI's systems - **Usage Data:** Anonymized data about Service usage ### Who Can Use Our Services **Age and Legal Requirements:** - Must be at least 18 years old - Legally capable of entering into binding contracts - Organization representatives must have authority to bind that organization to Terms **Account Responsibilities:** - Keep credentials secure - Responsible for all account activities - Provide accurate information - Report unauthorized use immediately ### How You Can Use Services **License Grant:** - Limited, non-exclusive, non-transferable - For business purposes - Subject to Terms and subscription plan **Prohibited Activities:** - Reverse engineering or extracting source code - Building competing AI platforms - Scraping or data extraction - Bypassing usage limits or security - Sharing accounts with unauthorized users - Illegal or harmful purposes ### Understanding AI Technology **AI Characteristics:** - May produce errors or inaccuracies - Can reflect training data biases - Requires human review for important decisions - Continuously improves but not perfect ### Data Ownership and Rights **Customer Data:** - You retain complete ownership - You grant limited license for Service provision - You're responsible for legal compliance - Must have proper rights and permissions **Personal Information in Data:** - Must comply with data protection laws (GDPR, CCPA) - Have obtained necessary consents - Maintain compliance throughout usage **Sensitive Data Restrictions:** - STRICTLY PROHIBITED: PHI, HIPAA-regulated health data - Platform NOT HIPAA-certified - Other sensitive data requires evaluation of adequacy **Usage Analytics:** - We collect system performance metrics - Anonymized and aggregated for improvement - Cannot identify individual users - May be shared publicly when anonymized **AI Outputs Ownership:** - All users (free and paid) retain ownership - Can use, modify, distribute commercially - Subject to Terms and applicable laws **AI Training:** - We do NOT use identifiable Customer Data for training - Only anonymized, aggregated patterns used - For system performance, reliability, features - Applies equally across all tiers ### Privacy and Security **Security Measures:** - End-to-end encryption for transmission - Encryption at rest for stored data - Enterprise-grade safeguards **Data Retention:** - Default: Deleted after session/workflow completion - Optional: 30-day retention if opted-in - Usage data: Retained indefinitely (anonymized) **International Processing:** - Data may be processed in multiple countries ### Acceptable Use **Required Conduct:** - Follow all laws and regulations - Respect others' rights and privacy - Use Services honestly and fairly - Report security issues **Prohibited Content:** - Illegal, harmful, abusive content - Harassment or threats - Explicit material involving minors - Malware or harmful code - Misleading information - IP rights violations **Third-Party AI Compliance:** - Must comply with OpenAI, Anthropic, Google policies ### Subscription and Payments **Payment Terms:** - Billed monthly in advance (US dollars) - Payment due immediately upon subscription - Major credit cards accepted **Automatic Renewal:** - Subscriptions auto-renew monthly - Cancel anytime via account settings - Cancellation effective end of billing period - No partial refunds ### Intellectual Property **Yorph AI Owns:** - Platform, software, technology - Yorph AI branding and trademarks - Proprietary algorithms and systems - Documentation and materials **You Own:** - Your original data and content - Your business processes - Applications built on platform - AI outputs from your inputs **Feedback License:** - Perpetual, irrevocable, royalty-free - For any purpose including improvement - No obligation to implement - No compensation provided ### Service Availability **Service Levels:** - Strive for reliability, no 100% uptime guarantee - Occasional maintenance required - May temporarily suspend for technical reasons **Support Provided:** - Email support for all (queries@yorph.ai) - Priority support for paid subscribers - Documentation and tutorials - Community forums **Third-Party Services:** - Integrations: Fastn, Google Cloud - Governed by their own terms - Yorph AI not liable for their actions ### Warranties and Liability **Service Warranty:** - Will substantially perform as documented under normal use **AS IS Disclaimers:** - Accuracy of AI outputs - Uninterrupted or error-free service - Fitness for specific purposes - Security vulnerability freedom - Industry-specific regulation compliance **Liability Limitations:** - Cap: Greater of 12-month fees paid or $1,000 - No liability for indirect/consequential damages - Includes: lost profits, data loss, business interruption - Claims must be brought within one year **AI Output Responsibility:** - May contain errors, omissions, inaccuracies - User solely responsible for validation and use - Yorph AI disclaims liability from reliance **Indemnification:** - User defends Yorph AI from claims arising from: - User's breach of Terms - User's law violations - User's Customer Data - Misuse of Services ### Account Termination **Termination Reasons:** - Violation of Terms - Non-payment of fees - Suspected illegal activity - Security risks **Post-Termination:** - Access ends immediately - Data deleted per retention policy - Fees owed remain due - Some provisions survive termination ### Dispute Resolution **Governing Law:** - Delaware law (except where data protection laws require otherwise) **Arbitration (US Users):** - Binding arbitration for most disputes - AAA Commercial Arbitration Rules - Austin, Texas location - Exceptions: IP claims, injunctive relief, small claims **Class Action Waiver:** - Individual basis only - No class or representative actions **International Users:** - Courts of Delaware have jurisdiction - May have additional rights under local law ### Changes to Terms - May update with notice - Continued use constitutes acceptance - Material changes: 30 days notice ### Contact Information - Legal: legal@yorph.ai - Support: queries@yorph.ai - Company: Yorph AI, Inc. - Location: Austin, Texas --- ## Data Processing Addendum (DPA) **Effective Date:** October 23, 2025 **Full DPA:** [yorph.ai/data-processing-addendum](https://yorph.ai/data-processing-addendum) ### Scope and Roles **Purpose:** - Governs Yorph's processing of Personal Data on behalf of Customer - Applies to all Personal Data processed via Services **Roles:** - Customer: Controller (or Processor) - Yorph AI: Processor (or Sub-Processor) ### Processing Details **Nature and Purpose:** - Provide, maintain, support Services - Workflow execution, data transformation - AI-powered analytics **Types of Data:** - Names, email addresses, identifiers - Logs and metadata - User inputs, uploaded files - Connected data sources **Sensitive Data Restrictions:** - NOT designed for HIPAA or PHI - Customers PROHIBITED from uploading health data - No special-category data (racial, religious, genetic, biometric) - If inadvertently included, processed only as necessary **Retention Policy:** - Default: Deleted after session/workflow - Opt-in: 30-day retention window - Permanent deletion after period - Anonymized data: Retained indefinitely ### Yorph's Obligations **Lawful Processing:** - Only on documented Customer instructions - Complies with GDPR, CCPA where applicable **Confidentiality:** - All personnel bound by confidentiality - Trained on data security **Security Measures:** - Encryption in transit (TLS 1.2+) and at rest (AES-256) - Role-based access control (RBAC) - Audit logging - Monitored cloud infrastructure (GCP, AWS, Fastn) **No Sale or Training:** - Does not sell Personal Data (CCPA/CPRA) - Customer Data never used for AI training - Only anonymized metrics analyzed **Incident Notification:** - 48-hour notification of data breaches - Includes details and remediation steps ### Customer Responsibilities **Lawful Basis:** - Obtain necessary consents - Ensure compliance with laws - Provide lawful processing instructions **Data Accuracy:** - Uploaded data must be accurate and lawful - Not subject to restrictions (HIPAA, export-control) **Account Security:** - Safeguard login credentials - Monitor account access ### Sub-Processors **Authorized Sub-Processors:** | Sub-Processor | Purpose | Location | |---------------|---------|----------| | Google Cloud Platform (GCP) | Hosting, compute, storage, CDN | United States | | Fastn.ai | Data synchronization and transfer | United States | | Mailchimp (Intuit) | Customer communications | United States | **New Sub-Processors:** - 10 days advance notice - Customers may object in writing - Material impact on data protection **Sub-Processor Agreements:** - Bound by written data-protection terms - No less protective than this DPA - Yorph responsible for performance ### Data Subject Rights **Assistance Provided:** - Upon written request - Access, correction, deletion, portability requests - Where legally required **Direct Responses:** - Yorph does not respond directly to data subjects - Only on Customer's instructions or legal obligation ### International Data Transfers **U.S. Processing:** - Personal Data processed in United States - Customer acknowledges and agrees **EEA/UK/Switzerland Transfers:** - EU Standard Contractual Clauses (2021/914) - Module 2 (Controller → Processor) - Module 3 (Processor → Processor) - UK Addendum for UK data - Swiss FDPIC extensions for Swiss data **Governing Law for Transfers:** - Delaware law for non-EU matters - Clause 17 law for EU matters ### Audits and Compliance **Security Measures:** - Technical and organizational safeguards maintained - Described in Schedule C (see below) **Compliance Demonstration:** - Summary of security practices provided upon request - Reasonably necessary information **Audit Reports:** - Not required to provide SOC 2 or similar - No on-site inspections required - Good faith cooperation with inquiries ### Term and Termination **Duration:** - In force while Yorph processes Customer Personal Data **Post-Termination:** - Delete or return all Customer Personal Data - Per retention policy - Unless legal requirement to retain ### Schedule C: Security Measures **Technical and Organizational Safeguards:** - **Encryption:** TLS 1.2+ in transit, AES-256 at rest - **Access Control:** Role-based access control (RBAC) - **Data Segregation:** Logical isolation between customer environments - **Backups:** Regular backups with documented procedures - **Monitoring:** Audit logging on monitored cloud infrastructure (GCP, Fastn) ### General Terms **Precedence:** - DPA prevails over Primary Agreement for Personal Data processing **Governing Law:** - Delaware law - Except where data-protection laws require otherwise **Severability:** - Invalid provisions don't affect remainder --- - **Session Data:** Deleted automatically after session/workflow completes (default) - **Opted-in Storage:** 30-day retention window for temporary storage and retrieval - **Account Data:** Retained while account is active - **Legal Retention:** May retain certain data for compliance purposes - **Anonymized Data:** May be retained indefinitely for analytics ### Service Providers We work with trusted infrastructure and service providers: - **Google Cloud Platform (GCP)** and Google Cloud CDN for secure hosting and content delivery - **GoDaddy** for web hosting - **Fastn** for secure data synchronization - **Mailchimp** for email communications - **Google Analytics** and YouTube for analytics and embedded media These providers act as processors under our instructions and do not use your data for their own purposes. ### Your Privacy Rights **All Users:** - Access your personal information - Correct inaccurate data - Request deletion of your data - Opt-out of marketing communications - Export your data **California, Nevada, and other U.S. State Residents:** - Right to know what personal information is collected - Right to delete personal information - Right to opt-out of sale (though we don't sell data) - Right to non-discrimination **European Economic Area (EEA), UK, Switzerland Residents:** - GDPR rights including data portability, restriction of processing, and objection - Right to lodge complaints with supervisory authorities ### International Data Transfers Data may be transferred to and processed in the United States and other countries. We implement appropriate safeguards for international transfers. ### Contact for Privacy Matters Email: [privacy@yorph.ai](mailto:privacy@yorph.ai) --- ## Data Processing Addendum (DPA) **Effective Date:** October 23, 2025 **Full DPA:** [yorph.ai/data-processing-addendum](https://yorph.ai/data-processing-addendum) ### Purpose and Scope This Data Processing Addendum governs Yorph's processing of Personal Data on behalf of Customers in connection with use of the Yorph AI platform and services. ### Roles - **Customer** acts as the Controller (or Processor where processing on behalf of another Controller) - **Yorph AI** acts as a Processor (or Sub-Processor) for Customer Data ### Processing Details **Nature and Purpose:** - Yorph processes Customer Personal Data solely to provide, maintain, and support the Services - Includes workflow execution, data transformation, and AI-powered analytics **Types of Data:** - Names, email addresses, identifiers - Logs and metadata related to user inputs, uploaded files, or connected data sources **Sensitive Data Restrictions:** - Yorph AI does NOT intend to process data subject to HIPAA or similar healthcare privacy laws - Customers are STRICTLY PROHIBITED from uploading Protected Health Information (PHI), genetic, biometric, or health-related data - Platform is not designed or certified for HIPAA-compliant processing - Does not intentionally process special-category sensitive data (racial/ethnic origin, religious beliefs, sexual orientation, political opinions, trade union membership) **Data Retention:** - **Default:** All Customer Data (prompts, files, outputs) deleted automatically once session/workflow completes - **Opt-in:** 30-day retention window for temporary storage and retrieval - **Permanent Deletion:** Data permanently deleted after retention period unless extended by Customer - **Aggregated Data:** Anonymized and aggregated data may be retained indefinitely for analytics and system improvement ### Yorph's Processing Obligations **Lawful Processing:** - Processes Personal Data only on documented Customer instructions - Complies with applicable privacy laws (including GDPR and CCPA where applicable) **Security Measures:** - Industry-standard technical and organizational safeguards - Encryption in transit and at rest - Access controls and audit logging - Monitored cloud infrastructure (Google Cloud Platform, AWS, Fastn) **No Sale or Training:** - Does NOT sell or share Personal Data as defined under CCPA/CPRA - Customer Data is NEVER used to train AI models - Only anonymized, aggregated usage metrics analyzed to enhance performance **Incident Notification:** - Will notify Customer within 48 hours of becoming aware of a data breach involving Customer Personal Data - Includes known details and remediation steps **Confidentiality:** - All personnel with access to Customer Personal Data bound by confidentiality obligations - Trained on data security practices ### Customer Responsibilities **Lawful Basis:** - Customer responsible for obtaining all necessary consents or lawful bases for processing Personal Data - Must ensure processing instructions comply with applicable laws **Data Accuracy and Restrictions:** - Customer must ensure uploaded data is accurate, lawful, and not subject to restrictions - Must not upload HIPAA data, export-controlled data, or other prohibited content **Account Security:** - Customer responsible for safeguarding login credentials - Must monitor access to Yorph account ### Sub-Processors Yorph engages the following authorized sub-processors: | Sub-Processor | Purpose | Location | |--------------|---------|----------| | Google Cloud Platform (GCP) | Hosting, compute, storage, CDN | United States | | Fastn.ai | Data synchronization and transfer | United States | | Mailchimp (Intuit) | Customer communications | United States | | GitHub, Inc. | Source control and CI/CD | United States | Yorph will notify Customers at least 10 days in advance of adding or replacing any Sub-Processor. Customers may object in writing if such engagement materially impacts data protection. ### Data Subject Rights Support Yorph will assist Customer in responding to data subject requests (access, correction, deletion, portability) upon written request where legally required. ### International Data Transfers - Data may be transferred to the United States and other jurisdictions - Yorph implements Standard Contractual Clauses (SCCs) and supplementary safeguards as required ### Term and Termination - DPA remains in effect for duration of Primary Agreement - Upon termination, Customer may request deletion or return of all Personal Data within 30 days - Yorph may retain data as required by law or to defend legal claims --- ## Notice at Collection (California) **Effective Date:** October 16, 2025 **Full Notice:** [yorph.ai/notice-at-collection](https://yorph.ai/notice-at-collection) ### Categories of Information We Collect - **Identifiers:** name, email, and account credentials - **Usage Information:** browser, device, and analytics data - **Customer Data:** data, prompts, and files you voluntarily upload - **Payment Information:** processed securely via third-party payment processors (we don't store credit card details) - **Communication Data:** marketing and email engagement data processed by Mailchimp ### Our Service Providers - **Google Cloud Platform (GCP)** - Hosting, compute, storage, CDN - **Fastn.ai** - Data synchronization and transfer - **Mailchimp (Intuit)** - Customer communications These providers act as processors under our instructions and do not use your data for their own marketing or training. ### Our Commitments - **We do NOT sell personal information** - **We do NOT use your personal or customer data to train AI models** ### Your Rights For details about your rights and our data practices, visit our Privacy Policy or contact privacy@yorph.ai. --- ## Security Practices **Security Philosophy:** - Security-first design with multiple layers of protection - Severely limited tool access for AI agents - No sensitive information in tool inputs/outputs - Agents never see actual data values - only rigorously sanitized schemas and metadata **Technical Security Measures:** - Encryption in transit (TLS 1.2+) and at rest (AES-256) - Role-based access control (RBAC) - Audit logging and monitoring - Infrastructure hosted on Google Cloud Platform **Incident Response:** - Dedicated security team monitoring for threats - Documented incident response procedures For security concerns, contact: [security@yorph.ai](mailto:security@yorph.ai) --- ## Compliance and Certifications **GDPR Compliance:** - Data Processing Addendum available for EU customers - Standard Contractual Clauses (SCCs) for international transfers - Data subject rights support - Privacy by design and default **CCPA/CPRA Compliance:** - Notice at Collection provided - Consumer rights honored (access, deletion, opt-out) - No sale of personal information - Service provider agreements in place **NOT HIPAA Compliant:** - Platform is NOT designed or certified for HIPAA compliance - Users strictly prohibited from uploading PHI or healthcare data **Age Requirements:** - Services not directed to children under 18 - No knowing collection of children's data - Users must be 18+ years old to use Services ---