Privacy Policy

Your data belongs to you. Full stop.

GeneWorks is built on a simple premise: we access your ServiceNow instance to do work on your behalf. We do not harvest, profile, or monetise any data in that process.

1 March 2026
Effective Date
18 March 2026
Last Updated
1.0
Version
1. Scope2. What We Collect3. What We Don't Collect4. Credentials & Access5. Agent Knowledge Base6. Data Storage7. Third-Party Services8. Data Retention9. Your Rights10. Contact Us
01 — Scope

Scope of This Policy

This Privacy Policy governs how GeneWorks, operated by GeneWorks ("we", "our", "the platform"), handles information collected from individuals and organisations ("you", "the customer") who use the GeneWorks platform to interact with ServiceNow instances.

This policy applies to all GeneWorks interfaces — the web dashboard, any API connections made on your behalf, and the Agent Knowledge Base feature. It does not govern the privacy practices of ServiceNow or any third-party integrations you choose to configure within the platform.

02 — What We Collect

Information We Collect

GeneWorks collects the minimum information necessary to operate the platform effectively. This includes:

  • Contact Information: Name, work email address, company name, and job title — provided when you submit a contact or pricing enquiry through our website forms.
  • Usage Signals: Anonymous, aggregated metrics about platform feature usage (e.g., which agent panels are opened, how many tasks are created per session). These signals contain no personally identifiable information and are used solely for product improvement.
  • Task Input Data: The text prompts and document attachments you submit to Gene as task requirements. This content is processed by the AI model layer to generate platform artifacts and is not retained beyond the active session unless you explicitly save it to Your Documents.
  • Session Configuration: Workspace settings, theme preferences, and user access records you configure within the GeneWorks dashboard. These are stored locally in your browser and are not transmitted to GeneWorks servers.
03 — What We Don't Collect

What We Explicitly Do Not Collect

GeneWorks does not read, copy, index, or transmit the contents of your ServiceNow instance beyond what is strictly necessary to execute the specific task you have submitted.

  • We do not build profiles of your ServiceNow data for advertising or analytics purposes
  • We do not scrape or harvest record data from your instance tables
  • We do not transmit your ServiceNow credentials to GeneWorks servers or third parties
  • We do not retain AI conversation history on our servers after the session ends
  • We do not use your platform configurations or usage patterns to train our AI models without explicit written consent
  • We do not sell, rent, or share personally identifiable information with any third party for commercial purposes
04 — Credentials & Access

ServiceNow Credentials & Instance Access

When you configure a ServiceNow instance in GeneWorks Settings, your credentials (instance URL, username, and password) are stored exclusively in your browser's localStorage. They are never transmitted to GeneWorks infrastructure.

All API calls from GeneWorks to your ServiceNow instance travel directly between your browser session and the ServiceNow REST API, over HTTPS. GeneWorks acts as the interface layer — it constructs the API request and passes it through, but it does not intermediate, log, or proxy the credential exchange.

We strongly recommend using a dedicated GeneWorks service account on your ServiceNow instance with the minimum required permissions for your use case, rather than using a personal administrator account.

05 — Agent Knowledge Base

Agent Knowledge Base Documents

When you upload documents to the Agent Knowledge Base (PDFs, DOCX files, process documents, requirements), these files are processed locally in your browser session. The extracted text content is stored in your browser's localStorage and is used only to provide context to the AI agent when you ask a question or submit a task.

Uploaded documents are never transmitted to GeneWorks servers or stored on our infrastructure. They persist only within your browser session and are removed when you explicitly delete them or clear your browser data.

06 — Data Storage

Where Your Data Is Stored

The majority of GeneWorks operational data is stored locally, on your device, within the browser. This includes:

  • ServiceNow instance credentials and connection settings
  • Task history and agent conversation logs
  • Agent Knowledge Base document content
  • User workspace configuration, theme settings, and saved users
  • Brainstorm session history and exported outputs

Data stored via contact forms on our website (submitted through Formspree) is transmitted securely over HTTPS and routed to our designated email inbox. This data is not stored in any database and is used solely to respond to your enquiry.

07 — Third-Party Services

Third-Party Services

GeneWorks integrates with a small number of third-party services to deliver its functionality:

  • AI Model Providers (Anthropic / Google): Task input prompts are sent to AI model APIs to generate agent responses. These providers operate under their own privacy policies and data handling agreements. Prompts submitted to GeneWorks may be processed by these providers. We recommend reviewing their respective privacy policies before submitting sensitive business data.
  • Formspree: Contact form submissions on our website are processed by Formspree and forwarded to our email. Formspree's privacy policy governs this process.
  • Google Fonts: The GeneWorks interface loads fonts from Google Fonts CDN. Google may log font request metadata in accordance with their privacy policy.

GeneWorks does not use advertising networks, tracking pixels, or behavioural analytics platforms on any of its product pages.

08 — Data Retention

Data Retention

GeneWorks retains data for the minimum period necessary to provide the service:

  • Session data (task history, agent conversations) is retained in your browser until you explicitly clear it or until the browser's localStorage is cleared
  • Contact enquiry data received via email is retained for 12 months for the purpose of business communication, then deleted
  • Anonymous usage analytics are retained in aggregated form for up to 24 months

You may delete all locally stored GeneWorks data at any time by clearing your browser's localStorage via your browser's developer tools or privacy settings. This action is immediate and irreversible.

09 — Your Rights

Your Data Rights

Depending on your jurisdiction, you may have rights including the right to access, correct, or delete your personal information. Because GeneWorks stores the majority of operational data locally in your browser, you exercise these rights directly through your browser controls.

For personal data held by GeneWorks as a result of contact form submissions or business communications, you may request access, correction, or deletion by contacting us at the address below. We will respond within 30 days.

GeneWorks does not engage in automated decision-making or profiling that has a legal or similarly significant effect on individuals.

10 — Contact Us

Privacy Questions & Contact

If you have any questions about this Privacy Policy or how GeneWorks handles your data, please contact us. Response time: Within 5 business days.

GeneWorks · March 2026. We reserve the right to update this Privacy Policy at any time. Material changes will be communicated via the website. Continued use of the platform following a policy update constitutes acceptance of the revised terms.