Privacy

Privacy Policy (MuFaw)

Last updated: February 4, 2026

MuFaw ("MuFaw," "we," "us," "our") is an AI engineering studio building production-grade systems. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit our website, contact us, or interact with us in connection with potential or active engagements.

This policy applies to:

  • Visitors to our website
  • People who contact us (email, forms, meetings)
  • Prospective customers and partners
  • Representatives of customers/vendors/partners
  • Job applicants (if/when you apply or email us)

If you are a customer and we process personal data on your behalf (for example, as part of an AI/analytics engagement), that processing is governed primarily by our contract with you (and any Data Processing Addendum, if applicable). This policy mainly covers how MuFaw handles personal information for our own business purposes.

1) Who we are and how to contact us

  • Contact email (privacy requests): contact@mufaw.com
  • Location: Remote-first; hubs in San Francisco and Toronto.

2) Information we collect

We collect information in three main ways: (A) information you provide, (B) information collected automatically, and (C) information from third parties.

A) Information you provide to us

Depending on how you interact with MuFaw, we may collect:

  • Contact details (e.g., name, email, company, message content) submitted through our contact form or email.
  • Meeting and communications data (e.g., messages, scheduling details, notes, call metadata).
  • Business and contracting details (e.g., role/title, billing/contact info, signatures, procurement documents).
  • Information you choose to share in discovery calls or during an engagement (which could include personal data if you include it in documents/datasets).

B) Information collected automatically (website usage)

When you visit our site, we (and service providers) may automatically collect:

  • Device and log data (e.g., IP address, browser type, pages viewed, timestamps, referring URLs)
  • Approximate location (typically derived from IP, such as city/country)
  • Performance and diagnostics data (e.g., site performance metrics)

C) Information from third parties

We may receive information from:

  • Referrals (someone introducing you to us)
  • Public sources (e.g., your company website or professional profiles)
  • Service providers (e.g., scheduling/video conferencing tools you choose to use with us)

3) How we use information

We use personal information to:

  • Respond to inquiries and communicate with you (including sending requested information).
  • Evaluate fit and scope for potential engagements (e.g., project discovery).
  • Provide and operate services (including project delivery, security, troubleshooting).
  • Improve our website (analytics, performance, debugging).
  • Security and fraud prevention (protect our systems, detect abuse).
  • Legal/compliance (meet legal obligations, enforce terms, resolve disputes).
  • Marketing: If you request information, we may follow up about MuFaw services. You can opt out of marketing communications at any time by replying "unsubscribe" or emailing hello@mufaw.com.

4) Legal bases (EEA/UK visitors)

If you are in the EEA/UK, we process personal data under one or more of these legal bases (where applicable):

  • Consent (e.g., optional cookies where required)
  • Contract (to take steps at your request or deliver services)
  • Legitimate interests (e.g., securing and improving our site, responding to business inquiries)
  • Legal obligation (compliance requirements)

5) How we share information

We do not sell personal information.

We may share personal information with:

  • Service providers that help us run our business (e.g., hosting, analytics, email, scheduling, security). Hosting providers often collect standard log/diagnostic data.
  • Professional advisors (lawyers, accountants) where necessary.
  • Business transfers (if MuFaw is involved in a merger, acquisition, financing, or sale of assets).
  • Legal and safety disclosures if required to comply with law or protect rights/safety.

When we use vendors, we aim to use reputable providers and limit access to what they need to perform services.

6) Cookies, analytics, and similar technologies

We may use cookies and similar technologies for:

  • Essential site functionality
  • Security
  • Analytics and performance measurement

If we enable privacy-friendly analytics such as Vercel Web Analytics, it can measure traffic without third-party cookies and may identify sessions using short-lived hashed signals; session data may be discarded after a limited period (e.g., 24 hours).

Some platforms also describe "performance cookies" for analytics in their cookie policies; if you deploy tools that rely on cookies, you may need a cookie banner/consent flow depending on visitor location.

Do Not Track: Some browsers offer "Do Not Track" signals. Because there is no consistent industry standard for responding, we may not respond to DNT signals.

7) Client/project data (important for an AI studio)

If you become a customer, you may provide datasets, documents, or operational data. In that context:

  • We process data to deliver the services you request.
  • We follow contractual confidentiality and security commitments.
  • We retain and delete customer data based on the contract or your instructions.
  • If an engagement uses third-party cloud/model providers (e.g., cloud compute, LLM APIs), the specific providers and data handling should be addressed in your SOW/DPA so it is explicit what flows where.

8) Data retention

We keep personal information only as long as reasonably necessary for the purposes described above, including:

  • Maintaining business records
  • Responding to requests
  • Operating and improving the site
  • Complying with legal obligations
  • Resolving disputes and enforcing agreements

Retention for customer project data is handled under the applicable contract.

9) Security

We use reasonable administrative, technical, and organizational safeguards designed to protect personal information (for example, access controls and secure transmission). However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

10) International data transfers

Because we are remote-first and may use global service providers, personal information may be processed in countries other than where you live (including the United States and Canada). Where required, we rely on appropriate transfer mechanisms (such as contractual protections) consistent with applicable law.

11) Your rights and choices

Depending on your location, you may have rights to:

  • Access the personal information we have about you
  • Correct inaccurate information
  • Delete information (where applicable)
  • Object to certain processing or ask us to restrict processing
  • Portability (where applicable)
  • Withdraw consent (where processing is based on consent)

To exercise these rights, email hello@mufaw.com. We may need to verify your identity before fulfilling a request.

12) Children's privacy

Our website and services are not directed to children, and we do not knowingly collect personal information from children under 13 (or under 16 where applicable). If you believe a child has provided us personal information, contact us and we will take appropriate steps to delete it.

13) Third-party links

Our website may link to third-party websites. We are not responsible for the privacy practices of those third parties. Review their policies before providing them information.

14) Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will update the "Last updated" date at the top. Material changes may also be communicated via the website.