fern automationprivacy

Privacy Policy

Effective 2026-05-07.

Fern Automation builds AI agents for small businesses. The agents need access to specific business data — emails, customer inquiries, contact info, public web pages — to do useful work. This page explains what data we collect, where it lives, who else sees it, and how to remove it.

Plain language wherever possible. If anything is unclear, email cosmo@fernautomation.com and we'll fix the doc.

Who runs Fern

Fern Automation is a one-person company based in Seattle, WA, run by Cosmo Mostad. There is no parent company, no investors, no advertising business. Fern's customers pay Fern directly for agent services.

What data we collect

Per business that uses Fern:

  • Account info — the owner's email address (used to sign in via magic link), the business name, and the team members the owner invites.
  • Knowledge documents — whatever the business types or pastes into the Knowledge tab of each agent (FAQs, policies, voice guidelines). The business owns this content; we store it so the agents can ground their replies on it.
  • OAuth tokens for any connected service (Gmail, CourtReserve, etc.). Refresh tokens are encrypted with AES-256-GCM at rest. Only the agent runtime can decrypt them at call time.
  • Inbound emails that arrive in the connected inbox while an agent is configured to watch it. The agent reads these to classify and draft replies. We store the parsed text and Gmail message ID for de-duplication.
  • Drafted replies and outbound emails the agent generates. These sit in the Console waiting for human approval before anything is sent.
  • Run + event logs — what each agent did and when. Used to show the Timeline tab and to debug.
  • Public web data agents scrape from URLs you configure (e.g., AJGA tournament results, USTA player profiles). We store summaries of relevant entries.

We do not collect cookies for tracking or advertising. Vercel sets functional cookies for sign-in sessions; that's it.

Where the data lives

  • Supabase (Postgres in US-West, Oregon) — primary database. Holds accounts, agents, knowledge, messages, runs, events, encrypted OAuth tokens. Multi-tenant isolation enforced with row-level security.
  • Hetzner (Ubuntu VM in Oregon) — Python agent runtime. Reads from Supabase to do its work. Stores no customer data on local disk.
  • Vercel (US edge) — hosts the web Console at fernautomation.com. Serves pages, handles auth callbacks. Does not store customer data; reads from Supabase per request.

Third parties we share data with

For Fern to work, parts of your data are sent to these processors:

  • Anthropic — for every LLM call. The prompt (which can include parts of incoming emails, knowledge docs, and draft outputs) is sent to Anthropic's Claude API, processed, returned. Anthropic does not train on customer data sent via their API.
  • Google — when an agent reads or drafts Gmail. We only send and receive data on the user's behalf using the OAuth scopes the user granted.
  • Resend — for sending magic-link sign-in emails from the Console. Only the recipient address and the link.

How long we keep data

For the lifetime of the account, plus a 30-day grace window after cancellation in case you change your mind. After that, data is deleted on a rolling basis. If you want everything deleted immediately, email cosmo@fernautomation.com.

Your controls

  • Disconnect any agent's Gmail in the Console — the encrypted refresh token is wiped from our database immediately. The agent stops being able to read or draft.
  • Revoke Fern's Google access entirely at myaccount.google.com/permissions. The next agent run will fail cleanly with a "not connected" error.
  • Export your data — email Fern, we'll send you a dump of every row tagged to your org.
  • Delete your account — same channel; we'll wipe within 7 days and confirm.

Security

OAuth refresh tokens are encrypted with AES-256-GCM at rest. The encryption key lives in Vercel and Hetzner environment variables, not in the database. Postgres connections are TLS. The Hetzner machine has no public web ports — it pulls from Supabase, never accepts inbound web traffic. Each agent's source code lists the specific external operations it can perform; anything not on the list isn't reachable from agent code.

Updates

If we change anything material here, we'll email account owners and update the effective date at the top of this page.

Contact

cosmo@fernautomation.com.