Privacy Policy
Effective February 1, 2026
Cato is a biomedical data analysis platform that provides AI-assisted data exploration, statistical analysis, code execution, and literature review capabilities.
This Privacy Policy explains how we collect, use, disclose, and process your personal data when you use the Cato platform and related services ("Services"). It applies to all users of Cato's standard platform.
This Privacy Policy does not apply where Cato acts as a data processor on behalf of enterprise customers using Cato's commercial deployments — for example, where your organization has provisioned a self-hosted or VPC-deployed instance of Cato. In those cases, the enterprise customer is the data controller, and you should review their policies for information about how they handle your personal data.
This Privacy Policy also describes your privacy rights. More information about your rights, and how to exercise them, is set out in Section 5 ("Rights and Choices").
Collection of Personal Data
We collect the following categories of personal data:
Personal data you provide to us directly
- Identity and Contact Data: We collect your name and email address when you create a Cato account. We may also collect or generate indirect identifiers (e.g., internal user IDs).
- Payment Information: If you purchase access to paid features, we collect payment information through our payment processor. Cato does not store full payment credentials on its servers.
- Inputs and Outputs: When you interact with Cato, your messages ("Inputs") generate AI responses and analysis results ("Outputs"). If you include personal data in your Inputs, that information will be processed as part of the conversation and may appear in Outputs.
- Uploaded Datasets: Files you upload for analysis, including their contents, filenames, and structural metadata (column names, row counts, data types).
- Literature Search Data: Search queries you submit through Literature Intelligence, which are transmitted to external academic databases (PubMed, BioRxiv, arXiv, ClinicalTrials.gov, EPO, OpenAlex). Also includes literature collections you create, annotations you add to papers, saved watch alert queries, and papers you send to Chat via the literature-to-chat bridge.
- Memories: Preferences and key findings automatically extracted from your conversations and stored to personalize future interactions. You can view, edit, and delete these at any time.
- Feedback and Communications: If you submit feedback or communicate with us, we collect the contents of those messages.
Personal data we receive automatically
When you use the Services, we receive certain technical data automatically, including device type, browser information, IP address, and usage information such as dates and times of access.
How We Use Your Data
We use your personal data for the following purposes:
- To provide, maintain, and improve the Cato platform and its features
- To process your Inputs and generate Outputs using AI models
- To execute analysis code in sandboxed environments on your behalf
- To execute literature search queries against external academic databases and APIs on your behalf
- To perform AI-powered evidence extraction, citation network analysis, and document generation from retrieved literature
- To create and administer your account
- To extract and store conversational memories to personalize your experience
- To generate conversation titles and other organizational metadata
- To communicate with you about the Services
- To prevent fraud, abuse, and violations of our Usage Policy
- To investigate and resolve disputes or security issues
- To debug and repair errors
- To enforce our Terms of Service and Usage Policy
- To improve our offerings to you, including our underlying models.
Data Storage, Retention, and Security
Storage
All user data, including conversations, datasets, memories, and project metadata is stored on the deployment infrastructure in a filesystem hosted by Nyrus AI's partners. Cato does not transmit data to cloud storage, analytics, or telemetry services beyond what is described in Section 2.
Retention
Your data is retained for as long as your account is active or as needed to provide the Services. You can delete individual conversations, memories, datasets, or entire projects at any time. Deleted data is removed from the database and is not recoverable.
Memory feature
Cato automatically extracts preferences and key findings from your conversations to personalize future responses. Memories are stored locally and can be viewed, edited, or deleted from the Memory page in the sidebar. The auto-memory feature can be disabled entirely from the Memory page.
Security
We implement appropriate technical and organizational measures to protect your data, including encrypted credential storage, sandboxed code execution with network isolation, and authentication-gated API access. No security system is impenetrable, and we cannot guarantee absolute security.
Rights and Choices
Depending on where you live and the laws that apply, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you.
- Deletion: Request deletion of your personal data. You can also delete conversations, datasets, memories, and projects directly from the platform.
- Correction: Request correction of inaccurate personal data.
- Data portability: Request your data in a portable format.
- Objection: Object to processing of your personal data on grounds of legitimate interest.
- Withdrawal of consent: Where processing is based on consent, you may withdraw it at any time.
- Memory controls: View, edit, delete, or disable automatic memory extraction from the Memory page.
To exercise your rights, contact us at the email provided in your deployment documentation. We will respond to verified requests within the timeframes required by applicable law. Cato does not sell your personal data or use it for targeted advertising.
Protected Health Information
If your data originates from health records, you are responsible for ensuring it has been de-identified in accordance with HIPAA Safe Harbor or Expert Determination methods before uploading it to Cato.
Enterprise Deployments
Enterprise deployments may include additional data processing agreements, Business Associate Agreements (BAAs) with Cato and relevant third-party providers, and custom infrastructure configurations including self-hosted and VPC deployments where data does not leave the customer's infrastructure.
Children
Cato is not directed towards, and we do not knowingly collect information from, children under the age of 18. If you become aware that a child has provided personal data to us, please contact us and we will investigate and, if appropriate, delete the data.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes through the platform and update the effective date at the top of this page. Continued use of the Services after changes constitutes acceptance.
Contact
If you have questions about this Privacy Policy, or wish to exercise your privacy rights, contact us at the email provided in your deployment documentation.
Legal Bases for Processing
The following table describes the legal bases we rely on for processing your personal data under applicable data protection laws:
| Purpose | Data types | Legal basis |
|---|---|---|
| Provide and maintain the Services | Identity, Inputs & Outputs, datasets, technical data | Contract |
| Process Inputs and generate Outputs via AI models | Inputs & Outputs, dataset metadata | Contract |
| Execute analysis code in sandboxed environments | Generated code, dataset contents | Contract |
| Extract and store conversational memories | Conversation excerpts | Legitimate interest; consent controls via Memory page |
| Create and administer your account | Identity, payment information | Contract |
| Communicate with you about the Services | Identity, communication data | Contract; legitimate interest |
| Prevent fraud, abuse, and policy violations | Identity, Inputs & Outputs, technical data | Legitimate interest; legal obligation |
| Debug and repair errors | Technical data, Inputs & Outputs | Legitimate interest |
| Execute literature searches against external databases | Search queries, literature metadata, collections | Contract |
| Enforce Terms of Service and Usage Policy | Identity, Inputs & Outputs, technical data | Contract; legitimate interest |