001 — Data residency
Where your data lives
Your data lives in Sydney, on Supabase, in the AWS ap-southeast-2 region. The project reference is wurwcrgxjjwqdaxqceey. That is the same number we put on every Mana Receipt, so a curious auditor can match the receipt to the database that wrote it.
We chose Sydney for one reason. It is the closest data centre to Aotearoa that meets the residency expectations under the Privacy Act 2020 and the Information Privacy Principles, including the cross-border rule under IPP 12. Hosting inside Aotearoa is what we will move to once Supabase or an equivalent provider runs an Auckland or Wellington region — until then, Sydney is the honest answer.
Three rules apply to your data while it sits there.
One. We do not sell it. We do not share it with advertisers. We do not use your runs to train third-party models. The agents that work on your behalf read the model provider’s API directly (Anthropic, Google, OpenAI) under contracts that exclude your data from training. The Mana Receipt records which provider was called, when, and what the request shape was — so you can audit that claim, not just take our word.
Two. We hold it for as long as it is useful, then we delete it.
Retention windows. Working data — 12 months from last use. Mana Receipts — 7 years (matches IRD record-keeping). Voice call recordings — 30 days, kept only for safety and abuse review. Public demo runs — 7 days, no email, IP only. You can request earlier deletion at any time. We will run it within 20 working days, which is the Privacy Act response window.
Three. Encryption at rest and in transit. AES-256 on disk, TLS 1.3 on the wire. Standard, not novel — that is the point. Novel cryptography is a warning sign, not a feature.
For the full sub-processor list, encryption detail and the enterprise security pack, see the Trust Centre.