All of ciralgo.com Privacy policy

Your data, your call.

We're a privacy-first company by design, not by press release. This page explains, in plain English, what we collect, why, where it lives, and the rights you have over it.

Last updated ”2
Our commitments

Four promises that shape everything below.

The rest of this page is detail. These four principles are the shape of it.

EU by default

Every prompt, response, log, and metadata field lives on servers physically located in the European Union.

You own it

Export, correct, or delete your data at any time with a single click. No hoop-jumping, no support ticket queue.

We never sell it

No advertisers, no data brokers, no marketing lists. Our business model is a subscription, not attention arbitrage.

Not fed to AI models

Your prompts and data are never used to train third-party AI models. That's a hard contractual line with every provider.

Section 01

What we actually collect.

Four narrow categories, each with a purpose. If it isn't listed here, we don't have it.

01

Account data

Your name, work email, organisation. Used to authenticate you, invoice you, and show your name to teammates.

Name Email Organisation
02

Product usage

Which features you use and how often, so we can improve the product and honour your plan limits.

Feature clicks API call counts Session data
03

Support conversations

Messages you send us and our replies. Kept so we can build on prior context when you write back.

Emails Chat transcripts
04

Billing data

Handled by our payment processor. We only see summaries, plan, amount, invoice status. Not card numbers.

Plan Invoice history VAT ID
Section 02

What we do with it.

Five reasons, each with a legal basis under GDPR. Anything not on this list is out of scope.

  • Deliver the service. Contract performance, you asked us to run Ciralgo for you.
  • Talk to you about your account. Contract performance, service updates, security alerts, billing.
  • Keep it secure. Legitimate interest, abuse prevention, incident response, audit trails.
  • Meet legal obligations. Legal obligation, tax records, EU AI Act logging, GDPR requests.
  • Make the product better. Legitimate interest, aggregated usage patterns, never identified to individuals.
Section 03

Where your data lives.

The short version: inside the European Union, always.

Your app You control what goes in.
Ciralgo ยท EU Processed and stored inside the EU.
AI provider EU-region endpoints where available.

For “private intent” calls, we route to an EU-hosted, self-contained model. Data never leaves the jurisdiction under any circumstance.

Section 04

Your rights, in six clicks.

Under GDPR you have specific rights over your data. We honour them all, without support tickets or PDF forms.

01

Access

Ask for a copy of everything we have about you. We return it within 30 days.

02

Correction

Fix anything wrong or out of date. Editable from your account settings.

03

Deletion

Erase your account and every trace of it, subject only to legal retention.

04

Portability

Export your data in a common, machine-readable format. Take it anywhere.

05

Objection

Ask us to stop using your data for a specific purpose. We'll comply or explain.

06

Withdraw consent

Any consent you gave (e.g. marketing) can be revoked at any time.

Section 05

How long we keep it.

We keep data only as long as we need it, then delete it. Two exceptions: legally mandated retention and active support histories.

Account data Name, email, organisation
While active + 6 months
Support history Messages you sent us
2 years
Billing records Invoices, tax records
7 years (Dutch tax law)
Product usage logs Feature clicks, sessions
13 months
Section 06

The vendors that touch your data.

We keep this list short on purpose. Every vendor is bound by GDPR-aligned data-processing terms.

See the full sub-processor list OVHcloud, Stripe, MailerLite, and a handful more. All EU-based.
Section 07

How we protect it.

Full detail lives on the Security page. Here are the load-bearing controls.

Encryption in transit
Encryption at rest
MFA on all admin access
Strict tenant isolation
Tamper-evident audit logs
72-hour breach notification
Section 08

Changes to this policy.

We update this page when our practices change. Material changes get emailed to every account holder at least 30 days before they take effect. Small clarifications (typos, restructuring) go live silently. Every version is timestamped in the "Last updated" line at the top of this page.

Questions about your data?

Talk to our DPO.

For any privacy request, complaint, or "wait, what?" moment about this policy, our data protection officer will get back to you within one working day.

”Ciralgo