headstreamer
Log in

legal

Privacy Policy

Last updated 2026-07-10. This is a template for a real product and not legal advice — have counsel review before commercial use.

What we collect

Account data (name, email), the content you create, usage and audit logs, and standard technical data (IP, device) needed for security and operation.

How we use it

To operate the service, secure it, bill it, and generate your organization's intelligence layer. We do not sell personal data.

AI processing

Your content and, for the intelligence layer, your organization's shareable brains are sent to our AI sub-processor (Anthropic) to generate explanations, diagrams, and the company knowledge graph. Content is processed to provide the service, not to train third-party models.

Sub-processors

DigitalOcean (EU hosting), Anthropic (AI), Cloudflare (CDN/WAF), Stripe (payments), Resend (email). See the trust page.

Data residency & retention

Primary data is stored in the EU (Frankfurt). Audit logs are retained 12 months; sessions 30 days; backups 35 days.

Your rights (GDPR)

Access, portability, correction, and erasure. Export or delete your data any time from Settings → Compliance, or email us.

Security

Encryption in transit (TLS) and secrets encrypted at rest, per-org isolation, audit logging, SSO/2FA, and least-privilege access.

Cookies

We use strictly-necessary cookies for sign-in and security only.

Questions: [email protected]

Built on headstreamer.com. The flow-of-funds brain. · Discover · Pricing · Trust · Developers · Terms · Privacy