1. Who we are
Cendriix AI, Inc.("Cendriix", "we", "us", "our") is a Delaware C-corporation based in the United States. We operate the Cendriix AI multi-tenant agent orchestration platform, including the web application at cendriix.ai, associated APIs, and command-line tooling (collectively, the "Service").
For the purposes of the EU General Data Protection Regulation (GDPR) and the UK GDPR, Cendriix AI, Inc. is the data controller for personal data processed in connection with your use of the Service.
GDPR contact
Customers and data subjects in the European Economic Area, the United Kingdom, or Switzerland may direct any GDPR-related query, concern, or rights request to privacy@cendriix.ai. We respond to verified requests within the timeframes set out in Section 7.
General privacy inquiries: privacy@cendriix.ai
2. What we collect
We collect the minimum data necessary to operate the Service.
Account data
When you create a Cendriix account or join an existing workspace, we collect your email address, display name, and workspace handle. If you authenticate via OAuth (Google or GitHub), we receive only the profile fields you authorise: typically name, primary email, and avatar URL. We do not read your private repositories, organisation membership, or any other OAuth scope beyond what is explicitly requested.
Usage telemetry
We collect operational metadata about each run: the run ID, workspace ID, agent type, step count, start and end timestamps, cost attribution (in US dollars), exit status, and error category. We do not record the contents of any agent execution, no source code, no file contents, no command output, no generated text.
Browser-level signals
For security and abuse-prevention purposes we log each session's originating IP address, User-Agent string, and HTTP referrer. These logs are retained for 1 year and are used exclusively for fraud detection, rate-limiting, and incident response.
Customer-controlled cloud accounts
On Team and Business plans you connect your own cloud accounts (AWS, GCP, Azure) via OAuth or IAM role assumption. We record the cloud provider, account or project ID, and the specific IAM permissions you grant. We never enumerate, index, or store the contents of your cloud resources.
What we do not collect
- Source code or repository contents of any kind
- Secrets, credentials, or environment variables from your infrastructure
- Production data that your agents read or write during a run
- Raw model prompts, we store only a SHA-256 hash of the prompt for deduplication and abuse detection, never the text itself
- Customer datasets or database records
3. How we use it
We use the personal data described in Section 2 for the following purposes:
- Service delivery. Authenticating your session, routing runs to the correct workspace relay, and presenting run history and cost dashboards in the UI.
- Billing and payment. Calculating per-run fees, generating invoices, and processing payments through Stripe.
- Debugging and reliability. When a run fails, our engineering team may review run metadata (not run contents) to diagnose platform-side issues.
- Security and abuse prevention. Detecting credential-stuffing attacks, prompt-injection attempts targeting the Cendriix control plane, and unusual spend patterns.
- Compliance. Retaining records required by applicable law and responding to lawful requests from public authorities.
- Communications. Sending transactional emails and, only with your explicit opt-in, product updates and announcements.
We do not sell your personal data. We do not use your data to train machine-learning models.
4. Lawful bases (GDPR Art. 6)
For customers in the EEA, UK, or Switzerland, each processing activity rests on one of the following lawful bases:
- Contract (Art. 6(1)(b)). Processing account data, usage telemetry, and billing records is necessary to deliver the Service.
- Legitimate interests (Art. 6(1)(f)). Processing browser-level signals for security, conducting internal analytics to improve the Service, and retaining audit logs.
- Legal obligation (Art. 6(1)(c)). Retaining billing records for 7 years to satisfy financial reporting and tax obligations.
- Consent (Art. 6(1)(a)). Sending marketing communications and enabling non-essential analytics cookies require your explicit consent.
5. Sharing and subprocessors
We share personal data only with the subprocessors necessary to operate the Service, under written data processing agreements. Our complete subprocessor list is published at /security#subprocessors.
| Subprocessor | Purpose | Location |
|---|---|---|
| Amazon Web Services | Cloud hosting, Aurora, Cognito, Secrets Manager, Bedrock, S3 | US, EU (eu-west-1) |
| Anthropic | Underlying AI model inference (Claude) | US |
| OpenAI | Underlying AI model inference (GPT) | US |
| Stripe | Payment processing and invoicing (when billing enabled) | US, EU |
| GitHub | Authentication and repository integration | US |
| Google (OAuth) | Authentication via Google Workspace | US, EU |
6. Data retention
| Data category | Retention period | Basis |
|---|---|---|
| Account profile (email, name, handle) | Duration of account + 30 days after deletion | Contract |
| Workspace audit log | 1 year (Business/Enterprise: configurable up to 7 years) | Legitimate interests / legal obligation |
| Run metadata (IDs, status, latency, cost) | 90 days | Contract / legitimate interests |
| Hashed prompt fingerprints | 90 days | Legitimate interests (abuse prevention) |
| Browser security logs (IP, User-Agent) | 1 year | Legitimate interests (security) |
| Billing records and invoices | 7 years | Legal obligation (tax / financial reporting) |
7. Your rights
Depending on your jurisdiction, you have the following rights. We will respond to all verified requests within 30 days.
- Access (GDPR Art. 15 / CCPA). Request a copy of the personal data we hold about you.
- Rectification (GDPR Art. 16). Request correction of inaccurate or incomplete data.
- Erasure (GDPR Art. 17 / CCPA "right to delete"). Request deletion of your personal data.
- Portability (GDPR Art. 20). Receive your data in a structured, machine-readable format.
- Restriction (GDPR Art. 18). Request that we restrict processing of your data in certain circumstances.
- Objection (GDPR Art. 21). Object to processing based on legitimate interests.
- Withdraw consent. Where processing is based on consent, you may withdraw at any time.
- Lodge a complaint. You have the right to lodge a complaint with your local supervisory authority.
To exercise any of these rights, email us at privacy@cendriix.ai with the subject line "Privacy request".
8. International transfers
Cendriix AI, Inc. is based in the United States. Primary processing occurs in AWS us-east-1 and us-west-2. Business and Enterprise customers on EU plans may elect to pin their workspace to eu-west-1 (Ireland). Where we transfer personal data outside the EEA or UK, we use Standard Contractual Clauses (SCCs), UK IDTA, and the Swiss FDPIC framework.
9. Security
We implement encryption in transit (TLS 1.2+) and at rest (AES-256), role-based access controls, and a formal incident response programme. External penetration testing is planned before GA, not yet completed. Our full security posture is documented at /security.
10. Cookies
We use a small number of cookies to operate the Service. Our Cookie policy explains which cookies we set, their purpose, lifetime, and how to control them.
11. Children
The Service is not intended for, and may not be used by, individuals under the age of 16. If you believe we have inadvertently collected such data, please contact us immediately at privacy@cendriix.ai.
12. Changes to this policy
We will notify you of material changes by email at least 30 days before the change takes effect and by an in-product banner.
13. Contact
- General privacy inquiries: privacy@cendriix.ai
- GDPR rights requests: privacy@cendriix.ai (subject line "Privacy request")
- Postal address: available on request, email legal@cendriix.ai