Privacy Policy

1. Introduction

Beeri B.V. ("we," "us," or "our"), a company registered in the Netherlands, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use the Agent.ceo platform and related services (the "Service").

We process personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

The data controller responsible for your personal data is:

3. Data We Collect

3.1 Information You Provide

• Account Information: Name, email address, company name, password (hashed)
• Billing Information: Payment method details (processed by Stripe), billing address
• Communication: Messages you send us, support requests, feedback
• Agent Configurations: Agent settings, prompts, and configurations you create

3.2 Information Collected Automatically

• Usage Data: Features used, agent executions, API calls, timestamps
• Device Information: Browser type, operating system, IP address
• Cookies: Session cookies, authentication tokens (see Section 8)
• Log Data: Server logs, error reports, performance metrics

3.3 Information from Third Parties

• Authentication Providers: If you sign in via Google, GitHub, or other OAuth providers
• Payment Processor: Transaction status from Stripe

4. How We Use Your Data

We use your personal data for the following purposes:

4.1 Service Provision (Legal Basis: Contract Performance)

• Create and manage your account
• Provide access to the Agent.ceo platform
• Process payments and manage subscriptions
• Deliver customer support
• Generate and validate license keys

4.2 Service Improvement (Legal Basis: Legitimate Interest)

• Analyze usage patterns to improve the Service
• Monitor and prevent abuse
• Develop new features
• Debug and fix issues

4.3 Communication (Legal Basis: Legitimate Interest / Consent)

• Send transactional emails (account, billing)
• Notify you of service updates and changes
• Send marketing communications (with consent)

4.4 Legal Compliance (Legal Basis: Legal Obligation)

• Comply with applicable laws and regulations
• Respond to legal requests
• Protect our rights and property

5. Data Sharing

We may share your personal data with:

5.1 Service Providers

• Firebase: Authentication and hosting services
• Stripe: Payment processing
• Supabase: Database hosting
• Cloud Providers: Infrastructure (for Team/Enterprise plans)

5.2 Legal Requirements

We may disclose your data if required by law, court order, or government request, or to protect our rights, property, or safety.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity.

We do not sell your personal data to third parties.

6. Data Retention

We retain your personal data for as long as necessary to:

• Provide the Service to you
• Comply with legal obligations
• Resolve disputes
• Enforce our agreements

Account data is retained for the duration of your account plus 30 days after deletion request. Billing records are retained for 7 years for tax compliance. Usage logs are retained for 90 days.

7. Your Rights (GDPR)

Under the GDPR, you have the following rights:

7.1 Right of Access

You can request a copy of your personal data we hold.

7.2 Right to Rectification

You can request correction of inaccurate or incomplete data.

7.3 Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data, subject to legal retention requirements.

7.4 Right to Restrict Processing

You can request limitation of how we use your data.

7.5 Right to Data Portability

You can request your data in a machine-readable format.

7.6 Right to Object

You can object to processing based on legitimate interests or for direct marketing.

7.7 Right to Withdraw Consent

Where processing is based on consent, you can withdraw it at any time.

To exercise these rights, contact us at privacy@genbrain.ai. We will respond within 30 days.

8. Cookies

We use the following types of cookies:

8.1 Essential Cookies

Required for authentication and core functionality. Cannot be disabled.

8.2 Analytics Cookies

Help us understand how you use the Service. You can opt out in your account settings.

8.3 Preference Cookies

Remember your preferences (theme, language). Optional.

You can manage cookies through your browser settings. Disabling essential cookies may prevent you from using the Service.

9. Data Security

We implement appropriate technical and organizational measures to protect your data:

• Encryption in transit (TLS 1.3) and at rest (AES-256)
• Regular security audits and penetration testing
• Access controls and authentication
• Employee training on data protection
• Incident response procedures

No system is completely secure. We cannot guarantee absolute security but will notify you of any data breach affecting your personal data within 72 hours as required by GDPR.

10. International Transfers

Your data may be processed in countries outside the European Economic Area (EEA). When transferring data outside the EEA, we ensure appropriate safeguards are in place:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions by the European Commission
• Binding Corporate Rules where applicable

11. Children's Privacy

The Service is not intended for users under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at privacy@genbrain.ai.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service. The "Last updated" date at the top indicates when the policy was last revised.

13. Contact Us

For questions about this Privacy Policy or our data practices, contact us at:

14. Supervisory Authority

If you are unsatisfied with our response to your privacy concerns, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):