1. Overview
This Privacy Policy explains how Platfrmr LLC(“Platfrmr,” “we,” “us,” or “our”) collects, uses, shares, and protects information when you visit our website, sign up for an account, or use our software-as-a-service platform that uses AI agents to generate, deploy, and operate cloud applications (collectively, the “Service”).
By accessing or using the Service, you agree to the practices described in this Policy. If you do not agree, please do not use the Service.
2. Information We Collect
a. Information you provide directly
- Account information: name, email address, password (hashed), and authentication identifiers from third-party sign-in providers (e.g., Google).
- Billing information: payment details are collected and processed by our payment processor, Stripe. We do not store full card numbers on our servers. We retain limited billing metadata such as subscription tier, invoice history, and the last four digits of your card.
- Project content: business descriptions, prompts, configurations, code, schemas, and other inputs you submit to our agents in order to generate or operate your applications.
- Support and communications: messages you send us through email or support channels.
b. Information collected automatically
- Usage data: pages viewed, features used, requests made to our agents, timestamps, and referring URLs.
- Device and log data: IP address, browser type and version, operating system, device identifiers, language settings, and crash or error logs.
- Cookies and similar technologies: we use first-party cookies to maintain your session and third-party cookies (e.g., Google Analytics) to measure usage. See Cookies and Tracking below.
c. Information from third parties
- OAuth providers: when you sign in with a third-party provider, we receive your basic profile (name, email, avatar URL) and an authentication token.
- Payment provider: Stripe shares transaction status, country, card brand, and the last four digits of your payment method with us.
3. How We Use Information
We use the information we collect to:
- provide, operate, maintain, and improve the Service;
- create and manage your account, authenticate you, and secure the Service;
- process payments, send invoices, and manage subscriptions;
- generate, deploy, monitor, and operate applications you build with our agents;
- communicate with you about the Service, including transactional messages, security alerts, and product updates;
- respond to your support requests and inquiries;
- detect, investigate, and prevent fraud, abuse, and security incidents;
- comply with legal obligations and enforce our terms.
We do not sell your personal information. We do not use your project content to train publicly released foundation models.
4. Legal Bases for Processing (EEA / UK)
If you are in the European Economic Area or the United Kingdom, we process your personal data on the following legal bases:
- Contract: to provide the Service you have requested.
- Legitimate interests: to operate, secure, and improve the Service.
- Consent: for optional analytics and marketing communications, where required.
- Legal obligation: to comply with applicable laws and regulations.
7. Data Storage, Security, and Location
Your data is stored on Google Cloud Platform infrastructure. Application data may be stored in a dedicated Cloud SQL Postgres instance provisioned for your account. Secrets are managed through Google Secret Manager and are not stored in source code. Agent services are deployed with restricted invoker permissions and require signed Google ID tokens for service-to-service calls.
We use industry-standard administrative, technical, and organizational measures to protect personal information, including encryption in transit (TLS), encryption at rest, access controls, least-privilege IAM, and audit logging. No method of transmission over the internet or method of electronic storage is 100% secure, however, and we cannot guarantee absolute security.
8. International Data Transfers
We are based in the United States and our service providers may process data in the United States and other countries. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in a country where data protection laws may differ from those in your jurisdiction. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses.
9. Data Retention
We retain personal information for as long as needed to provide the Service, comply with our legal obligations, resolve disputes, and enforce our agreements. When you close your account:
- your account profile and project content are deleted or anonymized within 30 days of cancellation, unless retention is required by law;
- billing records are retained for at least seven (7) years to satisfy tax and accounting requirements;
- backups containing your data are purged on the rolling backup retention schedule (typically up to 35 days).
10. Your Rights and Choices
Depending on where you live, you may have the right to:
- access, correct, or update the personal information we hold about you;
- request deletion of your personal information;
- object to or restrict certain processing;
- request a portable copy of your personal information;
- withdraw consent at any time, where processing is based on consent;
- opt out of marketing communications by following the unsubscribe link in any marketing email;
- lodge a complaint with your local data protection authority.
To exercise these rights, contact us at carl@platfrmr.com. We will respond within the time period required by applicable law.
California residents (CCPA / CPRA)
California residents have the right to know what personal information we collect, the purposes for which it is used, and the categories of third parties with whom it is shared; the right to request deletion; the right to correct inaccurate information; and the right to non-discrimination for exercising these rights. We do not sell personal information and do not “share” it for cross-context behavioral advertising as those terms are defined under California law.
11. Children’s Privacy
The Service is not directed to children under the age of 16, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it.
12. Third-Party Links and Generated Applications
The Service may contain links to third-party sites or services that we do not control. We are not responsible for the privacy practices of those third parties. Applications that you generate and deploy using Platfrmr are owned and operated by you; you are responsible for the privacy practices and legal compliance of those applications, including providing a privacy policy to their end users where required.
13. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting a prominent notice in the Service before the changes take effect. The “Effective Date” above indicates when the latest version was published. Your continued use of the Service after the effective date constitutes acceptance of the revised Policy.
14. Contact Us
If you have questions or concerns about this Privacy Policy or our privacy practices, contact us at:
Platfrmr LLC
Email: carl@platfrmr.com
