Privacy Policy

1. What we collect

• ›Account info — email and name you sign up with.
• ›Integration credentials — OAuth access / refresh tokens, or pasted API keys, for the systems you explicitly connect (Sentry, GCP, GitHub, Linear, Notion, Slack, Telegram, Vercel, PostHog, GA4).
• ›Events ingested by your Karass agents — error signatures, log lines, stack traces, pull request metadata, analytics aggregates, ticket payloads. Only what the agents actively need to do their job.
• ›Operational metadata — which integrations you have connected, which agents you hired, how your instruction rules are configured, when they last ran.

2. What we don't collect

• ›Third-party analytics or advertising cookies.
• ›Session recordings, keystroke tracking, heatmaps.
• ›Data from integrations you haven't connected.
• ›Content of user conversations in connected systems beyond what the specific agent task requires (e.g. Monitor reads error events, it does not read your private Slack DMs).

3. Where it's stored

• ›Credentials (OAuth tokens, API keys): Google Cloud Secret Manager, encrypted at rest by Google, one secret per tenant per capability.
• ›Events + metadata: PostgreSQL on Google Cloud SQL, region europe-west1, encrypted at rest.
• ›Static assets and app code: Google Cloud Run.
• ›No data is sent to servers outside Google Cloud.

4. Who can access it

• ›You — via your workspace in karass.dev.
• ›Karass operators — for debugging and platform maintenance. We do not read tenant data for any other reason.
• ›AI model providers — when an agent invokes an LLM (currently Anthropic Claude), the specific content the agent passes in the prompt is processed by that provider under their terms. We do not send credentials to LLMs.
• ›No third-party sale, sharing, or advertising partners.

5. Retention and deletion

• ›Data lives as long as your workspace exists.
• ›Disconnecting a single integration permanently deletes its credentials and any events sourced from it.
• ›Deleting the workspace (Settings → Delete workspace) synchronously removes every credential, integration row, event, and instruction. After deletion there is no recovery.
• ›Backups are retained by Google Cloud SQL for up to 30 days for disaster recovery. Backup copies of deleted tenants are not accessed except for incident response.

6. Your rights

• ›Export — email us and we export everything in your workspace as JSON within 14 days.
• ›Deletion — delete your workspace at any time, no account required first.
• ›Correction — update any data you can reach inside the app; for data you can't reach, email us.
• ›Objection / restriction — email us; we'll pause processing while we figure it out.

7. Security

All traffic is HTTPS. Credentials are never logged. Database access requires per-engineer IAM role on Cloud SQL. Karass runs on Google Cloud Run with no direct internet exposure of the database. If we discover a breach affecting your data we notify you within 72 hours of discovery with the scope and mitigation.

8. Contact

Questions, deletions, exports, complaints — support@karass.dev. One human reads this mailbox. Expect a reply within a few days.

9. Changes to this policy

Material changes are announced via email to workspace owners and posted here with an updated date. Continued use after a change constitutes acceptance.