Skip to main content
AI DeskFlowBack to home

Privacy Policy

Last updated: March 2026

1. Data Collection

AI DeskFlow collects the following data when you use our service:

  • Identification data: name, email address, password (hashed), and optional profile picture.
  • Billing data: payment information processed by our payment provider Stripe. We never store your card numbers.
  • Uploaded documents: the files you upload to your workspace. These documents are encrypted at rest (AES-256).
  • Usage data: login logs, queries performed, timestamps, IP address, and browser type.

2. Use of Data and Legal Basis (GDPR Art. 6)

Your data is processed for the following purposes, each with its corresponding legal basis under Article 6(1) of the GDPR:

  • Provide the AI DeskFlow service (document analysis, AI queries, storage) — Legal basis: performance of contract (Art. 6(1)(b)).
  • Manage your account and subscription (billing, authentication) — Legal basis: performance of contract (Art. 6(1)(b)).
  • Send service-related communications (confirmations, security alerts) — Legal basis: legitimate interest (Art. 6(1)(f)) — ensuring security and service continuity.
  • Cloud AI processing (when you opt-in to sending data to OpenAI, Anthropic, or Groq) — Legal basis: explicit consent(Art. 6(1)(a)). You can withdraw this consent at any time in Settings > AI Models.
  • Ensure security and prevent abuse (rate limiting, fraud detection, logs) — Legal basis: legitimate interest (Art. 6(1)(f)).
  • Comply with legal obligations (tax records, law enforcement requests) — Legal basis: legal obligation (Art. 6(1)(c)).

Your documents are never used to train artificial intelligence models.

3. Storage and Security

All data is stored on infrastructure provided by SOC 2 Type II certified partners (Supabase, AWS). Your database is hosted within the European Union (Supabase EU-West). The application is served globally via Vercel's edge network. Documents are encrypted at rest with AES-256 and in transit with TLS 1.3. Backups are performed daily and retained for 30 days.

4. Third-Party Sharing

AI DeskFlow never sells, rents, or shares your personal data for commercial purposes. The following third parties may access certain data in connection with providing the service:

  • Stripe: payment processing (billing data).
  • Supabase / AWS: database and storage hosting (encrypted data).
  • AI providers (cloud by default on Solo Pro, opt-in on Cabinet/Enterprise): On the Solo Pro plan, queries are processed by cloud AI providers (OpenAI, Anthropic, or Groq) with zero data retention API agreements where available. On Cabinet and Enterprise plans, you can choose to use a private local AI running on your server so your data never leaves your infrastructure. Cloud providers can be configured or disabled in your workspace settings at any time.
  • Resend: transactional email delivery (account confirmations, security alerts).
  • Hetzner (Germany/Finland): dedicated VPS hosting for Cabinet and Enterprise plans.
  • Vercel: application hosting.

5. International Data Transfers (Schrems II)

Some of our third-party providers are based in the United States. When personal data is transferred outside the European Economic Area (EEA), AI DeskFlow ensures an adequate level of protection through the following mechanisms:

  • Stripe (USA):payment processing — transfers covered by Standard Contractual Clauses (SCCs, EU Commission Decision 2021/914) and Stripe's participation in the EU–U.S. Data Privacy Framework.
  • Vercel (USA):application hosting — transfers covered by SCCs incorporated in Vercel's Data Processing Addendum. EU users are served from EU edge nodes where available.
  • OpenAI / Anthropic / Groq (USA, opt-in only): cloud AI providers used only when explicitly selected by the user — transfers covered by each provider's DPA and SCCs. Zero data retention policies apply where offered. By default, no data is sent to these providers.
  • Supabase: database hosted in EU-West (Ireland) — no transfer outside EEA for stored data.

You may request a copy of the applicable SCCs by contacting privacy@ai-deskflow.com.

6. Cookies

AI DeskFlow uses only strictly necessary cookies for the operation of the service (authentication, session preferences). We do not use advertising or tracking cookies. Session cookies expire after 7 days of inactivity.

7. Automated Decision-Making (GDPR Art. 22)

AI DeskFlow uses artificial intelligence to analyze documents and generate responses to your queries. These AI-generated outputs are provided for informational purposes only and do not constitute legal, medical, financial, or any other professional advice. No automated decision with legal or similarly significant effects is made without human review.

You have the right to request human intervention, to express your point of view, and to contest any decision influenced by automated processing. Contact dpo@ai-deskflow.com to exercise this right.

8. Your Rights (GDPR)

In accordance with the General Data Protection Regulation (GDPR), you have the following rights:

  • Right of access: obtain a copy of your personal data.
  • Right to rectification: correct inaccurate data.
  • Right to erasure: request the deletion of your data and documents.
  • Right to data portability: receive your data in a structured and readable format.
  • Right to object: object to the processing of your data for certain purposes.
  • Right to restriction: request the restriction of processing of your data.
  • Right to withdraw consent: where processing is based on your consent (e.g., cloud AI usage), you may withdraw it at any time via your workspace settings, without affecting the lawfulness of processing carried out prior to withdrawal.

To exercise these rights, contact us at privacy@ai-deskflow.com. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority (in France: the CNIL — www.cnil.fr).

9. Data Retention

Data retention periods vary by category:

  • Account data (name, email, profile): retained while your account is active. Deleted within 30 days of account closure.
  • Uploaded documents and AI-generated content: retained while your account is active. Deleted within 30 days of account closure.
  • Billing data: retained for the duration required by applicable tax law (typically 10 years in France under Article L123-22 of the Commercial Code).
  • Security and usage logs: retained for 12 months, then automatically purged.
  • AI decision logs (EU AI Act): retained for 90 days for audit trail purposes. Contains input hashes only, not plaintext queries.

10. Data Breach Notification (GDPR Art. 33-34)

In the event of a personal data breach likely to result in a risk to your rights and freedoms, AI DeskFlow will notify the competent supervisory authority (CNIL) within 72 hours. If the breach is likely to result in a high risk, we will also notify affected users without undue delay, describing the nature of the breach, the likely consequences, and the measures taken to address it.

11. AI Data Processing

When you upload documents to AI DeskFlow, they are processed as follows to enable AI-powered search and analysis:

  • Document embedding:the text content of your documents is sent to OpenAI's text-embedding-3-smallmodel to generate vector embeddings (numerical representations of meaning). These embeddings are stored in your workspace's pgvector database on Supabase (EU-West, Ireland).
  • Semantic search: when you ask a question, your query is embedded using the same model, and the most relevant document chunks are retrieved via similarity search before being passed to the AI model as context.
  • No training on your data: your documents and the embeddings derived from them are never used to train, fine-tune, or improve any AI model— whether operated by AI DeskFlow or any third-party provider. OpenAI's zero data retention API agreement applies to all API calls.
  • Local mode (Cabinet & Enterprise): if your workspace is configured with Data Region: Local only, document embeddings are computed and stored entirely on your dedicated Hetzner VPS using a local embedding model (ChromaDB). No data is sent to OpenAI or any cloud provider.

12. Sub-processors

The following sub-processors may process personal data on our behalf. Each is bound by a data processing agreement (DPA) and applicable data protection law:

Sub-processorServiceLocationData processed
SupabaseDatabase & storageEU (Ireland)Documents, account data, embeddings, usage logs
OpenAIEmbeddings & LLM (opt-in)USADocument text (embeddings), query text (chat completions)
AnthropicLLM (opt-in)USAQuery text and document context (chat completions)
GroqLLM (opt-in)USAQuery text and document context (chat completions)
StripePayment processingUSABilling data (name, email, payment method — no card numbers stored by us)
ResendTransactional emailUSAEmail address, email content (confirmations, alerts)
VercelApplication hostingUSA / global edgeRequest metadata (IP, headers) for application delivery; no document content
HetznerDedicated VPSEU (Germany / Finland)Documents and AI data for Cabinet & Enterprise plans (local_only mode)

Cloud AI providers (OpenAI, Anthropic, Groq) are configured with zero data retention agreements where available, meaning query data is not stored or used for training after the API call completes. For EU-only or local-only data regions, these providers are not used.

13. Data Regions

AI DeskFlow gives you control over where your data is processed through the Data Regionsetting in your workspace (Settings > Privacy):

  • Global (default): your documents are stored in the EU (Supabase EU-West, Ireland). AI processing uses cloud providers (OpenAI, Anthropic, or Groq — whichever is configured). Vercel serves the application globally via edge nodes. This option provides the best performance and the widest choice of AI models.
  • EU only: AI processing is restricted to EU-hosted infrastructure and your dedicated Hetzner VPS. Cloud AI providers based outside the EU are blocked. Local AI models (running on the VPS) or EU-hosted alternatives are used instead. Requires a Cabinet or Enterprise plan.
  • Local only: all document processing, embedding, and AI inference happens exclusively on your dedicated Hetzner VPS — no data is sent to any cloud provider for AI processing. This is the strictest option, suitable for highly regulated environments. Requires a Cabinet or Enterprise plan with a provisioned private server.

Regardless of the data region selected, authentication and billing data is always processed via Supabase (EU) and Stripe respectively.

14. Data Controller

The data controller responsible for your personal data is:

ETERNA-APP INC.
131 Continental Dr, Suite 305
Newark, DE 19713, United States
Website: eterna-app.com

AI DeskFlow is a product operated by ETERNA-APP INC.

15. Contact

For any questions regarding this privacy policy, you may contact us: