Privacy Policy

Last Updated: 5 August, 2025

1. Introduction

Welcome to Jentic. This Privacy Policy explains how JENTIC TECHNOLOGY LIMITED ("Jentic," "we," "us," or "our") collects, uses, shares, and protects your personal data when you use our Hosted Service.

As a company based in Ireland, we are committed to processing your data in accordance with the EU General Data Protection Regulation (GDPR).

This policy covers:

  • What personal data we collect
  • How and why we use your data
  • Our legal basis for processing your data
  • Who we share your data with
  • Your rights under the GDPR

2. What Personal Data We Collect and Why

We collect personal data in the following ways:

2.1. Information You Provide Directly

Account Information: When you register for an account on our Hosted Service, we collect the following personal data to create and manage your account:

  • Your email address.
  • Your first name and last name.
  • Your password (which is always stored in a secure, hashed format).

If you choose to register using a third-party service such as Google Single Sign-On (SSO), we will receive personal data from that service, such as your name and email address, to create your account.

Communications: When you contact us for support or with inquiries via email, we collect your email address and any information you provide in your message.

2.2. Information We Collect Automatically

Log and Usage Data: When you use our Hosted Service, our servers automatically record information. This may include your IP address, browser type, operating system, the pages you visit, and timestamps of your activity. We use this data to operate, secure, and improve our Hosted Service.

Cookies and Analytics: We use cookies and similar technologies to operate and analyse our website and Hosted Service. Cookies are small text files stored on your device. We use them for several purposes:

  • Strictly Necessary Cookies: These are essential for the website to function. For example, we use local storage (which functions like a cookie) to remember your theme preference (e.g., light or dark mode). These do not require your prior consent but are active by default.
  • Analytics Cookies: To help us understand how visitors use our service, we use third-party analytics tools, including Google Analytics and Microsoft Clarity. These tools collect information about your interaction with our site, such as the pages you visit and how long you spend on them.
  • Third-Party Cookies: When you interact with certain features, such as an embedded newsletter sign-up form, that service may place its own cookies. We use or may use forms from Beehiiv for our newsletters, which uses cookies to track form performance.

We will only use non-essential cookies (like those for Analytics and from Third Parties) with your explicit consent, which you can manage through our cookie consent pop-up.

2.3. Information Processed by the Service

Our Hosted Service involves multiple types of data processing related to AI agents and third-party integrations:

Jentic's AI Processing: When you use our Hosted Service, we process:

  • Input: The prompts, instructions, and data you provide to AI agents.
  • Output: The responses and content generated by our integrated AI models.
  • Agent Configurations: The workflows, settings, and integrations you create.

Service Provision vs. Improvement: We handle your data in distinct ways:

  • (a) Service Provision Processing: We process your Input to generate Output for you through our AI model integrations. This is necessary for the performance of our contract with you.
  • (b) Service Improvement Processing (Free Tier Only): As a condition of using the free-tier service, we may use anonymised and aggregated versions of your Content to improve our services. This includes analysing agent activity traces and execution logs to identify new workflows and to develop and train our own custom AI models for business logic planning. This processing uses our legitimate interest as the legal basis and applies only to data where personal identifiers have been removed.

Agent-Initiated Data Processing: When your AI agents interact with third-party services, you act as the data controller for any personal data your agents process, and you are responsible for ensuring GDPR compliance for these activities.

AI-Generated Content: You should review AI outputs for any personal information before use and ensure it is handled appropriately.

2.4. Third-Party Integration Data Flows

The AI agent functionality involves complex data flows with third-party services:

Agent-to-Third-Party Data Transmission: Your AI agents may send data to, and receive data from, third-party APIs and services you configure.

Data Controller Responsibilities: When your agents process personal data through third-party integrations, you remain the data controller and are responsible for having a legal basis for such processing and complying with all GDPR obligations.

Cross-Border Considerations: Your agents may transfer personal data internationally. You are responsible for ensuring appropriate safeguards are in place for these transfers.

3. Our Legal Basis for Processing Your Data

Under the GDPR, we must have a valid legal basis for each way we process your personal data. We rely on:

  • Performance of a Contract: To process your Account Information and User Content to provide the Hosted Service.
  • Legitimate Interests: To process Log and Usage Data for security and improvement, and to use anonymised User Content to develop our technology.
  • Consent: For non-essential cookies and certain marketing communications.

4. Who We Share Your Data With

We do not sell your personal data. We share your data only as necessary to provide and improve our Hosted Service with the following categories of service providers:

Infrastructure and Platform Providers:

  • Cloud Hosting: We use Amazon Web Services (AWS) as our cloud hosting provider. Your data is primarily stored in data centres located in Ireland (within the European Economic Area) and the United States.
  • AI Model Providers: To generate AI outputs, your Input is processed by our third-party AI model providers. These may include OpenAI, Anthropic, and Google.

Analytics and Performance Monitoring:

  • We share data with Google Analytics and Microsoft Clarity to help us analyse and improve our service.

Operational Service Providers:

  • We use Google Workspace (Gmail) for support and operational email communications.
  • We use Beehiiv to manage our email newsletters.

User-Configured Third-Party Services:

  • When you configure agents, we facilitate the connection, but your data is transmitted to services you select, which process data according to their own policies.

Data Processing Safeguards:

  • We maintain Data Processing Agreements (DPAs) with all our sub-processors. For international transfers, we use appropriate safeguards such as Standard Contractual Clauses or Adequacy Decisions.

5. How Long We Keep Your Data

We retain personal data only as long as necessary for the specific purposes for which it was collected:

Account and Profile Data: Retained while your account is active and deleted from active systems within 30 days of account closure.

Service Usage Data:

  • AI Input and Output: Retained as needed for functionality (typically 30-90 days).
  • Agent Configurations: Retained while your account is active, deleted with account closure.

Operational Data:

  • Log and Usage Data: Retained for up to 12 months for security and service analysis.
  • Support Communications: Retained for up to 3 years.

Service Improvement Data:

  • Anonymised Content (Free Tier Users): May be retained indefinitely for AI model training and service improvement.

6. International Data Transfers

Your personal data may be transferred internationally in several contexts:

Jentic's International Transfers: Data may be transferred by Jentic to service providers located outside the European Economic Area (EEA). For these transfers, we ensure appropriate safeguards are in place through legally recognised mechanisms such as Adequacy Decisions, Standard Contractual Clauses (SCCs), or the EU-U.S. Data Privacy Framework. For example:

  • Our cloud infrastructure is provided by Amazon Web Services (AWS), and our AI model providers include OpenAI, Anthropic, and Google. These providers may process your data in the United States. For any such transfers to the US, we rely on our providers' certification under the EU-U.S. Data Privacy Framework as our legal safeguard.

Agent-Initiated International Transfers: When your AI agents interact with third-party services, you act as the data controller for those transfers and are responsible for ensuring appropriate safeguards are in place.

7. Your Data Protection Rights

Under the GDPR, you have comprehensive rights regarding your personal data. For AI agent platforms, these rights have specific applications:

Right to Access, Rectification, Erasure, Restriction, Objection, and Data Portability.

AI-Specific Considerations: These rights apply to personal data within AI-generated content. Your rights regarding data processed by third-party services via your agents are governed by their policies.

To exercise any of these rights, please contact us at compliance@jentic.com. You also have the right to lodge a complaint with the Irish Data Protection Commission (DPC).

8. AI Act Data Protection Compliance

In addition to GDPR, our processing of personal data complies with relevant provisions of the EU AI Act. This includes measures for data quality, transparency, and prohibiting uses that would constitute banned AI practices under Article 5 of the Act. You remain responsible for your specific AI Act compliance obligations when deploying agents.

9. Data Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, loss, or alteration. These measures are designed to provide a level of security appropriate to the risk of processing your personal data. However, you acknowledge that no security system is 100% secure.

10. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our data processing practices or regulatory developments. We will notify you of material changes to this policy through the Hosted Service or by other means, such as email. All changes will be posted on our website with an updated "Last Updated" date.

11. Coordination with Other Policies

This Privacy Policy works together with our Terms of Service, Acceptable Use Policy, and Service-Specific Terms. In case of any conflict regarding privacy, this Privacy Policy takes precedence.

12. Contact Us

For privacy-related inquiries, exercising your data protection rights, or any data protection concerns, please contact our primary privacy contact:

Primary Contact: compliance@jentic.com

Response Times: We aim to respond to general privacy inquiries promptly and to data subject rights requests within the 30-day period required by law.

Supervisory Authority: You have the right to contact the Irish Data Protection Commission (DPC) at dataprotection.ie.

Stay Updated

Join our mailing list for agentic & AI news