privacy

What we collect, and what we don't.

Last updated 2026-06-30. We collect the minimum needed to run an identity-lifecycle pipeline (joiner, mover, leaver) and reply to your pilot application. Nothing is shared, sold, or used for advertising.

Contact

For privacy questions or data-subject requests (access, correction, deletion), email matei_necula@outlook.com or use the pilot application form. We respond within 30 days. A dedicated privacy@ alias will replace this address once our domain is live.

What we collect from this website

What we collect during a pilot

Where data lives

Production deployments run on Fly.io (US East regions by default; EU regions available on request). Postgres for application state. Vault for credentials and signing keys. Kafka for the audit chain. All in the same region as your tenant's primary residency.

Subprocessors

Lawful basis (GDPR)

International transfers

Deployments default to US regions (Fly.io US-East); EU regions are available on request and keep data in-region. Where EU personal data is transferred to the US, we rely on the Standard Contractual Clauses (SCCs) and the safeguards set out in our Data Processing Agreement.

Your rights

Under GDPR and CCPA you can request access to, correction of, deletion of, or a portable copy of your personal data, and you can object to or restrict its processing. To exercise any of these, email matei_necula@outlook.com or use the pilot form with the subject "data request". We respond within 30 days and never charge for a first request. For personal data we process on a customer's behalf, we forward your request to that customer (the controller) and assist them in responding.

Changes to this policy

If we change anything material, we'll email every active pilot. The current version always lives at this URL.