Privacy Policy (Global)

Deskree Technologies Inc. and Deskree US Inc. ("Deskree," "we," "us," or "our") provide the Tetrix AI platform and related services (the "Services"). This Privacy Policy explains how we collect, use, and protect information about our customers, prospects, and website visitors.

This Policy applies to personal information we collect and process for our own purposes (for example, account, billing, sales, support, and website analytics). For enterprise customers under a Data Processing Agreement (DPA), the DPA governs the limited processing we perform on the customer's behalf and prevails over this Policy where they conflict in respect of that customer's personal information.

Tetrix AI is delivered as a self-hosted containerized application. The customer installs and operates Tetrix AI inside its own infrastructure (the "Deployment Environment"). The substantive processing performed by Tetrix AI — including ingestion of source code, infrastructure metadata, documentation, and database content; construction and querying of the knowledge graph; and any large language model (LLM) interactions — happens entirely within the customer's Deployment Environment, under the customer's technical and organizational control.

Deskree does not host, store, or have runtime access to the customer's production data. We do not operate a software-as-a-service, hosted, or multi-tenant version of Tetrix AI. We do not run a gateway or proxy that receives the customer's prompts, retrieved context, embeddings, or LLM responses.

Where the customer enables LLM-dependent features or uses client tools that integrate with Tetrix AI, the customer configures those features with the customer's own LLM and embedding provider credentials (for example, OpenAI, Anthropic, or Voyage AI). Prompts and responses flow directly between the customer's environment and the LLM provider chosen by the customer, billed against the customer's account with that provider, and governed by the agreement between the customer and that LLM provider. Deskree is not a party to that data flow.

Because Tetrix AI is self-hosted, the information we receive is limited to the following categories.

3.1 Account, License, and Billing Information

• Names, business email addresses, telephone numbers, and contact information of the individuals who contract with us on behalf of a customer (for example, the signatory of the master services agreement, the procurement contact, and the billing contact)
• Company name, registered address, and tax information
• Records of which customer is provisioned with which Tetrix AI license server, including the seat limit and other commercial terms (we do not collect the identities of the customer's end-users; the customer's deployed license server enforces the seat limit and the customer's own administrators manage end-user access within your Deployment Environment)
• Billing-contact information, billing address, and payment-method records (for example, bank-transfer reference details or other records of payments received)

3.2 Support Information

When you request support or professional services, you may voluntarily transmit to us log files, configurations, screenshots, error reports, or other artifacts. You may share information during screen-share or remote-assistance sessions you initiate. Such materials may incidentally contain personal information (for example, identifiers visible in shared logs). We encourage customers to redact or minimize personal information in support materials where feasible.

3.3 Sales and Relationship Information

• Pre-sale contact information of prospective administrators
• Records of communications with prospective and existing customers about the Services
• Records of meetings, demos, and similar interactions

3.4 Website and Marketing Information

• Information you submit through web forms, demo bookings, and newsletter sign-ups
• Cookies and similar technologies — see our Cookie Policy
• Aggregate website analytics

3.5 What We Do NOT Receive

For clarity, the following are not received by Deskree under the standard self-hosted deployment of Tetrix AI:

• Your source code, commit history, issues, pull requests, or repository contents
• Your database schema or database contents
• Your cloud infrastructure resource configurations or contents
• Prompts, retrieved context, embeddings, or LLM responses generated during your use of Tetrix AI
• Operational telemetry emitted by Tetrix AI inside your Deployment Environment (the Services do not phone home by default)
• Identities of your end-users, their authentication credentials, or per-user usage data — end-user provisioning and access are managed by your own administrators within your Deployment Environment

All such data remains inside your Deployment Environment, under your exclusive control. We do not collect, receive, or aggregate it.

We use the information described in Section 3 to:

• Provision, license, and support Tetrix AI
• Respond to support requests and provide professional services
• Administer accounts and process payments
• Communicate with customers and prospects about the Services
• Maintain the security of our corporate systems and prevent abuse
• Comply with legal obligations

We do not use customer data to train, fine-tune, or otherwise improve generic or shared machine-learning or large-language models. Tetrix AI is not designed to collect, exfiltrate, or transmit customer data from your Deployment Environment to Deskree for any training purpose.

We do not sell personal information.

We share information with the following categories of recipients:

5.1 Sub-processors

LLM and embedding providers (OpenAI, Anthropic, Voyage AI, and similar) engaged by you using your own credentials are NOT our sub-processors. You are responsible for executing data-processing terms (and any applicable transfer mechanism) directly with each such provider.

5.2 Other Service Providers

For our corporate, billing, sales, and website functions, we use service providers including:

• Website analytics and product analytics on our website: PostHog and similar tools
• Error and performance monitoring on our corporate systems: Sentry and similar tools

These providers process limited information on our behalf under appropriate contractual safeguards.

5.3 Legal and Safety Disclosures

We may disclose information when required by law, in response to valid legal process, or where we believe disclosure is necessary to protect rights, safety, or property.

6.1 Where Information Is Stored

The limited categories of information we process (Section 3) are stored within our corporate IT systems and the systems of the sub-processors and service providers identified in Section 5. These systems are hosted with cloud providers whose data-center physical security is audited under SOC 2 Type II or equivalent.

Your production data processed by Tetrix AI within your Deployment Environment is not stored by Deskree. That data is stored where you choose to deploy Tetrix AI, under your storage, encryption, and key-management arrangements.

6.2 Security Measures

We implement technical and organizational measures to protect the information we hold, including:

• AES-256 encryption at rest
• TLS 1.3 in transit
• Role-based access controls with least privilege
• Multi-factor authentication for personnel accessing systems that hold customer information
• Time-limited credentials (24–48 hours) for any support access to information that may contain customer personal information
• Logging of all such access with employee identifier, timestamp, justification, and IP address; logs retained for 7 years
• Documented incident response, backup and recovery, and vulnerability management procedures
• Independent SOC 2 Type II audit

6.3 Product Security Features (Operate in Your Deployment Environment)

Tetrix AI ships with security features that execute within your Deployment Environment, including TLS 1.3 for outbound API calls made by Tetrix AI, AES-256 encryption at rest using keys under your control, role-based access control within the application, configurable SSO/OIDC/SAML integration where supported, structured audit logs consumable via your own observability tooling, and PII detection/masking capabilities (where present, heuristic and defense-in-depth) that execute entirely within your environment.

We retain information only as long as needed for the purposes described in this Policy, or as required by law.

Upon termination of an enterprise customer's main agreement and at the customer's election within 30 days of termination, we return or delete the customer personal information in our possession, subject to the retention exceptions above.

Customer production data within your Deployment Environment remains under your control. You are responsible for uninstalling Tetrix AI and deleting such data within your Deployment Environment when no longer needed.

Depending on where you live, you may have rights to:

• Access the personal information we hold about you
• Correct inaccurate or incomplete personal information
• Delete your personal information
• Opt out of marketing communications

Contact help@deskree.com to exercise these rights.

California Residents (CCPA/CPRA)

You have the right to know, delete, correct, and limit use of your personal information. We do not sell or share personal information as those terms are defined in the CCPA. To exercise your rights, contact help@deskree.com with subject "California Privacy Rights." You may designate an authorized agent to make a request on your behalf.

For enterprise customer personal information that we process as a service provider, we comply with our obligations under the CCPA.

Texas Residents (TDPSA)

You have rights under the Texas Data Privacy and Security Act, including the right to access, correct, delete, obtain a portable copy of your personal information, and opt out of certain processing. Contact help@deskree.com.

Other U.S. States

Similar rights apply under the Virginia Consumer Data Protection Act, the Colorado Privacy Act, the Connecticut Data Privacy Act, the Utah Consumer Privacy Act, and other applicable state privacy laws. Contact help@deskree.com.

Canada (PIPEDA / Quebec Law 25)

Canadian residents may access and correct personal information we hold and request information about our use and disclosure of personal information. Contact help@deskree.com.

Where personal information is in your Deployment Environment

Where the personal information concerned is processed by Tetrix AI within an enterprise customer's Deployment Environment, that customer is the controller of that information. We will direct your request to the customer or assist the customer in responding, as appropriate.

When you deploy Tetrix AI in your environment, your connected systems may contain sensitive information (credentials, personal data, trade secrets) that could be processed by Tetrix AI and surfaced through your chosen LLM provider. We recommend:

• Using secrets management tools instead of hardcoding credentials
• Providing least-privilege database credentials
• Reviewing data before connecting Tetrix AI to a source
• Configuring your chosen LLM provider, where supported, to disable training on submitted data and to minimize retention
• Reviewing each LLM provider's data-protection, retention, and training terms before configuring Tetrix AI with credentials for that provider

Sensitive Data Restrictions

Healthcare (HIPAA): Contact help@deskree.com before deploying Tetrix AI in connection with protected health information (PHI). Customers may not transmit PHI to Deskree without our prior written agreement.

Children's Data: Tetrix AI is not designed for processing personal information of children under 13. Do not connect systems containing children's data.

AI outputs generated by Tetrix AI via your chosen LLM provider may be inaccurate, incomplete, or inappropriate. You are responsible for human review of outputs before relying on them in any decision affecting individuals. Tetrix AI is not designed for automated decision-making that produces legal effects concerning individuals.

You retain all rights, title, and interest in your code, your data, and the contents of your Deployment Environment. We do not claim ownership, do not share that data with other customers, and do not use that data to train AI models.

We may update this Policy from time to time. We will notify enterprise customers of material changes by email or in-product notice.

Privacy Officer: Makar Levashov

Email: help@deskree.com

Legal Department: legal@deskree.com

Deskree Technologies Inc.

169 Gore Vale Avenue, Toronto, Ontario M6J 2R5, Canada

Deskree US Inc.

10900 Stonelake Blvd, Austin, TX 78759, United States

Data Processing Agreements

Enterprise customers can request a Data Processing Agreement at sales@deskree.com.