If you are located in the United Kingdom, European Union, or Switzerland, please refer to our UK & EU Privacy Policy for region-specific information and rights.
Applies to users outside the European Union, United Kingdom, and Switzerland.
1. Introduction
Deskree Technologies Inc. and Deskree US Inc. ("Deskree," "we," or "our") provide the Tetrix AI platform and related services. This Privacy Policy explains how we collect, use, and protect your information when you use our website and Services.
2. Information We Collect
Connected Systems (Tetrix AI)
When you connect systems to Tetrix AI, we access data based on the credentials and permissions you provide:
Code Repositories
Source code, commit history, issues, pull requests, documentation, and repository metadata.
Databases
Schema information and data access as permitted by your credentials. By default, we request full read/write access, but you can provide restricted credentials (read-only, schema-only, specific tables).
Cloud Infrastructure (AWS)
Resource configurations and metadata. Object contents and logs are accessed only when you explicitly request them.
This data may include personal information in code comments, commits, logs, or database records.
Account & Payment Information
- Name, email, company, phone number
- Payment information via Stripe (we store only last 4 digits and billing address)
Usage Data
- Platform usage, features accessed, performance metrics
- Analytics via PostHog
3. How We Use Information
- Provide and improve Services
- Process AI queries using your connected data
- Maintain security and prevent abuse
- Process payments and communicate with you
- Comply with legal obligations
We do not use your data to train AI models.
4. How Tetrix AI Works
When you ask a question:
- We identify relevant context from your connected systems
- Your query, recent conversation history, and relevant context are sent to AI providers (OpenAI, Anthropic)
- The AI response is returned to you
We do NOT send customer metadata, account IDs, company names, emails, tokens, or credentials to AI providers. We use automated PII detection to mask sensitive data before processing.
Your data is:
- Stored in physically isolated databases (one per customer)
- Not shared with other customers
- Not used to train AI models
- Deleted when you disconnect integrations or delete your account
AI providers (OpenAI, Anthropic) may retain query data for up to 30 days for abuse monitoring per their standard terms, but do not use it to train their models.
5. How We Share Information
We do not sell personal information.
We share data with service providers who help us operate:
- AI Processing: OpenAI, Anthropic
- Infrastructure: AWS, MongoDB, Vercel, Cloudflare
- Payments: Stripe
- Analytics: PostHog, Sentry, LangSmith
View our complete subprocessor list at our Trust Center.
We also disclose information when required by law or to protect rights and safety.
6. Data Storage & Security
Storage
Customer data is stored in AWS regions US-East-1 (Virginia) and EU-West-1 (Ireland). Each customer receives a physically isolated database.
Security Measures
- Encryption in transit (TLS 1.3) and at rest (AES-256 via AWS KMS)
- Role-based access controls
- Credentials stored in AWS Secrets Manager
- Automated PII detection and masking
- SOC 2 Type II and HIPAA compliance
Employee Access
Only authorized senior engineers and security team members can access customer data, using time-limited credentials (24-48h) with MFA. All access is logged with employee ID, timestamp, justification, and IP address. Logs retained 7 years.
AI Processing
Queries are processed by OpenAI and Anthropic in the United States.
7. Data Retention
Deletion Process
When you delete your account or disconnect integrations, we purge data within 48 hours and destroy encryption keys via AWS KMS, making all backups cryptographically unrecoverable within 30 days.
| Data Type | Retention |
|---|---|
| Account & Billing | 7 years |
| Connected Systems Data | Until disconnection + 30 days |
| Conversation History | Until account deletion |
| Database Backups | 30 days (daily backups) |
| Audit Logs | 7 years |
| Cache/Session Data | 2-7 days |
8. Your Rights
You may:
- Access, correct, or delete your data
- Disconnect integrations at any time
- Opt out of marketing communications
Contact: help@deskree.com
California Residents (CCPA)
You have rights to know, delete, and correct your data. We do not sell personal information. Contact help@deskree.com with subject "California Privacy Rights."
Other US States
Similar rights apply under Virginia, Colorado, Connecticut, and Utah privacy laws.
9. Important Considerations
Before Connecting Systems
Your connected systems may contain sensitive information (credentials, personal data, trade secrets) that could be processed and surfaced by AI. We recommend:
- Using secrets management tools instead of hardcoding credentials
- Providing least-privilege database credentials
- Reviewing data before connecting
Sensitive Data
Healthcare (HIPAA)
Contact help@deskree.com before connecting systems with protected health information.
Children's Data
Our Services are not for children under 13. Do not connect systems containing children's data.
10. Code Ownership
You retain all rights to your code and data. We do not claim ownership, share your code with other customers, or use it to train AI models.
11. Updates
We may update this policy and will notify you of material changes via email or platform notice.
12. Contact Us
Privacy Officer: Makar Levashov
Email: help@deskree.com
Address: 169 Gore Vale Avenue, Toronto, ON, M6J 2R5
For U.S. users: Deskree US Inc., 110900 Stonelake Blvd, Austin, TX 78759
Enterprise customers can request separate Data Processing Agreements at sales@deskree.com.