🎉 keinsaas Academy is live!View Upcoming Events

Why Keinsaas?

Navigator

Beta

Solutions

Blog

About Us

Talk to the founders

🎉 keinsaas Academy is live!View Upcoming Events

Privacy Policy

Last updated: March 2026

Last updated: March 2026

1. Introduction

At keinsaas, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

keinsaas OÜ

Järvevana tee 9

11314 Tallinn, Estonia

Registry code: 17354044

keinsaas OÜ is the sole data controller for all services, including Consulting & Agency Services and keinsaas Navigator.

Contact:

• Consulting & Agency Services: info@keinsaas.com

• Navigator: navigator@keinsaas.com

3. Data We Collect

Personal Information:

• Name, email address, contact details when you register or contact us

• Company information and professional details

• Payment information (processed through Stripe)

Usage Data:

• Pages visited, features used, time spent

• IP address, browser type, device information

• Cookies and similar tracking technologies

Navigator-Specific Data:

• Account Data: Email, name, subscription details

• Chat Data: All messages you send and receive, including uploaded files and generated responses

• LLM Selection: Which AI models you choose to use (e.g., GPT-4, Claude, Gemini)

• Usage Metrics: Credit consumption, number of chats, model usage statistics

• Payment & Billing Data: Subscription details, payment history, invoicing data (processed via Stripe and Autumn)

• Tool Stack & Credentials: Tool names, integration metadata, and verification status for connected third-party tools (actual credentials are stored securely via external secret managers)

• Workflow Data: Workflow blueprints, automation specifications, Mermaid diagrams, planning chat histories, execution logs, and workflow run outputs

Communication Data:

• Messages sent through contact forms

• Email communications and support requests

4. Legal Basis for Processing

We process your personal data based on the following legal bases under GDPR:

• Contract performance (Article 6(1)(b)): To provide our services

• Consent (Article 6(1)(a)): For marketing communications and non-essential cookies

• Legitimate interests (Article 6(1)(f)): For website analytics and service improvement

• Legal obligations (Article 6(1)(c)): For compliance with applicable laws

5. How We Use Your Data

For All Services:

• Service Provision: To provide and improve our services

• Communication: To respond to inquiries and provide customer support

• Marketing: To send relevant updates about our services (with your consent)

• Analytics: To analyze website performance and user behavior

• Legal Compliance: To fulfill legal and regulatory requirements

Specifically for keinsaas Navigator:

• Chat Processing: Your messages are sent to the AI model you select (hosted by OpenAI, Anthropic, Google, or other providers depending on your choice)

• Chat Storage: All chats are stored in Supabase (AWS servers in Europe) to provide chat history and continuity

• Credit Management: To track and manage your credit consumption based on model usage

• Service Improvement: To improve our platform and user experience

• Workflow Planning and Automation Building: To generate workflow blueprints and automation specifications from your uploaded SOPs and documents

• Tool Credential Verification and Integration Management: To verify and manage connections to your third-party tools

• Execution Logging and Dynamic Dashboard Generation: To log workflow executions and generate visual dashboards of results

Important: Your chat data is processed by the AI providers you select. EU-hosted models are visually marked in the interface. Non-EU models (e.g., standard OpenAI, Anthropic) may process data outside the EU.

6. Data Sharing and Third-Party Services

We use the following third-party services:

Website & Hosting:

• Vercel (AWS EU servers) for hosting

• Email services for marketing and transactional emails

• Analytics tools for website performance

Navigator:

• AI providers: OpenAI (GPT models), Anthropic (Claude models), Google (Gemini models), and others depending on your selection

• Supabase (PostgreSQL on AWS EU servers) for database

• Vercel (AWS EU servers) for hosting

• Stripe for payment processing

• Autumn for subscription and billing management

• DigitalOcean for workflow hosting

• Windmill for workflow orchestration

• GitHub for code repository for client automations

• Bitwarden for secure credential storage (metadata only stored in our database)

When you use Navigator, your messages are sent to the AI provider you select. EU-hosted options are clearly marked in the interface.

Data Processing Agreements:

We have Data Processing Agreements (DPAs) with all data processors in accordance with Article 28 GDPR.

For Consulting and Agency Services, we may establish an individual Data Processing Agreement (DPA) with the client upon request.

For Navigator customers with specific data processing requirements, a DPA is available upon request at navigator@keinsaas.com.

Legal Requirements:

We may disclose your data if required by law, by court order, or to protect our rights and security.

We do not:

• Share your chat data with third parties for marketing purposes

• Use your data to train AI models (subject to AI provider terms)

• Sell your personal information

7. International Data Transfers

Navigator: Chat storage is in the EU (Supabase on AWS). AI processing depends on your model selection — EU-hosted models keep data in the EU, while non-EU models may transfer data to the USA or other locations. Hosting is in the EU (Vercel on AWS).

For transfers outside the EU, we rely on:

• Standard Contractual Clauses (SCCs)

• Adequacy decisions from the European Commission

• AI providers' data protection frameworks

You control which AI models process your data — choose EU-hosted options to keep data within the EU.

8. Data Retention

• Account data: Until account deletion or 3 years after last activity

• Marketing data: Until you unsubscribe or withdraw consent

• Support communications: Up to 3 years for quality assurance

• Chat history: Stored until you delete it or close your account

• Uploaded files: Same retention as chat history

• Billing records: As required by Estonian law (typically 7 years)

• Consulting project documentation: As required by Estonian law (typically 7 years)

• Analytics data: Up to 26 months in anonymized form

• Legally required retention: In accordance with Estonian tax and commercial laws

You can delete individual chats or your entire account at any time through the Navigator interface or by contacting navigator@keinsaas.com.

9. Your Rights

Under GDPR you have the following rights:

• Right to Access (Article 15): Obtain a copy of your personal data

• Right to Rectification (Article 16): Correction of inaccurate data

• Right to Erasure (Article 17): Deletion of your data

• Right to Restrict Processing (Article 18): Restriction of data processing

• Right to Data Portability (Article 20): Receive your data in a structured format

• Right to Object (Article 21): Object to processing

• Right to Withdraw Consent (Article 7): Withdraw your consent at any time

To exercise your rights:

• For Consulting & Agency Services: info@keinsaas.com

• For Navigator: navigator@keinsaas.com or use your account settings

Response time: Within 30 days.

10. Cookies and Tracking

We use cookies to:

• Keep you logged in

• Remember your preferences

• Analyze website usage

• Improve user experience

You can manage cookies through your browser settings. Essential cookies are required for service functionality.

11. Marketing Communications

When you sign up or use our services, you may receive marketing emails. You can:

• Unsubscribe using the link in emails

• Contact info@keinsaas.com to opt out

• Update preferences in your account settings

12. Data Security

We implement security measures including:

• Encryption: SSL/TLS for data transmission, encryption at rest

• Access Control: Restricted access for authorized personnel only

• Regular Security Audits: To identify vulnerabilities

• Secure Infrastructure: AWS and Vercel with industry-standard security

13. Data Breach Notification

In case of a data breach, we will:

• Notify the supervisory authority within 72 hours

• Inform affected individuals if there is high risk

• Take immediate steps to contain and remedy the breach

14. Children's Privacy

Our services are not intended for children under 16. We do not knowingly collect data from children under 16.

15. Supervisory Authority

Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon)

Tatari 39, 10134 Tallinn, Estonia

https://www.aki.ee

16. Changes to This Policy

We may update this policy periodically. We will notify you of material changes via email or website notice.

17. Contact Us

Consulting & Agency Services:

keinsaas OÜ

Järvevana tee 9, 11314 Tallinn, Estonia

info@keinsaas.com

Navigator and Data Deletion:

keinsaas OÜ

Järvevana tee 9, 11314 Tallinn, Estonia

navigator@keinsaas.com

We are not just another automation agency. We build systems that grow with you — and become your trusted partner on the journey towards a future-proof company

Talk to the founders

Company

Learn

Legal

We are not just another automation agency. We build systems that grow with you — and become your trusted partner on the journey towards a future-proof company

Talk to the founders

Company

Learn

Legal

We are not just another automation agency. We build systems that grow with you — and become your trusted partner on the journey towards a future-proof company

Talk to the founders

Company

Learn

Legal