Privacy Policy

How we collect, use, and protect your information

Last updated: July 2025

Plain English Summary

A quick overview — the full policy below is the legally binding version.

  • We only collect your contact details when you give them to us — for example, by filling in our contact form. We also collect basic website data like which pages you visit.
  • We use your data to reply to you, run our services, and improve our website. We never sell it or share it for marketing purposes.
  • Some Centipod apps include optional AI features. When you use one, the text you choose to process is sent to the AI provider (such as OpenAI or Anthropic) — not to us. We never see or store it.
  • Your AI account key stays on your device. It never reaches our servers.
  • You can ask us to show, correct, or delete your personal data at any time.
  • Questions? Email info@centipod.nl

Introduction

Centipod B.V. ("we", "us", or "our") takes your privacy seriously. This policy explains what information we collect, why we collect it, how we protect it, and what rights you have. It applies to our website and all Centipod products and services.

Information We Collect

We collect only what we need:

  • Contact details — name, email address, phone number, and company name, collected only when you choose to share them (for example, by submitting our contact form).
  • Usage data — basic analytics such as pages visited, browser type, and time on page, used to help us improve the site. This may include your IP address.
  • Essential cookies — strictly necessary for the site to function correctly.
  • Analytics cookies — if you consent, we use Google Analytics to collect anonymised usage data (pages visited, session duration, approximate location). Google Analytics sets cookies such as _ga and _ga_*. These are only loaded after you give consent via our cookie banner. We do not use advertising or third-party marketing cookies.

How We Use Your Information

We use the information we collect to:

  • Respond to your enquiries and deliver our services
  • Improve our website and products
  • Send you relevant updates about our work, where you have given consent
  • Meet our legal and regulatory obligations

We do not sell your personal data. We do not share it with third parties except where required to deliver our services or comply with the law.

Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), the United Kingdom, or equivalent jurisdictions, we process personal data on the following legal bases:

  • Contract (Article 6(1)(b) GDPR) — to respond to your enquiries and provide services you have requested.
  • Legitimate interests (Article 6(1)(f) GDPR) — to improve and secure our website and services, where those interests are not overridden by your rights.
  • Consent (Article 6(1)(a) GDPR) — where you have given explicit consent, for example to receive marketing communications. You may withdraw consent at any time.

Data Retention

We retain personal data only for as long as necessary to fulfil the purpose for which it was collected, or as required by law. When data is no longer needed, we securely delete or anonymise it.

  • Contact form submissions — retained in our email inbox for up to 12 months after the enquiry is resolved, then deleted.
  • Analytics data — Google Analytics data is retained for 14 months (Google's default) and then automatically deleted.

Data Security

We implement appropriate technical and organisational measures to protect your data against unauthorised access, disclosure, alteration, or loss. Access to personal data is restricted to authorised personnel with a legitimate need.

Third-Party Services

Our website may contain links to third-party websites. We are not responsible for their content or privacy practices. When you follow a link to another site, we encourage you to review that site's privacy policy.

We use the following third-party service as a data processor:

  • Google Analytics — provided by Google LLC. Used to collect anonymised website usage data. Data may be transferred to servers in the United States. Google's privacy policy: policies.google.com/privacy.

AI Features and Third-Party AI Providers

Some Centipod products include optional AI-powered features backed by third-party large language models (LLMs) such as those from Anthropic, OpenAI, and Google. This section explains how data is handled when you use these features.

How AI features work

When you trigger an AI action — such as submitting a prompt or selecting text for AI processing — that content is sent to the relevant AI provider and a response is returned to you within the product. Nothing is transmitted automatically, passively, or in the background; data is sent only when you take an explicit action.

Bring-your-own-key (BYOK)

Most Centipod products use a bring-your-own-key model: you connect your own account with the AI provider. In these cases:

  • Your API key is stored on your device (for example, in the macOS Keychain or equivalent secure storage) and is never transmitted to Centipod's servers.
  • If you have not provided an API key or have not enabled AI features, no content from your device is ever transmitted to any AI provider.
  • You are responsible for your account with the AI provider, including usage, billing, and compliance with their terms of service.

What Centipod does not do

Centipod B.V. does not:

  • Store, log, or retain the content you submit to AI features on Centipod's servers.
  • Use your AI inputs or outputs to train, fine-tune, or evaluate AI models.
  • Link your AI activity to your identity, device, or account held with Centipod.
  • Share your AI inputs or outputs with anyone other than the AI provider required to process your request.

Third-party AI provider policies

Your input is processed under the AI provider's own terms of service and privacy policy. Centipod is not responsible for the data practices of third-party AI providers. Review their policies before use:

Additional providers will be listed here as they are introduced in Centipod products.

On-device AI

Some products may use on-device AI models that process your content entirely on your device, with no network transmission. In these cases, no data leaves your device during AI processing and this section does not apply to those features.

GDPR note for AI features

Where Centipod acts as a data processor in connection with AI feature usage, the legal basis for processing is the performance of a contract (Article 6(1)(b) GDPR) — specifically, delivering the AI feature you have requested — or, where applicable, your explicit consent. You can withdraw consent at any time by removing your API key from the product's settings.

Your Rights

Under applicable data protection laws, including GDPR, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict how we process your data
  • Receive your data in a portable format
  • Withdraw consent at any time

These rights apply to all personal data we process, including any data handled in connection with AI features. To exercise any of these rights, contact us at info@centipod.nl.

Changes to This Policy

We may update this policy from time to time. Any changes will be posted on this page with a revised date. If the changes are significant, we will make that clear.

Contact Us

For questions about this policy or to exercise your data protection rights, please get in touch:

Email: info@centipod.nl

Company: Centipod B.V., The Netherlands