Privacy Policy

This Privacy Policy explains how COVENANCE.AI S.R.L. ("Covenance", "we", "us") collects, uses, and protects personal data when you visit or use the Seer AI website (the "Website") and the Seer AI oversight platform (collectively, "Seer AI" or the "Service").

We are committed to complying with Regulation (EU) 2016/679 (GDPR) and applicable EU data-protection laws.

Covenance acts as:

• Data Controller for visitors to the Website, leads, and prospective customers
• Data Processor when operating the Seer AI platform on behalf of its customers (under a Data Processing Agreement)

This Policy applies to:

• Visitors of the Seer AI marketing website
• Users requesting product information, demos, or trials
• End users of the Seer AI browser extension, network proxy, SDK, or dashboard
• Customers and authorized employees using the Service

4.1 Website usage data

Automatically collected when you visit the Website:

4.2 Contact and demo-request data

When you submit a demo request or otherwise contact us, we collect:

4.3 Service telemetry (when Seer AI is deployed in your organization)

When the Seer AI browser extension, network proxy, or SDK is deployed by a customer, the Service may process:

The Website uses:

• Strictly necessary cookies (security, session management) that do not require consent
• Privacy-respecting analytics only where lawful and disclosed in our Cookie Policy

See our Cookie Policy for the full list of cookies used. We do not use advertising or cross-site tracking cookies.

We use personal data to:

• Operate, secure, and improve the Website and the Service
• Respond to demo requests and other inquiries
• Provide the Seer AI oversight platform under our customer agreements
• Generate audit-ready evidence for our customers' compliance programs
• Meet our own legal and regulatory obligations

Depending on the context, processing is based on:

We may share data with trusted providers acting as processors, including:

• Cloud hosting and infrastructure providers
• Email delivery providers (for demo-request notifications)
• Analytics and monitoring services
• Security, logging, and incident-response providers

All sub-processors are bound by GDPR-compliant agreements. A current list of sub-processors is available on request to privacy@covenance.ai.

Where personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards, including:

• EU Standard Contractual Clauses (SCCs)
• Adequacy decisions of the European Commission, where applicable
• Supplementary technical measures (encryption in transit and at rest, access controls)

We retain personal data:

• Only for as long as necessary for the purposes stated in this policy
• In accordance with legal, contractual, and regulatory requirements

Customer telemetry processed by the Service is retained according to the customer's contract and configuration, and is deleted or returned upon termination unless retention is legally required.

We implement appropriate technical and organizational measures to protect personal data, including:

Under GDPR, you have the right to:

If you believe your rights have been violated, you may lodge a complaint with the supervisory authority in your EU Member State of residence, work, or alleged infringement.

For Italy, the competent authority is the Garante per la protezione dei dati personali (garanteprivacy.it).

We do not perform automated decision-making producing legal or similarly significant effects on individuals within the meaning of Art. 22 GDPR.

The Seer AI Service classifies prompts and outputs for risk-management purposes. Where a customer chooses to act on such classifications (for example, blocking an action), the customer is responsible for that decision and is required to provide human review where required by law.

We may update this Privacy Policy from time to time. The latest version will always be published on this page with an updated date.