This policy describes how DEINO collects, uses, and protects your information. We are committed to data minimization, transparency, and customer control.
Effective 1 March 2026 · Last updated 29 May 2026DEINO (“we”, “us”, “our”) is an auditable oracle infrastructure platform for regulated AI workloads, operated by:
When you create a DEINO account, we collect: your name, work email, firm name, role, and authentication credentials. For Enterprise customers, we also collect billing contacts and procurement contacts as you nominate them.
We collect technical information necessary to operate the platform: API call timestamps, endpoint accessed, response status codes, rate-limit consumption, and aggregate query patterns. We do not log the content of your queries or the content of audit manifests by default — those remain in your tenant.
“Customer Data” means information you submit to DEINO — entities you track, profile axes you configure, custom agents you deploy. Customer Data is yours. We process it strictly to provide the service. See the DPA for full details.
For EU-resident data subjects, we rely on the following GDPR Article 6 bases:
| Legal basis | GDPR Article | What we rely on it for |
|---|---|---|
| Contract | Art. 6(1)(b) | To provide DEINO to customers under signed MSA / SaaS Terms |
| Legitimate interest | Art. 6(1)(f) | Security, fraud prevention, aggregate product analytics, and direct B2B marketing to corporate prospects |
| Consent | Art. 6(1)(a) | Newsletter subscriptions and optional cookies |
| Legal obligation | Art. 6(1)(c) | When responding to lawful regulatory requests |
For Brazil-resident data subjects, we observe LGPD Article 7 with corresponding bases.
For Argentina-resident data subjects, we observe Personal Data Protection Law 25.326 and applicable AAIP regulations.
We do not use Customer Data to train any machine learning models. Customer Data is processed only to provide the service to that specific customer.
We share information only as follows:
We do not sell personal information. We do not share Customer Data for advertising purposes. We do not provide bulk data access to any third party.
Subject to applicable law, you have the right to:
| Right | What it lets you do |
|---|---|
| Access | Obtain the personal information we hold about you |
| Rectify | Correct inaccurate personal information |
| Erase | Delete your personal information (“right to be forgotten”), subject to legal retention obligations |
| Restrict / object | Limit processing for direct marketing or legitimate-interest purposes |
| Portability | Receive your data in a structured, machine-readable format |
| Withdraw consent | At any time where consent is the basis |
| Lodge a complaint | With a supervisory authority (Argentina: AAIP · EU: your national DPA · Brazil: ANPD) |
To exercise any of these rights, email privacy@deino.ai. We respond within 30 days. We may require identity verification before fulfilling requests.
| Data category | Retention period | Notes |
|---|---|---|
| Account information | Account duration + 90 days | Then deleted, subject to legal retention obligations |
| Customer Data | Contract duration + 60 days | 60-day export window, then deleted. Enterprise may extend via SLA |
| Audit manifests | ● Customer-controlled | Set via your audit ledger configuration. We impose no limits |
| Billing records | 7 years | Per applicable tax law (Argentina Ley 11.683; Delaware general statute) |
| Marketing data | Until unsubscribe | Or 3 years of inactivity, whichever is first |
| Security logs | 13 months | Retained for incident investigation |
DEINO operates globally. Customer Data may be processed in any region depending on customer deployment choice (LATAM, EU, US, on-prem). Default deployments for new customers are region-tied unless otherwise agreed.
For EU → non-EU transfers, we rely on the EU Standard Contractual Clauses (2021 version) as the legal mechanism. The Argentina ↔ EU corridor benefits from Argentina’s adequacy decision (European Commission, 2003).
Enterprise customers may require sovereign deployment to eliminate cross-border transfers entirely. This is included in the Enterprise tier.
We maintain administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, disclosure, alteration, or destruction. Specifically:
Full security details at /trust. To report a security issue, email security@deino.ai.
DEINO is a B2B enterprise platform. We do not knowingly collect information from anyone under 18 years of age. If we learn that we have collected such information, we will delete it promptly. Contact privacy@deino.ai if you believe a minor has provided us with information.
We may update this Privacy Policy. Material changes will be communicated by email to account holders at least 30 days before they take effect. Continued use after the effective date constitutes acceptance. Previous versions are archived and available on request.