emisar emisar

Legal

Privacy Policy

Last updated June 4, 2026

The plain version: we collect what's needed to run the service, we don't sell your data or train AI on it, and you can export or delete it any time.

1. What we collect

Account information. When you sign up we collect your email address, your name (optional), the IP address the request came from, and authentication metadata (timestamps, MFA factors, browser user-agent). This is what we need to give you an account, send you confirmation and notification email, and produce a useful audit trail for your own organization.

Product telemetry. The control plane stores the data your team actively generates: registered runners and their metadata (hostname, version, last-seen), action packs your runners advertise, runs your operators or LLM agents trigger, approvals, policy decisions, and the resulting audit events. These records are your data — we treat them as confidential.

Billing information. Paid plans are processed via Paddle. We never see or store your full card number; Paddle gives us back a customer identifier, the last four digits, and the card brand. Your billing email and address sit in Paddle.

2. How we use it

We use this data for one thing: to provide the emisar service to you. That means authenticating you, routing actions to your runners, enforcing your policies, sending operational email (confirmation, password reset, approval notifications), and producing invoices.

We do not sell your data. We do not share it with advertisers. We do not enrich it with third-party data brokers.

We do not use your data to train AI models. Not ours, not anyone else's. The audit events your team generates are not a training corpus and we will not turn them into one.

3. Where it lives

Production data lives in a managed PostgreSQL database hosted in the United States. All connections between your browser, your runners, the control plane, and the database are encrypted in transit with TLS 1.2 or higher (TLS 1.3 where the client supports it). Backups are encrypted at rest with AES-256 and stored in the same US region.

4. Subprocessors

We rely on a small number of vendors to operate the service. Each one is contractually bound to confidentiality and to processing data only on our instructions.

  • Paddle — payment processing for paid plans.
  • Postmark — transactional email (sign-up confirmation, magic links, approval notifications).
  • Fly.io — application hosting and managed PostgreSQL.

We will update this list before adding new subprocessors. If you are on a paid plan and want notification before changes take effect, email support@emisar.dev and we will add you to the list.

5. Your rights

You can export your data at any time. Audit events stream out of the /api/audit endpoint as NDJSON for any SIEM that speaks HTTP, using any API key with the audit:read scope. For a full account snapshot (audit + packs + configuration), email support@emisar.dev and we'll generate it for you. We're working on a one-click export in the dashboard.

You can delete your account at any time. Email support@emisar.dev and deletion removes your data from the primary database within 24 hours and from encrypted backups within 30 days (after which the backups themselves expire). Ask for a deletion certificate or a copy of the data first if you need one.

If you are in the EU, UK, or California you have additional rights under GDPR and CCPA respectively — access, rectification, portability, restriction. Email us and we will honor them.

6. Retention

Audit events and run history are retained according to your plan:

  • Free — 7 days of audit history.
  • Team — 90 days of audit history.
  • Enterprise — 365 days of audit history.

Account metadata (your email, your organization name, your billing record) persists for the life of the account. After account deletion, we retain only what we are legally required to retain (e.g., tax records for invoices) for the minimum statutory period.

7. Cookies

We use one cookie: a signed, HTTP-only session cookie that keeps you logged in. That's it. No analytics cookies on the product surface, no advertising cookies, no third-party trackers in the application. The marketing site uses a single first-party cookie for the same purpose if you are logged in.

8. Contact

emisar is operated by Andrii Dryga, the data controller for the records described in this policy. Questions, requests, or concerns: support@emisar.dev. For security issues specifically: security@emisar.dev.