Skip go content

Privacy policy

Privacy policy for di Threada platform, including data handling, security controls, and user rights.

Last updated: 2025-01-01 wey dey

Dis Privacy policy explains how Threada ("we", "us", "our") collects, uses, and safeguards information when you use our website, platform, APIs, and related services (collectively, di "Services").

1. Information We Collect wey dey

1.1 Account plus Tenant Data

Information you provide when creating an account or tenant, including name, email address, organisation, and role assignments.

1.2 Knowledge Source Content wey dey

Website content and documents you authorize as knowledge sources. We store processed text, extracted metadata (including schema.org), embeddings, and indexing artifacts. Private or gated content dey only processed if explicitly uploaded or integrated.

1.3 WorkItem plus Interaction Data

End-user requests, AI responses, citations, approval events, usage events, plus anonymized analytical metrics.

1.4 Technical plus Log Data

IP addresses, user agent, timestamps, request IDs, latency metrics, response codes, plus operational diagnostics for security, reliability, plus abuse detection.

1.5 Billing plus Subscription Data

Plan selections, usage counters, invoice status, entitlement state. All payment processing dey handled by Stripe; we do no store full card numbers.

2. How We Use Information wey dey

  • Provide and operate di Services (sync, index, answer, automations, analytics)
  • Improve retrieval quality, ranking, plus hallucination prevention
  • Detect abuse, fraud, security anomalies, plus system misuse
  • Send administrative plus service notifications
  • Enforce plan limits, free tier usage, plus subscription status
  • Optimize performance, scaling, plus reliability

3. Legal Bases (EEA/UK) wey dey

Our processing dey based on: contract performance, legitimate interests (security, improvement), legal compliance, and consent where explicitly requested (e.g., marketing opt-ins).

4. Data Retention wey dey

Default retention: work history logs plus analytics 90 days, configuration plus audit 365 days. Tenants may request shorter or (where enabled) longer retention up to defined limits.

5. Security

We implement encryption in transit plus at rest, tenant isolation, role-based access control, secret management (GCP Secret Manager), audit logging, plus regular threat modeling.

6. Data Sharing plus Subprocessors

We use select infrastructure and service providers (e.g., Google Cloud Platform, MongoDB Atlas, Qdrant Cloud, Stripe, Google Workspace). Each dey under contract with appropriate data protection terms. We do no sell personal data.

7. International Transfers wey dey

Data may be processed in di United States. Where required, transfer mechanisms (e.g., SCCs) dey applied.

8. Your Rights wey dey

Depending on jurisdiction, rights may include: access, correction, deletion, restriction, portability, and objection. Contact us to exercise these rights. We go authenticate requests and respond within statutory timelines.

9. Cookies plus Tracking

We use essential cookies and limited analytics. No third-party advertising networks. Future cookie consent interfaces go appear where legally required.

10. Children wey dey

Di Services dey no directed to children under 16. We do no knowingly collect data from minors. If discovered, we go delete it.

11. Changes

We may update dis policy for legal, technical, or operational reasons. Material changes go be announced via dashboard or email notice.

12. Contact

For privacy inquiries or rights requests: privacy@threada.ai wey dey