Legal
Privacy Policy
Gnesis collects only what we need to run your account and serve your customers. This page explains exactly what we collect, why, where it lives, and how to remove it.
What we collect
Account data (email, name, organization), billing data (Stripe handles card numbers; we keep the customer id and the last four digits), and product telemetry (the conversations you have with Shakeeb, the builds you trigger, the deploys you approve). We do not sell or share telemetry with anyone.
Where it lives
All customer data lives in EU PostgreSQL (Hetzner Falkenstein and Helsinki). Build artifacts live in object storage in the same region. Stripe holds card and tax data per their PCI-compliant infrastructure. We do not transfer data outside the EU without explicit consent.
Your rights (GDPR)
You can export everything we have about you in machine-readable JSON. You can delete your account; deletion is a 30-day cooling window during which you can restore, after which everything is purged from primary storage and replication mirrors within 7 days. Email [email protected] to start either flow, or use Settings → Account → Privacy from inside the product.
Subprocessors
Hetzner (hosting), Cloudflare (DNS + CDN + DDoS), Stripe (billing), Resend (transactional email), OpenRouter (model inference). The current list is published; we give 30 days notice before adding anyone.
Contact
Privacy questions: [email protected]. Security disclosures: [email protected]. Both inboxes are monitored by a real person, not a bot, during European business hours.
Terms of Service
These terms apply to anyone who uses Gnesis. They are written in plain English; if anything is unclear, write to [email protected] and we will rewrite it.
Acceptable use
Do not use Gnesis to build products that violate the law where you operate or where your users are. Do not use Gnesis to deliberately attack other systems. We reserve the right to suspend accounts that we believe are doing either, after a written notice except in the case of immediate safety risk.
Who owns what
You own the code Gnesis generates for your project. You own the data your customers create inside that project. We own Aleph and the Gnesis platform; you do not get a license to redistribute either.
Billing
Subscriptions are paid monthly in advance. Failed AI requests are excluded from your bill (Domain Rule 2). If your subscription lapses, builds pause but data stays read-only; nothing is deleted (Domain Rule 3). Refunds are at our discretion and we are generally generous about them.
Termination
You can cancel at any time from Settings. Cancellation takes effect at the end of the current billing period; pro-rated refunds are issued when the cause is on our side (extended outage, broken core feature).
Security Policy
We publish how Gnesis is secured because security through obscurity does not scale. If you find a vulnerability, email [email protected] — we acknowledge within 24 hours and pay bounties post-launch.
Tenant isolation
Every customer organization is a Postgres tenant enforced via row-level security (Domain Rule 5). Generated user code runs in isolated ephemeral containers, never on platform servers (Domain Rule 6). Aleph is never exposed to user code — no API, no file path, no error message (Domain Rule 7).
Compliance posture
GDPR (consent, deletion, portability), SOC 2 (audit logs, access controls, encryption), HIPAA-ready (standards followed; certification not yet completed). Bug bounty stands up post-launch; penetration testing follows when the customer mix justifies it.
Incident response
On-call rotation covers all severity-1 issues within 30 minutes during European business hours, within 2 hours otherwise. Post-mortems for any incident over 30 minutes are published to /status within 7 days. Customer-impacting incidents trigger email + in-app notification.
Coordinated disclosure
Send vulnerability reports to [email protected] with a clear reproduction. We acknowledge within 24 hours, share a fix timeline within 7 days, and credit you on the changelog (optional). Bounty payouts begin once Stripe live-mode ships.