Effective Date: 29-Oct-2025
Privacy Statement
Introduction
When you use our services, we’re collecting your personal data to support those services. Data privacy is important to us at Austerlitz Labs. This Privacy Policy details our use of personal data and your privacy rights and choices available to you. Austerlitz Labs is a Sub Processor that collects, processes and uses data in accordance with the purpose and means of personal data processing agreed with the Data Controller. Austerlitz Labs acts as the data controller for personal data collected through our applications.
How we use personal data
Your data is collected to help us:
- Provide support and troubleshooting when using our services.
- Analyse and improve our services.
- Meet our legal and compliance obligations.
Personal data we may collect
Austerlitz Labs may collect one or more of the following types of data as a requirement for using our services:
1. Name
2. Contact information
3. Home address
4. Credit card number (processed by Stripe; we do not store card numbers locally)
5. Login and password
6. Usage dataCookies and similar technologies (used to provide and improve services; non-essential cookies only with your consent)
7. Internet Protocol (IP) address
8. Device event information (crashes, system activity, hardware settings, browser type/language, timestamps, referrer)
9. Public blockchain data relevant to the services
When we share your personal data
Your personal data may be shared with third parties under one or more of the following scenarios:
- With the sub processors included in this policy, subject to the agreed terms of service and with a basis of processing in line with this policy.
Your rights
Your privacy rights are outlined below. For further details of these rights or to make a request from us related to these rights, please see the Privacy Requests and Contacts section below and contact us accordingly.
The right to be informed. You have the right to be informed about the collection and use of your personal data, when the data is obtained by us.
The right to access and amend your data. You can access your personal data directly when using our services. You can ask us to explain the means of collection, what data is being processed by us, and anyone that we share it with.
The right to rectify your data. You can amend your personal data directly when using our services.
The right to data erasure. You can request we erase your data within 30 days. We will notify you if that cannot be completed or any implications of doing so for using our services.
The right to transfer your data. You can have your data transferred from one system to another safely and securely.
The right to restrict your data processing. You can request we restrict or suppress your personal data to limit its use.
The right to object to processing. You can object to processing based on our legitimate interests or to direct marketing.
The right to opt-in for sensitive data processing. For any highly sensitive personal data we may collect, we require your explicit consent to opt-in to us processing that data.
The right to opt-in by a parent or guardian. We do not collect data from minors. You are required to be over the age of 16 in order to use our services.
The right not to be subject to fully automated decisions. We do not apply automated processing activities that profile you or make fully automated decisions using your personal data.
These rights are subject to the clauses of the relevant privacy regulations, legal requirements, public interest, and where the above rights may conflict with your use of our services. For any privacy concerns or to request further details of your rights, please see the Privacy Requests and Contacts section below.
Sub-processors and locations
Sub-processor: Clerk
Purpose: Authentication and user management
Data Location: United States
Sub-processor: Stripe
Purpose: Payment processing
Data Location: United States
Sub-processor: Resend
Purpose: Email delivery
Data Location: United States
Sub-processor: PostHog
Purpose: Product analytics and user behavior tracking
Data Location: United States
Sub-processor: Grafana Cloud
Purpose: Monitoring and observability
Data Location: United States, Europe
Sub-processor: TimescaleDB/Supabase
Purpose: Database services
Data Location: United States, Europe
Changes to this policy
We may update this Policy. For significant changes, we will notify you by email or a prominent in-product notice.
Privacy requests and contacts
For further information about our Privacy Policy or practices, or to raise any privacy requests or complaints in relation to your data, please contact our Data Protection Officer at dpo@pimlico.io