Privacy Policy

We use your data to: • Provide, operate, and maintain the Centrali platform • Authenticate your identity and authorize workspace access • Process payments and manage your subscription • Monitor and improve platform performance, reliability, and security • Detect, prevent, and investigate abuse, fraud, or security incidents • Send transactional communications (account alerts, billing receipts, service notices) • Respond to support requests We may send product update emails. You can unsubscribe from non-transactional emails at any time. We do not sell your data to third parties. We do not use your data to train AI models.

We retain your data for as long as necessary to provide the Service and comply with legal obligations: • Account data — retained for the lifetime of your account, deleted within 90 days of account closure • Usage logs and API logs — retained for up to 90 days for debugging and security purposes • Billing records — retained for 7 years to meet financial and tax obligations • Support communications — retained for up to 2 years • Workspace data (records, files, functions) — deleted within 90 days of workspace deletion or account closure You may request early deletion of your data by contacting privacy@centrali.io.

We share data with trusted subprocessors who help us operate the platform. These providers are contractually required to protect your data and may not use it for their own purposes: • Microsoft Azure — cloud infrastructure, database hosting, file storage (Azure Blob) • Stripe — payment processing and subscription management • Azure Communication Services — transactional email delivery • Microsoft Azure DNS — domain name system and DNS hosting • PostHog (if applicable) — privacy-focused product analytics We will update this list when we add or change subprocessors. For a full subprocessor list or to receive notifications of changes, contact privacy@centrali.io.

Depending on your location, you may have the following rights regarding your personal data: For all users: • Access — request a copy of the personal data we hold about you • Correction — request correction of inaccurate information • Deletion — request deletion of your account and associated personal data • Portability — request your data in a machine-readable format • Opt-out — unsubscribe from marketing communications at any time For EU/EEA and UK users (GDPR): • Object to processing based on legitimate interests • Restrict processing in certain circumstances • Lodge a complaint with your local data protection authority For California residents (CCPA): • Know what categories of personal information we collect and how we use it • Opt out of the sale of personal information (we do not sell personal information) • Non-discrimination for exercising your rights To exercise any of these rights, contact us at privacy@centrali.io. We will respond within 30 days. We may ask you to verify your identity before processing your request.

Centrali operates infrastructure primarily within the European Union and United States. If you access the Service from outside these regions, your data may be transferred to and processed in countries with different data protection laws. For users in the EU/EEA and UK, we rely on standard contractual clauses (SCCs) and other appropriate safeguards to protect your data when it is transferred internationally. By using the Service, you acknowledge that your data may be processed in these locations.

We use cookies and similar technologies for authentication, security, and analytics. Strictly necessary cookies (e.g., session tokens) cannot be disabled without breaking the Service. Optional analytics cookies may be used to understand how the website is used. These are privacy-focused and do not track you across other sites. For full details, see our Cookie Policy at centrali.io/cookies.

Centrali is not intended for individuals under 16 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us at privacy@centrali.io and we will delete it promptly.

We may update this Privacy Policy from time to time. When we make material changes, we will: • Update the "Last Updated" date at the top of this page • Notify registered users by email for significant changes We encourage you to review this policy periodically. Continued use of the Service after changes are posted constitutes your acceptance.

For privacy questions, data requests, or concerns: privacy@centrali.io For security-specific issues: security@centrali.io We aim to respond to all privacy inquiries within 5 business days.