Eigent AI
Security & TrustSubprocessorsTermsPrivacyRefund & Trial

Privacy Policy

Last Updated: June 16, 2026

1. Introduction

Eigent UK Ltd ("Eigent", "we", "us") respects your privacy. This Privacy Policy explains how we collect, use, and share personal information in connection with:

  • our websites (including www.eigent.ai);
  • our marketing, sales, and support activities; and
  • our careers and recruiting activities; and
  • our enterprise licensing, cloud-connected services, support, and professional services.

This Policy distinguishes between:

  • Cloud-Connected Services hosted by Eigent; and
  • Enterprise Local Deployment (On-Prem / Private Cloud) where Eigent software runs entirely in the customer's environment.

This Policy does not grant Eigent rights to access your business data processed within your own infrastructure.

1.1 Data Protection Roles

Eigent acts as a controller for personal information we process for our own business purposes, including account administration, billing, licensing, website analytics, marketing, sales, security, and customer relationship management.

Where Eigent processes Customer Data on behalf of an enterprise customer through Cloud-Connected Services, support, or professional services, Eigent acts as a processor / service provider, and that processing is governed by the applicable Data Processing Addendum ("DPA") or other written agreement.

For Enterprise Local Deployment, Eigent does not act as a controller or processor of Customer Data processed inside your own environment in the normal operation of the software. You are responsible for how you process that data. If you choose to provide logs, screenshots, sample files, remote-access content, or other materials to Eigent for support or professional services, Eigent may process those materials as Support Data under the applicable agreement or DPA.

1.2 Legal Basis for Processing (For EEA/UK/Switzerland Users)

We process your personal information based on one or more of the following legal grounds:

  • Performance of a Contract: To provide the services you have requested under our Terms of Service.

  • Legitimate Interests: For our operational, security, and business improvement purposes, where our interests are not overridden by your data protection rights.

  • Consent: In specific cases where we clearly ask for and you provide your consent (e.g., for certain marketing communications).

  • Legal Obligation: To comply with our legal and regulatory responsibilities.

2. Data Collection by Deployment Type

2.1 Website, Marketing, Sales, and Support Visitors

When you visit our website, contact us, subscribe to updates, download materials, request a demo, attend an event, or communicate with our sales or support teams, we may collect:

  • Website and Device Data - IP address, device identifiers, browser type, operating system, referring pages, pages viewed, timestamps, approximate location, and cookie or similar technology data.

  • Contact and Marketing Data - Name, business email, company, role, region, communication preferences, form submissions, event registrations, newsletter subscriptions, and related communications.

  • Sales and Support Data - Messages, support requests, call notes, ticket information, attachments you provide, and other information you choose to share with us.

2.2 Users of Cloud-Connected Services

If you use an Eigent-hosted cloud-connected service, we may collect:

  • Account Data - Name, business email, username, password (hashed), company, role, and similar details.

  • Usage Data - Logs relating to your use of the cloud service: timestamps, features used, configuration metadata, and error logs.

  • Content Needed to Provide the Service - Inputs, prompts, instructions, outputs, generated content, files, seed data, sample data, configuration materials, and similar content to the extent necessary to process your requests, configure workflows, test or evaluate functionality, and deliver the service.

Model Training, Derived Data, and Anonymous Data. Eigent will not directly use Customer Data, including prompts, inputs, outputs, files, or other Customer Content, in its original or identifiable form to train, fine-tune, or improve AI or machine learning models.

For the avoidance of doubt, Eigent may use data derived from the operation and use of the Services only where such data has been aggregated, synthesized, anonymized, or otherwise rendered non-personal under applicable data protection laws ("Derived Data"). Derived Data shall not include Customer Data in its original or identifiable form, Customer Confidential Information, Personal Data, or any information that could reasonably identify Customer, its users, or any individual.

Customer acknowledges that Eigent owns all rights, title, and interest in and to Derived Data and may use such Derived Data for lawful business purposes, including analytics, benchmarking, product improvement, service optimization, security monitoring, and commercialization, provided that such use does not disclose Customer Confidential Information, Personal Data, or any identifiable information.

2.3 Users of the Enterprise Local Deployment (On-Prem / Private Cloud)

For enterprise local deployments, the software runs fully within your environment. In the normal operation of the software, Eigent does not collect, view, or store Customer Data processed inside your own environment. We collect minimal data:

  • No Content Access by Default.

    Eigent does not collect, view, or store your prompts, tasks, Inputs, Outputs, files, terminal logs, or browser automation content processed by the local deployment. These remain strictly within your local infrastructure or private cloud.

  • Licence and Entitlement Verification.

    To manage your Commercial License, we may process:

    • a licence key or licence ID;
    • a cryptographic hash or token derived from your installation or workspace;
    • business contact details for your nominated admins.

    This is to verify that your use complies with your licence terms.

  • Optional Error Reporting / Telemetry.

    The local software may include an optional error-reporting feature which can be enabled or disabled by your administrator.

    When enabled, it may send crash reports or diagnostic logs to Eigent.

    You can configure the level of detail, and you should avoid including unnecessary personal data in such logs.

If you send us logs, screenshots, seed data, sample data, configuration materials, remote-access content, or other materials as part of a support, onboarding, testing, configuration, or professional-services request, any personal information in those materials will be processed as Support Data under the DPA (if applicable).

2.4 Career Applicants and Recruiting

If you apply for a role or otherwise participate in recruiting, we may collect applicant contact details, role preferences, resume or portfolio materials, introductions, visa-support information, interview notes, and related recruiting communications.

We use this information to evaluate applications, communicate with candidates, manage recruiting workflows, and comply with legal obligations.

2.5 Customer-Selected Third-Party Services

Eigent allows customers to connect their own cloud platforms, model APIs, MCP tools, Git providers, communication tools, data sources, and other third-party services. In customer-controlled deployments and bring-your-own-key workflows, those services are selected and configured by the customer and are governed by the customer's own agreements with those providers.

Customer-selected third-party services are not Eigent subprocessors. A current public summary of Customer Data subprocessors used for applicable Eigent-operated services is available at https://www.eigent.ai/trust/subprocessors.

3. How We Use Personal Information

We use personal information for purposes including:

  • Providing and Supporting Services

    • registering and managing accounts and licences;
    • delivering downloads, documentation, and support;
    • handling support tickets and troubleshooting requests.

  • Operating, Securing, and Improving Our Business

    • monitoring and improving website performance;
    • configuring, initializing, testing, evaluating, debugging, and improving services, customer-specific workflows, templates, automations, and related service functionality;
    • creating and using Derived Data for lawful business purposes, including analytics, benchmarking, product improvement, service optimization, security monitoring, and commercialization, as described above;
    • detecting and preventing security incidents, fraud, or abuse;

  • Managing Customer Relationships

    • communicating with business contacts;
    • handling renewals, upgrades, and commercial discussions;
    • sending administrative or transactional messages.

  • Recruiting and Hiring

    • reviewing applications;
    • communicating with candidates;
    • managing recruiting workflows.

  • Legal and Compliance

    • meeting our legal and regulatory obligations;
    • responding to lawful requests;
    • enforcing agreements and protecting rights.

4. How We Share Personal Information

We may share personal information with:

  • Service Providers – e.g. hosting providers, authentication providers, analytics tools, CRM tools, billing systems, payment processors, email providers, recruiting workflow tools, and professional advisers, who process data on our behalf under confidentiality and data-protection obligations.

  • Business Partners / Resellers – where you purchase through a partner, we may share business contact and transaction data necessary to fulfil your order and provide support.

  • Legal / Safety – where required by law or necessary to protect our rights, property, or safety, or those of others.

  • Corporate Transactions – in connection with a merger, acquisition, financing, or sale of our business.

We do not sell personal information, and we do not share Customer Data from your local deployment with third parties for their own purposes.

For applicable Cloud-Connected Services, support, and professional services, third-party service providers that process Customer Data on behalf of Eigent may be subprocessors. The current public Customer Data subprocessor summary is available at https://www.eigent.ai/trust/subprocessors and may be supplemented by the applicable DPA, Order Form, or enterprise deployment documentation. Other service providers used for website, billing, analytics, recruiting, customer communications, or internal business operations are described by category in this Privacy Policy and are not treated as Customer Data subprocessors unless they process Customer Data on behalf of Eigent for the Services.

5. International Data Transfers

We are headquartered in the United Kingdom. Personal information may be transferred to and processed in countries other than your own, including the United States and other jurisdictions where our service providers operate. These countries may have data protection laws that differ from those in your country.

Safeguards for Protected Transfers: When we transfer personal information from the UK, European Economic Area (EEA), Switzerland, or other regions with restricted transfer requirements, we rely on legally approved mechanisms to ensure adequate protection. These include:

  • The European Commission's Standard Contractual Clauses (SCCs).
  • The UK's International Data Transfer Agreement (IDTA) or Addendum to the SCCs.
  • For transfers to the U.S., we ensure recipients participate in or provide equivalent protection under frameworks like the EU-U.S. Data Privacy Framework (EU-U.S. DPF) where applicable.

You may request a copy of the specific safeguards applicable to your data by contacting us using the details in Section 9.

6. Data Security

We use technical and organisational measures designed to protect personal information under our control.

For Enterprise Local Deployment, you are responsible for:

  • securing your own infrastructure;
  • managing access controls to your local deployment; and
  • applying appropriate encryption, backup, and retention policies for Customer Data.

Because we do not host your runtime in this model, we cannot secure the environment on your behalf.

7. Data Retention

We retain personal information only as long as reasonably necessary to:

  • provide services and manage our relationship with you;
  • comply with legal, tax, and accounting obligations; and
  • resolve disputes and enforce agreements.

When information is no longer needed, we will delete or anonymise it or, where that is not possible (e.g. in backups), securely store and isolate it until deletion is feasible.

8. Your Rights and Choices

Depending on your jurisdiction, you may have rights to:

  • access personal information we hold about you;
  • request correction or deletion;
  • object to or restrict certain processing;
  • withdraw consent (where processing is based on consent);
  • receive a copy of certain information in a portable format.

To exercise your rights, contact us using the details below. We will respond to requests from individuals in the EEA/UK/Switzerland within one month as required by law. We may need to verify your identity, which may include requesting additional information from you.

9. Limitations

We implement commercially reasonable technical, administrative, and organizational safeguards designed to protect personal data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no internet or email transmission can ever be completely secure or error-free. You should therefore exercise particular caution when deciding what information to provide through our services. In addition, we shall not be liable for any circumvention of privacy settings or security measures contained in our services or on any third-party websites.

10. Changes to This Policy

We may update this Policy periodically. The "Last Updated" date at the top will indicate when changes were made. We will notify you of material changes via email or through the Service interface. Your continued use after such notice constitutes acceptance of the updated Policy.

11. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to the rights and freedoms of individuals, we will notify the relevant supervisory authorities without undue delay and, where feasible, within 72 hours of becoming aware of it, as required by applicable law. If the breach is likely to result in a high risk to affected individuals, we will also notify those individuals without undue delay, as required by law.

12. Contact Us

If you have questions about this Policy or wish to exercise your rights:

  • Email: info@eigent.ai

You also have the right to lodge a complaint with a competent data protection authority (e.g. the UK Information Commissioner's Office, an EU supervisory authority, or the Personal Information Protection Commission in Japan, depending on where you are located).



For questions about these policies, please contact us at info@eigent.ai or visit our website at www.eigent.ai.

© 2025 Eigent.AI All rights reserved.

© 2026 Eigent.AI All rights reserved.

security@eigent.ai