Privacy Policy

Effective: June 1, 2026

This Privacy Policy explains how Agentik SAS(“we”, “us”) handles personal data when you use Guilde(the “Service”). We follow the GDPR (Regulation EU 2016/679) and applicable national rules in France.

1. Data we collect

  • Account data — name, email, organisation, password hash.
  • Usage data — pages viewed, features used, browser and device metadata, IP address (truncated where possible).
  • Content you submit — conversations, files, configurations, connector tokens you upload to operate the Service.
  • Billing data — handled by our payment processor (Stripe); we receive a token and the last 4 digits, never the full card number.

2. Why we process it

  • To provide and secure the Service (contract performance).
  • To send essential service messages and legally required notices (legitimate interest / legal obligation).
  • To detect abuse and prevent fraud (legitimate interest).
  • To send product updates and marketing — only with your consent, and you can opt out at any time.
  • To comply with tax, accounting, and statutory obligations.

3. Sharing

We share data only with processors needed to run the Service — cloud infrastructure (Google Cloud), payment (Stripe), AI providers (e.g. OpenAI, Anthropic) for the requests you trigger, and analytics providers under data-processing agreements. We don't sell your personal data.

4. Retention

Account data is retained while your account is active and for up to 12 months after deletion to handle disputes and legal claims. Anonymised usage data may be retained longer for product analytics. Billing records are kept for the period required by tax law (10 years in France).

5. Your rights (GDPR)

You have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Delete your data (right to erasure).
  • Export your data in a portable format.
  • Object to or restrict processing.
  • Withdraw consent for marketing communications.
  • Lodge a complaint with your local data-protection authority. In France, that's the CNIL (cnil.fr) if applicable.

To exercise any of these, email legal@guilde.work. We respond within 30 days.

6. International transfers

Some processors operate outside the EU/EEA. We rely on the European Commission's Standard Contractual Clauses (SCCs) and additional safeguards where needed.

7. Cookies

We use strictly necessary cookies for session and security, plus optional analytics cookies that load only after you accept them. See the cookie banner on first visit and our cookie policy for the full list.

8. Security

Data is encrypted in transit (TLS) and at rest. Access is limited to the people who need it to operate the Service, under written confidentiality. We'll notify you and the relevant authority within 72 hours of any qualifying personal-data breach.

9. Contact

For any privacy question, write to legal@guilde.work. Postal address: Agentik SAS, France.