Privacy

What we hold,
and how.

Decklog keeps a newbuild's technical correspondence — comments, decisions, drawings and the messages around them. That is sensitive commercial data. This page sets out what we collect, where it lives, who processes it, and how long we keep it.

LAST UPDATED 14 JUNE 2026

Who we are

Decklog is operated by [operating entity — to be completed], the data controller for the account and billing data you give us, and a data processor for the project content your organisation puts into the service. Reach us at privacy@decklog.eu.

What we collect

  • Account & billing — name, work email, organisation, and the subscription details processed by our payment provider. We never see or store full card numbers.
  • Project content — the comment sheets, emails, drawings, decisions and responses your team ingests or creates. This is your organisation's data; we process it only to provide the service.
  • Operational logs — authentication events, request metadata and error diagnostics needed to run and secure the service.

Where your data lives

Project data and the event record are stored in the European Union (Neon Postgres, eu-central-1). Application functions run in the EU region (fra1). We keep data in the EU so it stays under EU data-protection law.

Sub-processors

We use a small set of vendors to run the service. Each processes only what its job requires:

  • Neon — managed Postgres (project data, the event record). EU region.
  • Vercel — application hosting and delivery.
  • Anthropic and Voyage AI — AI extraction, classification and retrieval. Project content sent to these APIs is processed to provide the service and is not used to train their models under their API terms.
  • Amazon Web Services (SES) — inbound and outbound email.
  • Stripe — subscription billing and payment processing.

We will keep this list current and give notice of material changes. A signed Data Processing Agreement is available to customers on request.

How we use AI

Decklog uses AI to read, structure and answer questions about your project record. AI output is always traceable to its source and, for anything that leaves your organisation, requires a named human sign-off. We do not make automated decisions that produce legal or similarly significant effects without a person in the loop.

Retention

The project record is append-only by design — corrections are new events, not edits — so the history of a newbuild stays intact for as long as your account is active. On termination, we return or delete project data on request, subject to any retention we are legally required to keep. Billing records are retained as required by law.

Your rights

Where the GDPR applies, you have rights of access, rectification, erasure, restriction, portability and objection. For project content, the controller is your organisation; we will assist them in meeting your request. Contact privacy@decklog.eu and we will respond within the timeframes the law requires.

Security

Data is encrypted in transit. Tenant data is scoped per organisation and project on every read and write. The event record is hash-chained per project so tampering is detectable. We describe our posture honestly and do not claim certifications we do not yet hold.

Changes

We will post changes here and update the date above. Material changes affecting how we process project content will be notified to account administrators.

This page describes our practices in plain language; it is reviewed with counsel before launch and is not a substitute for the contractual terms in your order form and DPA.