Privacy Policy

Last updated: October 2, 2025

Celeria ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services.

1. Information We Collect

1.1 Information You Provide

• Account Information: Name, email address, password, and organization details
• Profile Information: Additional details you choose to provide in your profile
• Payment Information: Billing details and payment method information (processed securely through third-party payment processors)
• Content: Agent configurations, prompts, session data, and any other content you create or upload to the platform

1.2 Automatically Collected Information

• Usage Data: Information about how you interact with our services, including features used, sessions created, and actions performed
• Device Information: IP address, browser type, operating system, and device identifiers
• Log Data: Server logs, error reports, and performance metrics
• Cookies and Tracking: We use cookies and similar technologies to enhance your experience and analyze usage patterns

2. How We Use Your Information

We use the collected information for the following purposes:

• To provide, maintain, and improve our services
• To process transactions and send related information
• To send administrative information, updates, and security alerts
• To respond to your requests and provide customer support
• To monitor and analyze usage patterns and trends
• To detect, prevent, and address technical issues and security threats
• To comply with legal obligations and enforce our terms

3. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

• With Your Consent: When you direct us to share information with third parties
• Service Providers: With third-party vendors who perform services on our behalf (e.g., hosting, analytics, payment processing)
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• Legal Requirements: When required by law or to protect rights, property, or safety
• Organization Members: Information may be shared with other members of your organization as configured in your account settings

4. Data Security

We implement appropriate technical and organizational security measures to protect your information against unauthorized access, alteration, disclosure, or destruction. However, no internet transmission is completely secure, and we cannot guarantee absolute security.

5. Data Retention

We retain your information for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. You may request deletion of your account and associated data at any time.

6. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

• Access, update, or correct your information
• Request deletion of your account and data
• Object to or restrict certain processing of your information
• Export your data in a portable format
• Withdraw consent where processing is based on consent
• Opt-out of marketing communications

7. AI and Third-Party Processing

7.1 AI Model Providers

When you use our AI features, your prompts, content, session data, and usage information may be processed by third-party AI model providers including OpenAI, Anthropic, Google, and others. These providers:

• Process data according to their own privacy policies and terms of service
• May store data temporarily for abuse monitoring and service improvement
• Operate under enterprise agreements that prohibit using your data for model training
• May process data in jurisdictions outside your country of residence, including the United States

7.2 Custom Integrations

Our platform supports custom integrations including Model Context Protocol (MCP) configurations, webhooks, and OAuth-connected services. When you configure these integrations, YOU are responsible for:

• Understanding what data is shared with the third-party services you connect
• Ensuring compliance with applicable data protection laws for your integrations
• Vetting integration providers' security and privacy practices
• Obtaining necessary consents for data sharing through your configured integrations

We are not responsible for the privacy or security practices of third-party services you choose to integrate with our platform.

7.3 Sub-Processors

We engage sub-processors to provide our Services, including cloud infrastructure providers, AI model providers, payment processors, and analytics services. A current list of sub-processors is available upon request at privacy@celeria.ai.

8. Automated Decision-Making

Our AI features are designed to assist, not replace, human judgment. You must not use our Services for automated decisions that produce legal effects or similarly significantly affect individuals without human oversight and appropriate safeguards, unless you have proper legal bases and mechanisms in place as required by applicable law (including GDPR Article 22 and similar regulations).

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States where our AI providers and infrastructure partners operate. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable law, including Standard Contractual Clauses (SCCs) for transfers from the European Economic Area.

10. Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. Your Privacy Rights - Detailed Procedures

11.1 GDPR Rights (European Economic Area)

If you are located in the EEA, you have the following rights:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

We will respond to requests within 30 days. To exercise these rights, contact us at privacy@celeria.ai.

11.2 CCPA/CPRA Rights (California Residents)

California residents have the right to:

• Know what personal information we collect, use, disclose, and sell
• Request deletion of personal information
• Opt-out of the sale or sharing of personal information (we do not sell personal information)
• Correct inaccurate personal information
• Limit use of sensitive personal information
• Non-discrimination for exercising your rights

To exercise these rights, email privacy@celeria.ai. You may designate an authorized agent to make requests on your behalf.

11.3 Processing Requests

When you submit a privacy request, we will:

• Verify your identity to protect your information
• Respond within 30 days (GDPR) or 45 days (CCPA), with possible extensions
• Provide requested information free of charge for initial requests
• Notify you if we cannot fulfill your request and explain why

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of our services constitutes acceptance of the updated policy.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our privacy practices, please contact us at:

Email: privacy@celeria.ai
Address: Celeria, Inc., 131 Continental Dr, Suite 305, Newark, DE 19713, United States