Privacy Policy

Last updated: March 31, 2026

This Privacy Policy describes how cileria GmbH (“cileria”, “we”, “us”, or “our”) collects, uses, stores, and discloses information when you use our Node Architect SaaS platform (the “Platform”), the Node Architect desktop application (the “App”), and any related services, websites, or APIs (collectively, the “Services”).

By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, you must not use the Services.

1. Data Controller

cileria GmbH
Koppenstr. 28
10243 Berlin, Germany
Email: privacy@cileria.com

For purposes of the EU General Data Protection Regulation (GDPR), cileria GmbH is the data controller for the personal data processed through the Services.

2. Data We Collect

2.1 Account Data

When you register for the Platform, we collect:

• Full name
• Email address
• Hashed password (for email/password accounts)
• Google account identifier and profile information (for Google OAuth2 sign-in)
• Billing and payment information (processed and stored by Stripe, Inc.; we receive only a Stripe customer ID, subscription status, and transaction metadata — we do not store credit card numbers)

2.2 Usage Data (Platform & App)

When you use the Services, we automatically collect:

• API key identifiers and authentication tokens
• Token consumption metrics (input tokens, output tokens, total tokens, remaining balance)
• Agent session metadata (session ID, agent name, timestamps, iteration counts)
• Request and response metadata (HTTP status codes, request timestamps, IP addresses)
• Subscription tier, billing cycle dates, and invoice references

2.3 Technical Data (App)

The desktop App may collect:

• Operating system type and version
• App version and build identifier
• Crash reports and error logs (if you opt in)
• LLM provider configuration (provider name only — we never collect or transmit your third-party API keys when using direct Anthropic or OpenAI modes)

2.4 Project Data

When you use the Services in “NodeArchitect” provider mode, your project source code is transmitted to our API server solely for the purpose of AI-powered analysis. Specifically:

• File names, directory structures, and source code contents are sent to our API and forwarded to third-party LLM providers (Anthropic or OpenAI) for processing.
• We do NOT persistently store your source code on our servers. Source code is held only in memory for the duration of the analysis session and is discarded when the session ends or expires (whichever comes first).
• Analysis results (architecture graphs, node summaries, edge analyses) are stored locally on your machine in the ~/.nodearchitect directory. These are not transmitted to our servers unless you explicitly initiate a new analysis session.
• When using direct LLM mode (Anthropic or OpenAI provider), your project data is sent directly from the App to the respective LLM provider and never passes through our servers.

2.5 Cookies and Local Storage

The Platform uses:

• Session cookies (strictly necessary for authentication)
• Theme preference (stored in localStorage, not transmitted to our servers)
• No third-party tracking cookies or advertising cookies

2.6 Data We Do NOT Collect

• We do not collect or store your credit card numbers (handled entirely by Stripe)
• We do not collect your third-party API keys (Anthropic, OpenAI) when you use direct LLM mode in the App
• We do not collect files matching .env patterns or files commonly containing secrets (these are explicitly excluded during project analysis)

3. How We Use Your Data

We process your personal data for the following purposes and legal bases:

3.1 Contract Performance (Art. 6(1)(b) GDPR)

• Providing, maintaining, and improving the Services
• Processing subscriptions, payments, and invoices via Stripe
• Authenticating your identity and managing your account
• Enforcing token budgets and usage limits
• Delivering AI-powered project analysis through LLM providers

3.2 Legitimate Interests (Art. 6(1)(f) GDPR)

• Preventing fraud, abuse, and unauthorized access (rate limiting, API key validation)
• Monitoring service health, performance, and error rates
• Generating aggregated, anonymized usage statistics to improve the Services
• Communicating service-related notices (downtime, security incidents, policy changes)

3.3 Consent (Art. 6(1)(a) GDPR)

• Sending marketing communications (only with your explicit opt-in; you may withdraw consent at any time)
• Processing crash reports from the desktop App (opt-in)

3.4 Legal Obligation (Art. 6(1)(c) GDPR)

• Retaining invoicing and transaction records as required by German tax law (typically 10 years under §147 AO)

4. Third-Party Service Providers

We share data with the following categories of third-party processors, solely to the extent necessary to provide the Services:

4.1 LLM Providers

Anthropic, PBC (San Francisco, USA) and OpenAI, Inc. (San Francisco, USA) — process project data for AI analysis. Your project data is transmitted to these providers only during active analysis sessions and is subject to their respective privacy policies and data processing terms. Transfer mechanism: EU Standard Contractual Clauses (SCCs).

4.2 Payment Processing

Stripe, Inc. (San Francisco, USA) — processes payments, manages subscriptions, stores payment methods, and generates invoices. Transfer mechanism: Stripe's GDPR-compliant Data Processing Agreement and SCCs.

4.3 Email

Resend, Inc. — sends transactional emails (account verification, password resets, payment receipts). Transfer mechanism: Data Processing Agreement with SCCs.

4.4 Infrastructure

Hosting and database providers as necessary to operate the Services. We ensure all sub-processors maintain appropriate technical and organizational measures and are bound by data processing agreements compliant with Art. 28 GDPR.

We do NOT sell, rent, or trade your personal data to third parties for marketing or advertising purposes.

5. International Data Transfers

Some of our third-party processors are located in the United States. Where personal data is transferred outside the European Economic Area (EEA), we rely on:

• EU Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions where applicable
• Additional technical and organizational safeguards (encryption in transit and at rest)

6. Data Retention

• Account data: retained for the duration of your account plus 30 days after deletion, unless longer retention is required by law.
• Usage and token consumption data: retained for 12 months after generation, then anonymized or deleted.
• Agent session data: automatically deleted 10 minutes after session inactivity (or upon session completion).
• Project source code: NOT persistently stored; held only in memory for the duration of the analysis session.
• Invoicing and payment records: retained for 10 years as required by German tax law (§147 AO, §257 HGB).
• Crash reports: retained for 90 days.

7. Data Security

We implement appropriate technical and organizational measures to protect your data, including but not limited to:

• Encryption of data in transit (TLS 1.2+)
• Encryption of sensitive data at rest (database-level encryption)
• Passwords hashed with bcrypt (never stored in plaintext)
• API key authentication with rate limiting
• Role-based access controls for internal systems
• Regular security reviews and dependency updates

While we take reasonable precautions, no method of transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

8. Your Rights (EEA/GDPR)

Under the GDPR, you have the following rights regarding your personal data:

• Right of Access (Art. 15): You may request a copy of the personal data we hold about you.
• Right to Rectification (Art. 16): You may request correction of inaccurate or incomplete personal data.
• Right to Erasure (Art. 17): You may request deletion of your personal data, subject to legal retention obligations.
• Right to Restriction of Processing (Art. 18): You may request that we restrict processing of your data in certain circumstances.
• Right to Data Portability (Art. 20): You may request your data in a structured, machine-readable format.
• Right to Object (Art. 21): You may object to processing based on legitimate interests at any time.
• Right to Withdraw Consent (Art. 7(3)): Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at privacy@cileria.com. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection supervisory authority.

9. Account Deletion

You may request deletion of your account at any time by contacting privacy@cileria.com or through the account settings in the Platform. Upon deletion:

• Your personal data will be removed within 30 days.
• Data subject to legal retention obligations (invoices, tax records) will be retained for the legally required period and then deleted.
• Locally stored analysis data on your machine (in ~/.nodearchitect) is not affected by account deletion and remains under your control.

10. Children

The Services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that a child under 16 has provided us with personal data, we will take steps to delete it promptly.

11. Desktop App — Specific Provisions

11.1 Local Processing

When using the App with direct LLM providers (Anthropic or OpenAI), your project data is processed locally on your device and sent directly to the chosen LLM provider. Our servers are not involved. cileria is not the data controller for data processed exclusively between your device and third-party LLM providers.

11.2 Local Storage

The App stores configuration, analysis results, and project metadata locally on your machine (typically in ~/.nodearchitect). This data does not leave your device unless you connect to the NodeArchitect API.

11.3 NodeArchitect API Mode

When using the App with the “NodeArchitect” provider, data is transmitted to our API server as described in Section 2.4. Token usage is tracked and deducted from your account balance.

12. Limitation of Liability for Data Processing

To the maximum extent permitted by applicable law:

• cileria shall not be liable for any data loss, unauthorized access, or breach resulting from circumstances beyond our reasonable control, including but not limited to third-party service provider failures, force majeure events, or user negligence (e.g., sharing API keys or credentials).
• cileria's total liability for any claims arising from data processing under this Privacy Policy shall not exceed the fees paid by you to cileria in the 12 months preceding the claim.
• cileria is not responsible for the privacy practices or data handling of third-party LLM providers (Anthropic, OpenAI) when you use direct LLM mode. You are encouraged to review their respective privacy policies.

13. Indemnification

You agree to indemnify and hold harmless cileria GmbH, its officers, directors, employees, and agents from any claims, damages, losses, or expenses (including reasonable attorneys' fees) arising from:

• Your violation of this Privacy Policy or applicable data protection laws
• Your misuse of the Services
• Any data you submit through the Services that infringes third-party rights

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Platform with a revised “Last updated” date and sending an email notification for significant changes. Your continued use of the Services after such changes constitutes acceptance of the updated Privacy Policy. If you disagree with any changes, you must stop using the Services and delete your account.

15. Governing Law and Jurisdiction

This Privacy Policy is governed by the laws of the Federal Republic of Germany. Any disputes arising from or relating to this Privacy Policy shall be subject to the exclusive jurisdiction of the courts in Berlin, Germany, unless mandatory consumer protection laws provide otherwise.

16. Contact

For questions, concerns, or requests regarding this Privacy Policy or our data practices:

cileria GmbH
Koppenstr. 28
10243 Berlin, Germany
Email: privacy@cileria.com

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the competent German data protection supervisory authority.