Privacy Policy

Last updated: February 9, 2026

This Privacy Policy for Halasi AI Lab ("we," "us," or "our") describes how and why we access, collect, store, use, and/or share ("process") your personal information when you use our services ("Services"), including when you:

  • Visit our website at crewship.dev or any website of ours that links to this Privacy Policy
  • Use the Crewship console, CLI, or API
  • Engage with us in other related ways, including any marketing or events

Questions or concerns? Reading this Privacy Policy will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you have any questions, please contact us at mail@crewship.dev.

1. What Information Do We Collect?

Personal information you provide to us

We collect personal information that you voluntarily provide when you register for the Services, express an interest in obtaining information about us, or otherwise contact us. This may include:

  • Name
  • Email address
  • Organization name
  • Payment and billing information (processed by Stripe)

Sensitive Information. We do not process sensitive personal information.

Payment Data. We may collect data necessary to process your payment if you choose to make purchases. All payment data is handled and stored by Stripe. We do not store your credit card numbers or bank account details on our servers.

Information automatically collected

We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity but may include:

  • IP address
  • Browser and device characteristics
  • Operating system
  • Referring URLs
  • Device name, country, and location
  • Information about how and when you use our Services

This information is primarily needed to maintain the security and operation of our Services and for internal analytics and reporting.

Data you deploy

When you deploy agent workflows through Crewship, we store your deployed code, build artifacts, run logs, and output data. This data is stored to provide the Services and is accessible only to you and members of your organization.

2. How Do We Process Your Information?

We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. Specifically:

  • To facilitate account creation and authentication
  • To deliver and manage the Services you request
  • To process your subscription and billing
  • To send administrative information such as updates and security alerts
  • To respond to your inquiries and provide support
  • To monitor usage for abuse prevention and to enforce our terms
  • To improve and optimize the Services

3. Legal Bases for Processing (EEA, UK, Switzerland)

If you are in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, we rely on the following legal bases to process your personal information:

  • Consent. Where you have given us permission to use your personal information for a specific purpose. You can withdraw your consent at any time.
  • Performance of a Contract. Where processing is necessary to fulfill our contractual obligations to you (i.e., providing the Services).
  • Legitimate Interests. Where processing is necessary for our legitimate business interests, such as improving our Services and preventing fraud, provided these interests do not override your rights.
  • Legal Obligations. Where processing is necessary for compliance with our legal obligations.

4. When and With Whom Do We Share Your Personal Information?

We may share your information with the following categories of third parties:

  • Cloud Infrastructure Providers. We use Cloudflare for hosting and infrastructure services to run the platform.
  • Payment Processor. Stripe processes all payment transactions. Your billing details are shared with Stripe solely for payment processing. See Stripe's Privacy Policy.
  • Analytics. We may use analytics services to understand how users interact with the platform, using aggregated and anonymized data where possible.

We do not sell your personal information. We do not share your deployed code, run data, or agent outputs with any third party.

We may also share your information in the following situations:

  • Business Transfers. In connection with a merger, sale, or acquisition of all or a portion of our business.
  • Legal Requirements. If required by law, regulation, or legal process.

5. International Data Transfers

Our Services are hosted on Cloudflare's global infrastructure. As a result, your personal information may be transferred to and processed in countries outside your country of residence, including countries outside the European Economic Area (EEA), United Kingdom, or Switzerland.

Where such transfers occur, we rely on appropriate safeguards such as standard contractual clauses approved by the European Commission, or the service provider's compliance with recognized data protection frameworks, to ensure your personal information remains protected in accordance with this Privacy Policy and applicable law.

6. Cookies and Tracking Technologies

We use essential cookies to maintain the security and functionality of our Services, such as keeping you logged in. We do not currently use third-party advertising or marketing cookies.

Most browsers allow you to control cookies through their settings. Disabling cookies may affect certain features of the Services, such as authentication.

7. How Long Do We Keep Your Information?

We keep your personal information for as long as it is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required by law. When we have no ongoing legitimate business need to process your personal information, we will delete or anonymize it.

If you delete your account, we will delete your personal information and deployed data within a reasonable timeframe, except where retention is required for legal or compliance purposes.

8. How Do We Keep Your Information Safe?

We implement appropriate technical and organizational security measures to protect the security of your personal information. However, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. We cannot promise that hackers or other unauthorized third parties will not be able to defeat our security measures.

9. Do We Collect Information from Minors?

We do not knowingly collect data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 years old. If we learn that we have collected personal information from a user under 18, we will deactivate the account and delete such data promptly.

10. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access. Request access to and obtain a copy of your personal information.
  • Rectification. Request correction of inaccurate personal data.
  • Erasure. Request deletion of your personal information.
  • Restriction. Request that we restrict the processing of your personal information.
  • Data Portability. Request a copy of your data in a structured, machine-readable format.
  • Objection. Object to the processing of your personal information.
  • Withdraw Consent. If we rely on your consent, you can withdraw it at any time.

To exercise any of these rights, please contact us at mail@crewship.dev. We will respond to your request in accordance with applicable data protection laws.

EEA, UK, and Switzerland

If you are in the EEA or UK and believe we are unlawfully processing your information, you may file a complaint with your local data protection authority. If you are in Switzerland, you may contact the Federal Data Protection and Information Commissioner.

United States

If you are a resident of California or another US state with applicable privacy laws, you may have additional rights including the right to know what personal data we collect, request its deletion, and opt out of the sale of personal data. We do not sell personal data.

11. Do-Not-Track

Most web browsers include a Do-Not-Track ("DNT") feature. There is no uniform technology standard for recognizing DNT signals. We do not currently respond to DNT browser signals.

12. Updates to This Policy

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated date at the top of this page. For material changes, we will notify you via email or through a notice on the platform.

13. Contact Us

If you have questions about this Privacy Policy, contact us at:

Halasi AI Lab
Erlenstrasse 39
6020 Emmen
Switzerland
Email: mail@crewship.dev

14. How Can You Review, Update, or Delete Your Data?

You may have the right to request access to, correction of, or deletion of the personal information we collect from you. To make such a request, please contact us at mail@crewship.dev.