1. Who We Are
CerebroLabs is an initiative of Rosario Data Solutions, based in Rosario, Santa Fe, Argentina. We operate Cerebro (cerebrolabs.tech). For privacy inquiries: contacto@cerebrolabs.tech
2. Data We Collect
Account data: email address, name, and password hash upon registration.
Code and project data: source code files you upload or sync for analysis. This data is used exclusively to build your personal knowledge graph.
Usage data: API call logs, feature usage patterns, error reports. This data is anonymized and used to improve the Service.
Billing data: handled entirely by Paddle. We do not store credit card numbers or payment details.
Technical data: IP address, browser/client type, session tokens (for authentication).
3. How We Use Your Data
- To provide and operate the Service.
- To authenticate your account and maintain session security.
- To process billing via Paddle (we share your email with Paddle for this purpose).
- To send transactional emails (account confirmations, billing notifications, material policy changes).
- To improve the platform using anonymized analytics.
We do not use your data for advertising. We do not sell your data to third parties.
4. Third-Party Services
To operate Cerebro, we use the following third-party processors:
| Service | Purpose | Privacy Policy |
|---|---|---|
| Neo4j AuraDB | Graph database (code relationships) | neo4j.com/privacy |
| MongoDB Atlas | Document storage | mongodb.com/legal/privacy-policy |
| Qdrant Cloud | Vector embeddings | qdrant.tech/legal/privacy |
| Supabase | User accounts, billing metadata | supabase.com/privacy |
| Redis Cloud | Session caching | redis.io/legal/privacy-policy |
| Paddle | Payment processing | paddle.com/privacy |
| Google Analytics | Website usage analytics (pages visited, session duration, device/browser info) | policies.google.com/privacy |
Cerebro uses a BYOK (Bring Your Own Key) model. Your code data is sent directly to the LLM provider you choose using your own API key — OpenAI, Anthropic, or others. CerebroLabs does not transmit your code to any LLM provider. The terms governing that data transmission are those of your chosen provider.
5. Data Isolation
Cerebro uses a database-per-user architecture. Your Neo4j, MongoDB, Qdrant, and Redis instances are isolated from other users. No other tenant can access your code graphs, documents, or embeddings.
6. Data Retention
- Active account: data retained for the duration of your subscription.
- After cancellation: data retained for 30 days to allow export.
- After 30 days: data is permanently deleted from all systems.
- You can request immediate deletion at any time (see Section 8).
7. Cookies
We use session cookies only for authentication. We do not use tracking cookies, advertising pixels, or third-party analytics cookies.
8. Your Rights
You have the right to:
- Access: request a copy of your personal data.
- Portability: export your code graphs and conversation history.
- Correction: update inaccurate account information.
- Deletion: request permanent deletion of your account and all associated data.
- Objection: opt out of any non-essential data processing.
To exercise these rights, email contacto@cerebrolabs.tech. We will respond within 30 days.
9. GDPR Notice (EU Users)
If you are located in the European Union, you have additional rights under the GDPR. Our legal basis for processing is contract performance (to provide the Service you subscribed to) and legitimate interests (platform security and improvement). You may lodge a complaint with your local Data Protection Authority.
10. Argentine Data Protection Law — Ley 25.326
Si usted se encuentra en la República Argentina, sus datos personales son tratados conforme a la Ley 25.326 de Protección de los Datos Personales y sus normas reglamentarias.
CerebroLabs / Rosario Data Solutions se encuentra en proceso de inscripción ante la Dirección Nacional de Protección de Datos Personales (DNPDP) como responsable del tratamiento de datos personales.
Usted tiene derecho a acceder, rectificar, actualizar y suprimir sus datos personales de forma gratuita, conforme al artículo 14 de dicha ley. Para ejercer estos derechos, contáctenos en contacto@cerebrolabs.tech.
La DNPDP actúa como autoridad de control. Puede presentar una denuncia ante la DNPDP en argentina.gob.ar/aaip si considera que sus derechos han sido vulnerados.
11. Data Security
We implement industry-standard security measures including encryption in transit (TLS), encryption at rest, isolated database instances per user, and API key-based access control. No system is 100% secure; we will notify you promptly in case of a data breach affecting your account.
12. Children’s Privacy
The Service is not directed to individuals under 18. We do not knowingly collect data from minors.
13. Changes to This Policy
We will notify you by email at least 15 days before material changes take effect. The latest version is always available at cerebrolabs.tech/legal/privacy-policy.html
14. Contact
CerebroLabs / Rosario Data Solutions
Email: contacto@cerebrolabs.tech
Web: cerebrolabs.tech