Privacy Policy for Iamwendi.ai
Effective Date: 1st of July 2025
1. Who We Are
Iamwendi.ai (“Wendi”) is an enterprise AI agent developed and operated by Cubode LTD (”The company”, “Cubode”, “we”, “us”, “our”), registered in in England and Wales under company number (13981853), with its registered office at C/O Stuart McBain Ltd (Accountants) Unit 14, Tower Street, Brunswick Business Park, Liverpool, England, L3 4BJ.
For the purposes of the EU General Data Protection Regulation and the UK GDPR (“GDPR”), Cubode LTD is the Data Controller of Personal Data processed through Wendi, except where we act strictly on behalf of a customer under a Data Processing Agreement (“DPA”), in which case we are the Data Processor and the customer is the Data Controller.
2. Scope of this Policy
This Policy explains how we collect, use, disclose and safeguard Personal Data when enterprise customers and their authorised users (“Users”) interact with Wendi through:
- The web application at Iamwendi.ai or any white-label sub-domain;
- Cubode-managed API endpoints;
- Integrations with third-party platforms, currently including Zoom, Microsoft Teams, Notion and Linear (collectively, “Connected Platforms”); and
- The tenant-isolated HR Repository available to each subscribing company (“HR Repository”).
3. What Personal Data We Collect
| Category | Examples | Source |
|---|---|---|
| Account Data | Name, business e-mail, role, authentication identifiers (SSO/SCIM), licence tier, billing contact, usage metrics. | Provided by customer admin or identity provider. |
| Integration Tokens & Metadata | OAuth tokens, connection scopes, workspace IDs, meeting IDs, channel or project IDs, file references. | Generated during customer-initiated OAuth flow. |
| Interaction Content | Natural-language prompts, messages, voice/video transcripts (if the customer enables meeting transcription), files or snippets shared with Wendi. | Entered/uploaded by Users; pulled (with consent) from Connected Platforms. |
| HR Repository Data | Company handbooks, policies, procedures, salary bands, company’s organigramme, job descriptions, other documents chosen by the customer. | Uploaded by customer. |
| Diagnostics & Log Data | IP address, device/browser info, timestamps, request/response hashes, API latencies, error traces. | Collected automatically by our services and third-party observability tools. |
We do not intentionally collect special categories of data (e.g., health, biometric, or children’s data). If a customer chooses to store such data in the HR Repository, they are responsible for obtaining all required consents or lawful bases.
4. Purposes & Legal Bases for Processing
| Purpose | Legal Basis (GDPR Art. 6) |
|---|---|
| Provide, secure and maintain Wendi’s core functionality, including prompt processing, retrieval-augmented generation, analytics and customer support. | Art. 6 (1)(b) – Contract performance. |
| Integrate with Connected Platforms to fetch contextual data requested by Users. | Art. 6 (1)(b) – Contract performance. |
| Maintain tenant isolation, role-based access controls and encryption. | Art. 6 (1)(c) – Legal obligation (security), plus (b). |
| Improve models, fine-tune prompts, develop new features, produce aggregated statistics. | Art. 6 (1)(f) – Legitimate interests or Art. 6 (1)(a) – Consent, depending on customer contract. We never include customer-provided confidential data in global training unless expressly permitted. |
| Send administrative or security notifications. | Art. 6 (1)(c) – Legal obligation; Art. 6 (1)(f) – Legitimate interest. |
| Comply with legal requests, detect fraud or abuse. | Art. 6 (1)(c) / (e). |
Where consent is used (e.g., optional beta features), Users may withdraw it at any time via in-product settings or by contacting us.
5. Automated Decision-Making & AI Transparency
Wendi uses large-language-model (“LLM”) sub-processors (currently Google LLC for inference, hosted in the EU or US/EU datacentres) to transform User prompts and contextual data into natural-language responses.
- Human Oversight: Wendi’s output is advisory; users must verify results before acting.
- No Material Automated Decisions: Wendi does not autonomously approve expense claims, hiring decisions or similar legally significant actions unless expressly configured by the customer.
6. Data Sharing & Sub-Processors
We never sell Personal Data. We share it only with:
| Recipient | Role | Safeguards |
|---|---|---|
| Infrastructure-as-a-Service providers (e.g., GCP EU Region) | Hosting, encryption key storage. | EU-hosted; contractual data protection terms; working towards ISO 27001/SOC 2. |
| LLM Inference provider (GCP on EU data centres) | Stateless prompt processing. | EU SCCs + Data Processing Addendum; prompts stored ≤30 days solely for abuse monitoring. |
| Wendi AI System (our own backend) | Retains prompts and responses to personalize user experience and improve AI assistance over time. | Lawful basis: contractual necessity or legitimate interest; user-level deletion supported; stored in secure, access-controlled EU infrastructure. |
| Authentication/SSO providers (if customer opts in) | Identity federation. | Contractual DPA; data minimality. |
| Analytics & Observability vendors | Telemetry and error diagnostics. | Pseudonymisation data; EU datacentres. |
| Professional advisers & auditors | Legal, accounting, security auditing. | Confidentiality agreements. |
| Authorities | Legal compliance. | Only on valid, narrow lawful request. |
A live list of sub-processors and notification mechanism is maintained and available upon request.
7. International Transfers
If Personal Data is transferred outside the UK/EEA to a country without an adequacy decision (e.g., United States), we rely on EU Standard Contractual Clauses (2021/914 & UK Addendum) and risk assessments, plus encryption in transit and at rest.
8. Security Measures
- Tenant Isolation: Separate logical relational and vector databases (RDS & VDB) per customer; row-level access controls for RDS and single corpus level access controls for VDB.
- Encryption: TLS 1.3 in transit; AES-256 at rest.
- Secrets Management: Hardware Security Module–backed KMS.
- Access Controls: SSO/MFA for Cubode staff; least-privilege IAM roles; audited access.
- Pen-Testing & Bug Bounty: Responsible disclosure programme in place. Formal penetration testing by CREST-aligned provider is planned for [Q4 2025].
- BCP & DR: ≤ 15-minute RPO; ≤ 4-hour RTO across primary/secondary regions.
9. Data Retention & Deletion
10. Your Rights
| Data Type | Default Retention | Deletion Method |
|---|---|---|
| Interaction Content | <30 days for inference provider. (Google). Wendi AI retains prompts and responses to personalize user experience. Can be deleted upon user request. | Hard delete from primary & replicas; backups aged-out ≤30 days later. |
| HR Repository | Until customer deletes or contract terminates + 90-day grace period. | Secure wipe (crypto-erase). |
| Account & Billing | 6 years post-termination (statutory). | Archival deletion after statutory limit. |
| Logs & Telemetry | 12 months rolling. | Aggregated/anon retained, raw logs deleted. |
Under GDPR/UK GDPR you may have the right to:
- Access your Personal Data;
- Rectify inaccurate data;
- Erase data (“right to be forgotten”);
- Restrict or object to processing;
- Data portability;
- Lodge a complaint with your Supervisory Authority (see § 12).
Requests may be submitted via privacy@iamwendi.ai or the in-product DSR portal. We will verify identity and respond within one month (extendable by two months for complex requests).
11. Data Subject Requests from End-Employees
Because Wendi is deployed within enterprises, many requests must be routed through the customer’s admin (Data Controller). Where Cubode acts as Processor, we will forward the request to the Controller and assist them under the DPA.
12. Supervisory Authority
If you believe we have not handled your request correctly, you may complain to your local authority.
13. Children
Wendi is designed exclusively for enterprise customers. We do not knowingly process data of anyone under 16. If you become aware of such data, please contact us for prompt deletion.
14. Data Breach Notification
In the event of a Personal Data Breach likely to result in risk to individuals’ rights and freedoms, The company will notify affected customers without undue delay and, where required, the relevant Supervisory Authority within 72 hours, in line with art. 33 & 34 GDPR and our incident-response plan.
15. Changes to this Policy
We may update this Policy from time to time. Material changes will be notified to customer admins via e-mail and in-product banners at least 30 days before taking effect, unless changes are required sooner by law.
16. Contact
E-mail: privacy@iamwendi.ai