Skip to content

Data privacy on the JellyFaaS platform

For each use case the following statements define how your data is handled/stored:

Authentication

JellyFaaS uses Kinde for authentication and authorisation. JellyFaaS stores your name and email, that is visible on the profile screen. We do not store passwords or other information about your account.

Direct function calling

Information on which account requested a function, the origin IP, the time taken and if it completed successfully.

We do not store any data passed (encrypted end to end), or any data in the response, this includes query params,raw data and/or files.

Function calling with AI

Information on which account requested a function, the origin IP, the time taken and if it completed successfully.

We do not store any data passed (encrypted end to end), or any data in the response, this includes query params,raw data and/or files. We do not store the query or any responses from the model.

Vector Databases (RAG)

Information on which account requested a function, the origin IP, the time taken and if it completed successfully.

If you choose to use your Vector Database storage within your account we store the data as embedded vectors. We do not store the original document. The vector databases are protected in such a way that only your account can access with the correct and valid token.

We do not store any data passed (encrypted end to end), or any data in the response, this includes query params,raw data and/or files. We do not store the query or any responses from the model.

If a delete is requested, the database is dropped and data removed. Note, however that a backup of the data will exist within our system until back rotation has completed. We do not ever access the backups except for reason of checking they are valid, or restoring lost data.

Sql Databases

Information on which account requested a function, the origin IP, the time taken and if it completed successfully.

We do not store any data passed (encrypted end to end), or any data in the response, this includes query params,raw data and/or files. We do not store the query or any responses from the model.

AI.Mee Privacy Statement

When a visitor interacts with our AI-powered chat widget (AI.Mee), the following practices apply:

Cookies and Tracking

We do not deploy any cookies or similar client-side trackers in order to measure widget usage, compile analytics, or otherwise collect statistics via the AI.Mee portal.

Log and Data Capture

No data is recorded until the end user actively submits a message. Only upon clicking Submit does the widget transmit the query, over an encrypted channel, to our backend for processing. We do not log keystrokes, mouse movements, or draft text before submission.

Data Storage & Use

Submitted queries (together with any corresponding bot responses) are stored in a dedicated, per-customer database. All data is encrypted at rest. Data access is strictly confined to the authenticated customer portal; end users and third parties cannot retrieve or view another customer’s information. Platform48 personnel may access these records solely to resolve support inquiries. Data is never exported to external systems or used for analytics outside the customer’s own dashboard.

Data Retention & Deletion

Customers may, at any time and upon request, purge historical conversations and reset usage statistics. All such deletions are permanent and immediate.

Example Policy Snippet (to drop directly into your Privacy Policy)

“Our chat service does not employ cookies or other client-side trackers to collect usage analytics. We only capture and transmit user input when the user intentionally submits a message. All messages and responses are stored in a customer-specific database, encrypted at rest, and viewable only via the customer’s secure portal. We do not share or analyse this data for any purpose beyond providing the chat service and supporting customer inquiries. Customers may request deletion of their stored conversation history at any time.”

GDPR

"The General Data Protection Regulation (GDPR) is a European Union law on data protection and privacy for all individuals within the EU 1 and the European Economic Area 2 (EEA). Key consumer rights under GDPR include the right to access, rectify, erase, restrict processing, data portability, and object to processing of their personal data.

  • Right to Access: Consumers have the right to request and obtain a copy of the personal data that an organization holds about them.
  • Right to Rectification: Consumers have the right to request the correction of inaccurate or incomplete personal data.
  • Right to Erasure ("Right to be Forgotten"): In certain circumstances, consumers have the right to request the deletion of their personal data.
  • Right to Restriction of Processing: Consumers can request that the processing of their personal data be limited in certain circumstances.
  • Right to Data Portability: Consumers have the right to receive their personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.