Privacy Policy
Last updated: July 7, 2026
This Privacy Policy describes how Centipede SL (Centipede.ia) collects, uses, and protects your information when you use the Centipede mobile app and its associated services (the “Service”).
1. Who we are
The data controller is Centipede SL, operating under the Centipede.ia brand. For any question about this policy or your data, write to us at seguridad@centipedeweb.com.
2. Scope
This policy applies to the Centipede mobile app (iOS and Android) and the associated AI-agent chat service. Centipede is an enterprise (B2B) product: your account is provisioned and managed by your organization, and there is no self-service sign-up inside the app.
3. Data we collect
We collect the following categories of data:
- Account data: name, email address, and user identifier, provided by your organization when your account is created.
- Content you generate: chat messages, attachments, and voice notes you send to the AI agents.
- Technical and usage data: app telemetry, performance metrics, error logs, and crash diagnostics, linked to your user identifier.
4. How we use your data
We use your data exclusively to:
- Provide the Service: process your requests and generate the AI agents' responses.
- Operate, maintain, and improve the app: error diagnostics and performance monitoring.
- Security: authentication (including two-factor), session control, and abuse prevention.
- Support: respond to your requests and resolve issues.
5. Who we share data with
We do not sell your data. We share information only with the providers required to operate the Service (subprocessors):
We may also disclose information when required to do so by law.
- Grafana Cloud (Grafana Labs): app telemetry, metrics, and error reports, linked to your user identifier, email, and username, to monitor the health of the Service.
- ElevenLabs: audio processing for voice features (transcription and synthesis).
- AI model providers: the content of your messages is processed by language models to generate the agent's responses.
- Expo (EAS): delivery of push notifications and app updates.
- Amazon Web Services (AWS): infrastructure where the Service is hosted.
6. Retention
We keep your data while your account is active and as needed to provide the Service to your organization. Telemetry and diagnostic data are retained for limited periods according to their purpose. When the relationship with your organization ends, data is deleted or anonymized as agreed with your organization.
7. Security
We apply technical and organizational measures to protect your information: encryption in transit (TLS), authentication with two-factor support, access controls, and audit logging.
We are undergoing SOC 2 Type II certification, with continuous monitoring of our controls through Vanta.
8. Your rights
Depending on your jurisdiction (including GDPR and LGPD), you may request access, rectification, deletion, portability, or objection to the processing of your data. Because accounts are managed by your organization, some requests are handled together with it. Write to us at seguridad@centipedeweb.com and we will respond.
9. Account and data deletion
Your account belongs to your organization's workspace. To delete your account and its associated data, ask your organization's administrator or write to us at seguridad@centipedeweb.com. We will process the request within 30 days at most.
10. Minors
The Service is intended for business users aged 18 or older. We do not knowingly collect data from minors.
11. Changes to this policy
We may update this policy. The current version will always be published on this page with its update date and, if a change is significant, we will communicate it through the Service's channels.
12. Contact
For questions about this policy or about how your data is processed: seguridad@centipedeweb.com.
Review the status of our security controls, subprocessors, and certifications in our Trust Center.
Go to the Trust Center