Privacy Policy
Effective date: 2026-04-30 Last updated: 2026-04-30 Version: 1.0-draft (review by counsel before publication)
This Privacy Policy describes how Aitech International ApS — the Danish company that owns, develops, and copyright-protects the Caelum QMS platform ("Caelum", "we", "us") — collects, uses, and discloses information when you visit our website (caelum.app), sign up for our service, or use the Caelum QMS platform.
If you are a customer of a company that uses Caelum (an end-user of your employer's tenant), this policy applies to the data we collect about you in our role as processor acting on your employer's instructions. For those purposes the controller is your employer, and you should also consult their privacy notice. Where Caelum acts as a controller (for our marketing site, our own employees, our sales contacts), this policy applies in full.
1. Information we collect
1.1 Information you give us
- Account information — name, business email, job title, work
phone, company name, country, business registration number, billing address.
- Authentication information — password (stored as bcrypt hash),
WebAuthn public credentials, IdP-issued user identifier.
- Customer-uploaded content — anything you choose to put into
Caelum: controlled documents, complaints, CAPA records, training records, supplier records, helpdesk tickets, etc. As processor, we store this on your tenant's behalf.
- Communications — emails, support tickets, chat messages you
send us.
1.2 Information we collect automatically
- Usage data — pages visited, actions taken, timestamps, audit-log
events, feature usage. Caelum's internal audit log captures this in detail because that is the product.
- Device data — IP address, browser type and version, operating
system, screen size, language preference.
- Cookies and similar technologies — session cookies for
authentication; analytic cookies are described in section 5.
1.3 Information we receive from third parties
- Identity providers — when you sign in via Google Workspace,
Microsoft Entra ID, or Okta, we receive your name, email, and IdP-issued user id.
- Stripe — when you pay, we receive billing-name, billing-email,
billing-address, and a customer/subscription id. We never see your card number.
2. How we use information
We use the information for the following purposes:
| Purpose | Categories of data | Legal basis (GDPR) |
|---|---|---|
| Provide the Caelum service to your employer (your tenant) | Account, authentication, customer-uploaded content, usage | Contract (your employer's contract with us) |
| Bill, collect payment, and manage subscriptions | Account, billing, payment metadata | Contract; legal obligation (tax) |
| Communicate about the service (transactional email) | Account, communications | Contract |
| Provide customer support | Account, communications, customer-uploaded content needed to diagnose | Contract; legitimate interest |
| Improve the service (aggregated analytics; never used to train AI) | Usage, device, aggregated/de-identified | Legitimate interest |
| Comply with our legal obligations | All categories as required | Legal obligation |
| Defend our legal rights | All categories as required | Legitimate interest |
| Marketing and sales (Caelum-controlled, prospect-facing only) | Account contact data of leads who opted in or were obtained per legitimate interest under EU rules | Consent (where required) or legitimate interest |
We do not use your customer-uploaded content to train AI models. Training-on-inputs is contractually disabled with our AI sub-processors.
3. Disclosures
We share information only as set out in this section.
3.1 With sub-processors
We use a small set of carefully-selected vendors to operate the service. The current list, with role and location, is at caelum.app/legal/sub-processors. Each sub-processor is bound by a written agreement with data-protection obligations substantially equivalent to ours.
3.2 With your employer (if you are an end-user)
If we hold information about you because your employer uses Caelum, we share it with your employer per their tenant configuration. They are the controller of that data.
3.3 In a corporate transaction
If Caelum is involved in a merger, acquisition, financing, or sale of all or substantially all of its assets, the personal data we hold may be transferred to the acquiring entity, subject to the same protections.
3.4 To comply with law
We may disclose personal data when we believe in good faith that disclosure is required by law, court order, or legal process. We will challenge overbroad requests where appropriate and notify the affected customer where legally permitted.
3.5 We do not sell personal data
We do not sell or share personal data for cross-context behavioural advertising, in the sense given to those terms by California law (CCPA / CPRA).
4. International transfers
We are based in Denmark and store EU customer data in the EU by default. Some sub-processors operate in the United States; we rely on the European Commission's Standard Contractual Clauses (and the UK International Data Transfer Addendum where relevant) to provide an appropriate transfer mechanism. The full list of sub-processors, their location, and their applicable transfer mechanism is at caelum.app/legal/sub-processors.
5. Cookies and similar technologies
We use the minimum cookies necessary to operate the service:
| Cookie / category | Purpose | Lifetime | Strictly necessary? |
|---|---|---|---|
| Session cookie | Authentication | Session | Yes |
| Theme cookie | Remember dark/light mode | 1 year | No (functional) |
| (No advertising cookies) | — | — | — |
Caelum does not currently set marketing or advertising cookies on the public site. If we add analytic cookies that are not strictly necessary, we will request consent via a banner per ePrivacy.
6. Your rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Access — request a copy
- Rectification — correct inaccurate data
- Erasure — request deletion (subject to retention obligations)
- Restriction — limit how we process your data
- Portability — receive your data in a machine-readable format
- Objection — object to processing based on legitimate interest
- Withdraw consent — where consent is the legal basis
- Lodge a complaint — with your supervisory authority
If you are an end-user of a customer's tenant, please direct your request to your employer in the first instance; we will assist them in responding. If you ask us directly, we will route your request to your employer where they are the controller.
To exercise any of these rights, email privacy@caelum.app. We will respond within one month and may extend by two further months where the request is complex.
7. Security
We protect personal data using technical and organisational measures including encryption at rest (AES-256) and in transit (TLS 1.2+), Postgres Row-Level Security with FORCE ROW LEVEL SECURITY for tenant isolation, hash-chained immutable audit logs, WebAuthn step-up for electronic signatures, bcrypt password hashing, and least-privilege access for our personnel. Our full security posture is summarised at caelum.app/legal/security.
8. Retention
We retain personal data:
- For your tenant — for the duration of your employer's
subscription, plus a 90-day grace period after termination during which the tenant administrator may export. After that, primary records are deleted; backup media containing personal data is overwritten within the underlying database's PITR window (currently up to 30 days).
- For your employer's regulatory retention — if your employer
configures a retention statement (e.g., lifetime of the device + 10 years per ISO 13485 §4.2.5), we retain accordingly until expiry.
- For our own controller-purposes (sales contacts, billing
records, support correspondence) — for as long as we have a legitimate purpose plus statutory retention periods (typically 7 years for accounting).
- Anonymised, aggregated data — indefinitely; no individual is
identifiable.
9. Children
The service is not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it.
10. Automated decision-making
We do not engage in automated decision-making that produces legal or similarly significant effects on individuals. AI features inside the product (drafting, suggestions) always require human review and e-signature before any decision is made.
11. Changes to this policy
We may update this policy from time to time. If a change is material, we will notify customers via email at least 30 days before it takes effect. The "Last updated" date at the top of this page reflects the most recent revision. Past versions are retrievable from our public Git repository.
12. Contact
Data controller Aitech International ApS (operator and copyright holder of Caelum QMS) [REGISTERED ADDRESS] Denmark Email: privacy@caelum.app
Data Protection Officer A formal DPO is not appointed under Article 37 GDPR (we do not meet the mandatory thresholds), but privacy@caelum.app is monitored by our Privacy Lead.
Lead Supervisory Authority (for EU complaints) The Danish Data Protection Authority (Datatilsynet) Carl Jacobsens Vej 35, 2500 Valby Denmark https://www.datatilsynet.dk