Foudre · Legal
Privacy Policy
Last updated: 4 June 2026
Foudre AI (“Foudre”, “we”, “us”) is the operator of this service. This policy explains what personal data we process when you use the Foudre closed beta at foudreai.com, why, and the rights you have under the EU/UK General Data Protection Regulation (GDPR). For any privacy request, contact [email protected] or use the in-app feedback form once signed in.
1. Data we collect
- Account data — your username, optional display name, role, and a password stored only as a salted scrypt hash (never in plaintext).
- Usage / analysis data — the regions, timeframes, châteaux, and questions you submit for analysis, and the generated results saved to your history.
- Lead data — the email address, persona, and region you provide when requesting access or a report.
- Feedback — any rating, category, and message you send us.
- Technical data — IP address and user-agent, used transiently for rate-limiting and abuse prevention, plus aggregate counters (logins, analyses, cache hits, model token totals) that are not tied to your identity.
Foudre is a free closed beta. We do not collect or process payment-card data.
2. How we use it
To provide and secure the service (authentication, running analyses, saving your history), to respond to feedback and access requests, to enforce rate limits and protect against abuse, and to understand aggregate usage so we can improve the product. Our legal bases are performance of a contract (providing the service), legitimate interests (security and product improvement), and consent (where you opt in, e.g. lead capture).
3. Subprocessors
We share the minimum data necessary with the following processors. AI calls are sent as API requests that, per the providers’ terms, are not used to train their models.
| Processor | Purpose |
|---|---|
| OpenAI | LLM inference (default provider) |
| Anthropic | LLM inference (when configured) |
| Tavily | Public-web search / retrieval for market signals |
| Amazon Web Services | Cloud hosting (compute + storage) |
| Cloudflare | CDN, edge TLS, and DDoS protection |
Analytics is handled by a self-hosted, cookieless Umami instance — there is no Google Analytics, advertising pixel, or third-party tracker. Climate datasets come from ECMWF Copernicus (ERA5 / SEAS5); these are data sources, not processors of your personal data.
4. International transfers
Some subprocessors (e.g. OpenAI, AWS) process data in the United States. Where personal data is transferred outside the EEA/UK, we rely on the relevant provider’s data processing terms and EU Standard Contractual Clauses (SCCs) as the transfer mechanism.
5. Retention
- Account data — until you delete your account or the beta ends.
- Sessions — expire automatically 30 days after sign-in.
- Analysis history, leads, and feedback — for the duration of the beta program.
- Server logs — typically rotated within ~30 days.
6. Your GDPR rights
You have the right to access, rectify, erase (“right to be forgotten”), port, restrict, and object to the processing of your personal data, and to withdraw consent at any time. To exercise any right, email [email protected] (or use the in-app feedback form) and we will respond within 30 days. You may also lodge a complaint with your local data protection authority.
7. Children
Foudre is intended for professional users and is not directed at anyone under 16. We do not knowingly collect data from children.
8. Changes
We may update this policy as the product evolves. Material changes will be reflected by the “Last updated” date above.