Legal

Privacy Policy

Last updated: April 2026

What we collect

When you interact with steadybase.io, we may collect your email address (if you subscribe to the newsletter or contact us), basic analytics data (page views, referral source), and any information you voluntarily share through the Max chat interface.

What we don't collect

We don't use tracking cookies. We don't sell your data. We don't run retargeting pixels. Our analytics are cookie-free (Plausible Analytics), which means no consent banner is required under GDPR.

Agents as a Service data

If you become an Agents as a Service customer, your business data is processed within your isolated tenant on the steadybase platform. Each customer gets their own instance with Row-Level Security in PostgreSQL. Your data is never shared between tenants. Your data is never used to train AI models.

Third parties

steadybase runs on AWS (EC2, RDS, CloudFront, Cognito). Analytics are processed by Plausible Analytics (EU-based, GDPR compliant). Email delivery uses standard transactional email services. We do not share your personal information with any third party for marketing purposes.

Your rights

You can request deletion of your data at any time by emailing andrew@steadybase.io. If you're in the EU, you have rights under GDPR including access, rectification, erasure, and portability. If you're in California, you have rights under CCPA. We will respond to any data request within 30 days.

Contact

Andrew McGuire -- andrew@steadybase.io -- Bend, Oregon, USA

This is a preliminary privacy policy. A full Termly-generated privacy policy will replace this page before production launch. If you have questions in the meantime, email andrew@steadybase.io.