Privacy Policy

Last updated: 25 January 2026

1. Introduction

Spikefrost is a software platform operated by Retter and its affiliated entities. This Privacy Policy describes how personal data is collected, used, stored, and protected when you access or use Spikefrost's websites, applications, and services.

By using Spikefrost, you acknowledge and agree to the practices described in this policy.

2. Legal Entity and Scope

Spikefrost is a product of Retter. All legal entities, data hosting principles, and compliance standards defined in Retter's Privacy Policy apply equally to Spikefrost.

Where this policy refers to "Spikefrost", "we", "us", or "our", it refers to Retter and its affiliated entities operating the Spikefrost platform.

3. Information We Collect

We collect information necessary to operate, secure, and improve the platform.

Information you provide:

  • Account details such as name, email address, and company information
  • Authentication credentials
  • Communications and support requests

Information generated through use:

  • Platform usage data, logs, timestamps, and interaction events
  • Configuration data related to projects, integrations, and sandbox environments
  • Technical data such as IP address, browser type, device information

We do not intentionally collect sensitive personal data.

4. How We Use Information

We use collected data to:

  • Provide and operate Spikefrost
  • Authenticate users and manage accounts
  • Maintain security and prevent misuse
  • Improve performance, reliability, and user experience
  • Communicate service-related updates

We do not sell personal data.

5. AI Processing and Model Providers

Spikefrost enables interaction with AI-powered agents.

User inputs and outputs may be processed by third-party AI model providers solely to deliver requested functionality. These providers act as data processors under contractual safeguards.

Customer data is not used to train proprietary or third-party models unless explicitly agreed in writing.

6. Third-Party Service Integrations (Google, Microsoft)

Spikefrost allows you to connect third-party services such as Google Workspace and Microsoft 365 to enable AI agents to work with your data. These integrations are entirely optional and require your explicit consent.

Data we may access:

When you connect a third-party service, Spikefrost may access:

  • Google: Gmail messages, Google Calendar events, Google Drive files, and basic profile information (name, email)
  • Microsoft: Outlook emails, Outlook Calendar events, OneDrive files, and basic profile information (name, email)

How we use this data:

  • To provide AI agent functionality you explicitly request (e.g., summarizing emails, scheduling events, organizing files)
  • To display relevant information within the Spikefrost interface
  • Data is processed in real-time and is not permanently stored unless required for the specific agent functionality

What we do NOT do:

  • We do not sell your Google or Microsoft data
  • We do not use your data for advertising or marketing purposes
  • We do not share your data with third parties except as necessary to provide the service (e.g., AI model providers under strict contractual obligations)
  • We do not use your data to train AI models

Revoking access:

You can disconnect third-party services at any time from your Spikefrost account settings. You can also revoke access directly from your Google Account (Google Security Settings) or Microsoft Account (Microsoft Privacy Dashboard). Upon revocation, Spikefrost will no longer have access to your data from that service.

Data deletion:

You may request deletion of any data obtained from third-party integrations by contacting us at the email address provided below. We will delete such data within 30 days of your request, unless retention is required by law.

7. Data Sharing

We may share data only:

  • With infrastructure, hosting, analytics, or security service providers
  • With AI model providers to execute user requests
  • When required by law or legal process
  • In connection with corporate transactions such as mergers or acquisitions

All third parties are required to handle data in accordance with this policy.

8. Data Storage and Security

Data is stored in secure environments using industry-standard technical and organizational safeguards. Access is restricted to authorized personnel.

9. Data Retention

Personal data is retained only as long as necessary to:

  • Provide the service
  • Comply with legal obligations
  • Resolve disputes and enforce agreements

Users may request account and data deletion, subject to legal requirements.

10. International Data Transfers

Data may be processed or stored in jurisdictions where Retter or its service providers operate. Appropriate safeguards are applied where required by law.

11. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion
  • Restrict or object to certain processing

Requests can be made using the contact details below.

12. Cookies and Tracking

Spikefrost uses cookies and similar technologies to:

  • Maintain sessions
  • Improve usability
  • Monitor platform performance

You can manage cookies through your browser settings.

13. Changes to This Policy

We may update this policy from time to time. Updates will be posted on this page with a revised date. Continued use of Spikefrost constitutes acceptance of the updated policy.

14. Contact

For privacy-related questions or requests:

support@spkdev.com
www.spkdev.com