Privacy Policy

SteelSpine AI is local-first by design. We collect the minimum data required to operate the service.

Effective date: May 8, 2026 · Last updated: May 8, 2026

1. Who we are

SteelSpine AI is a product of Felps Enterprises Inc., a Canadian corporation registered federally and extra-provincially in Ontario, Canada. Our registered office is in Hamilton, Ontario, Canada. You can reach us at hello@steelspine.ai.

For the purposes of GDPR (EU/UK), we are the data controller for personal data we collect from customers and visitors. For Canadian PIPEDA purposes, we are the organization handling your personal information.

2. The local-first principle

Your captured runs stay on your machine. SteelSpine wraps your AI agents and records what they do. That capture data — stdout, stderr, decision events, hash-chained audit logs — is written to disk on your machine and never transmitted to Felps Enterprises Inc. unless you explicitly choose to share it.

This is the core privacy property of the product. Compliance officers and security teams choose SteelSpine specifically because the audit trail does not leave their environment.

3. What we collect

3.1 Account information

When you request access to SteelSpine or contact us, we may collect:

Email address
Name (optional)
Company / organization name (optional)
Country (for tax / compliance purposes)

3.2 Payment information

SteelSpine is currently free. There is no payment, no payment processor, and no billing — so we collect and store no payment or card information of any kind.

3.3 License validation

SteelSpine is free and does not require a paid license to use. If a build performs license or update validation, it transmits only the product and version being checked (and a license key, if you have one) — and never any of your captured run data, agent code, prompts, or outputs.

3.4 Crash reports and telemetry

SteelSpine has no telemetry by default. If you opt in to crash reporting (off by default), the crash report includes the stack trace, the SteelSpine version, and your operating system — never your captured run data.

3.5 Website analytics

The steelspine.ai website is hosted on Cloudflare Pages. Cloudflare may log anonymized request metadata (IP address, user-agent, page accessed) for security and abuse prevention. We do not run third-party advertising trackers or behavioral analytics on the website.

3.6 Support correspondence

If you email hello@steelspine.ai, we retain the email contents and your email address to respond to your support request and improve the product.

4. How we use the data

To provide, maintain, and improve the SteelSpine service
To validate your license at runtime
To deliver the software and respond to your requests
To respond to support and sales inquiries
To meet our tax, accounting, and compliance obligations
To send you product update emails (if you opt in)

We do not sell your personal data. We do not share it with third-party advertisers. We do not use your captured run data to train any model.

5. Third parties we share data with

(SteelSpine is currently free — no payment processor is involved, so no payment data is shared with anyone.)
Cloudflare — website hosting (steelspine.ai), email routing (hello@steelspine.ai). Privacy policy.
Tax and accounting providers as required for our financial reporting obligations under Canadian law.
Legal authorities only when required by valid legal process.

6. Where data is stored

Any account information you give us (such as your email) and your support correspondence are held in our Cloudflare Email Routing inbox. Cloudflare hosting data is held on Cloudflare's global infrastructure.

Captured run data, by design, is stored only on your own infrastructure.

7. How long we keep data

Active customer account data: for the life of the account, plus 7 years for tax/accounting compliance
Cancelled accounts: 7 years after cancellation, then deleted
Support emails: up to 3 years
Cloudflare access logs: per Cloudflare's retention policy (typically < 30 days for free tiers)

8. Your rights

Depending on your jurisdiction, you have rights including:

Access — ask what personal data we hold about you
Correction — fix inaccurate or incomplete data
Deletion — request deletion (subject to legal retention obligations)
Portability — receive your data in a machine-readable format
Objection / withdrawal — opt out of marketing emails or product update notices
Lodging a complaint — with your local data protection authority (in Canada, the Office of the Privacy Commissioner; in the EU/UK, your national supervisory authority)

To exercise any of these rights, email us at hello@steelspine.ai. We will respond within 30 days.

9. Children

SteelSpine AI is a B2B developer / compliance tool and is not intended for use by individuals under the age of 16. We do not knowingly collect personal data from children.

10. Security

We use industry-standard practices to secure the limited account data we hold. SteelSpine is free, so there is no payment or billing data to secure. Cloudflare provides TLS encryption for all web traffic. Despite these measures, no system is completely secure; if we discover a security incident affecting your data we will notify you and the appropriate regulators within the timeframes required by law.

11. Changes to this policy

We will post any changes to this Privacy Policy on this page and update the "Last updated" date. For material changes, we will notify active customers by email at least 30 days before the change takes effect.

12. Contact

Felps Enterprises Inc.
Hamilton, Ontario, Canada
Email: hello@steelspine.ai