01Who we are (data controller)
The controller of your personal data is Krzysztof Dalewski, conducting business under the trade name CellDelta, ul. Capri 4/18, 02‑762 Warsaw, Poland — NIP 5214160761, REGON 544460460, entered in the Polish Central Register of Business Activity (CEIDG).
Questions about this policy or your data: [email protected]. Given our scale and the nature of our processing, we are not required to appoint a Data Protection Officer, and as an EU‑established controller we do not require an Article 27 representative.
02What we collect
From the website (celldelta.ai)
- The work email you submit to request access, plus anything you optionally add (role, industry, use case).
- Standard request data your browser sends (IP address, browser type, referring page), used for security and basic operation.
Providing your work email is necessary for us to respond to your request; the optional details (role, industry, use case) are entirely up to you.
From the product (the MCP service and verification tools)
- Account details, where you hold an account: email address and organisation name.
- Edits you submit for an edit-level check (
verify_ops): the proposed value and any context you choose to pass. Processed in memory to compute a verdict; not stored. - Workbooks you submit for a full-file check (
verify_workbook): processed server-side to recompute the model and return a verdict, then deleted (see Retention). - Audit & evidence records: timestamped verdicts and your decisions (accept / override / reject), sealed in a SHA-256 hash chain. Each entry stores an
ops_digest— a one-way hash of the edits — not your cell values.
We do not use cookies for tracking, advertising or analytics. Browser local storage is used only to remember preferences (such as your last form selections); you can clear it at any time.
03No model, no learning
CellGuard is deterministic: every verdict is produced by fixed, versioned rules, so identical inputs always yield an identical verdict. This has direct privacy consequences:
- We do not run a language model as part of verification, and we do not transmit your spreadsheets or edits to any AI provider (such as Anthropic, OpenAI, Google or Microsoft). The AI that proposes an edit is your own assistant, operated by you under your own terms with that provider.
- We do not train, fine-tune or improve any model on your data, and we do not profile you. There is no "learning" step — per-client rules, where used, are written and version-pinned by humans, never inferred from your data.
04Legal basis for processing (GDPR)
- Steps taken at your request prior to a contract (Art. 6(1)(b)) — when you submit the website form, we use your work email to receive and answer your access enquiry, arrange a walkthrough and provide access; and to provide the service to account holders.
- Legitimate interests (Art. 6(1)(f)) — our legitimate interest, balanced against your rights, in (a) following up on the access enquiry you started with relevant information about CellGuard, and (b) securing and operating the service (authentication, rate-limiting, abuse prevention). You can object to (a) at any time (see Your rights); we do not send unrelated marketing on this basis.
- Consent (Art. 6(1)(a)) — only where you separately and optionally opt in to marketing communications beyond your enquiry (e.g. a newsletter). We do not ask for this to respond to your request, and you can withdraw it at any time.
05How we use your information
- To respond to your request and arrange a walkthrough.
- To provide and operate the verification service and return verdicts and evidence.
- To secure the service (authentication, rate-limiting, abuse prevention) and meet our legal obligations.
We do not sell your data, rent it, or share it with advertisers, and we do not use it for behavioural marketing.
06Processors & sharing
We do not sell or rent personal data. A small number of vendors process data on our behalf, under data-processing terms, strictly to run the service:
- Railway Corporation (cloud hosting, United States) — hosts the managed service and the endpoint that receives your access request, and provides ephemeral storage for workbooks submitted for a full-file check.
- Transactional email / SMTP provider — delivers the notification of your access request to our inbox, and our replies and account notices.
We keep website access-request data minimal: your work email and any optional role, industry or use-case you choose to add; we do not store it in a separate marketing database. A current list of our sub-processors, with their names and locations, is available on request.
We may disclose data where required by law, or to establish, exercise or defend legal claims. We are not in the business of running AI models, so — unlike many "AI" tools — your content is never passed to a model provider by us.
07International transfers
Our managed service — including the endpoint that receives your website access request — is currently hosted in the United States (Railway). Submitting the form therefore transfers your work email (and any optional details) outside the European Economic Area. For this and any other sub-processor established outside the EEA, we rely on appropriate safeguards — the European Commission's Standard Contractual Clauses and/or the EU–US Data Privacy Framework where the provider is certified — and a copy of the relevant safeguard is available on request. We keep the data minimal and short-lived (see Retention). EU and EU-region hosting is available for enterprise deployments.
08Data retention
- Request-access data: kept while we handle your enquiry and, if it does not lead to an account, for up to 24 months after our last contact to manage the relationship and defend potential claims, then deleted. You can ask us to delete it sooner at any time (see Your rights).
- Submitted workbooks & edits: processed to produce a verdict and then deleted; we do not retain them as a working store. Any transient copy is removed on a short time-to-live.
- Audit & evidence log: retained as tamper-evident control evidence — by default at least six months, or for the period your organisation configures — on the basis of our legitimate interest in providing reproducible control evidence. (This mirrors the kind of logging the EU AI Act expects of AI systems; CellGuard is the independent validator, not the AI system itself.) Entries contain digests and metadata, not cell values.
- Account data: kept for the life of the account; deleted on closure, save for records we must keep by law.
09Your rights
Under the GDPR you may: access your data; rectify it; erase it ("right to be forgotten"); restrict or object to processing; receive it in a portable format; and withdraw consent at any time (without affecting processing already carried out).
To exercise any right, email [email protected]; we respond within one month, and may extend that by up to two further months for complex or numerous requests (we will tell you if so). You also have the right to complain to the Polish supervisory authority — Prezes Urzędu Ochrony Danych Osobowych (UODO), ul. Stawki 2, 00‑193 Warsaw, uodo.gov.pl.
10Security
We apply technical and organisational measures appropriate to the risk, including: encrypted transport (TLS); fail-closed authentication with constant-time comparison and cryptographically random identifiers; strict session isolation with no cross-tenant access; a SHA-256 hash-chained, tamper-evident audit log; and data minimisation (storing edit digests rather than values). Because no model runs inside verification, much of the data-exposure surface that AI tools carry simply isn't present. A full security overview and DPA are available on request.
11Automated decision-making
CellGuard's verdicts are deterministic, reproducible control outputs — block, flag or pass — intended to inform a human reviewer. They are not solely-automated decisions producing legal or similarly significant effects about you; a person makes the final call on any edit.
12Children's privacy
CellDelta is a business-to-business product and is not directed at, or intended for, anyone under 16.
13Changes & contact
We may update this policy as the service evolves; changes are posted here with a new "last updated" date. For anything privacy-related:
Krzysztof Dalewski (CellDelta)
ul. Capri 4/18, 02‑762 Warsaw, Poland
NIP 5214160761 · REGON 544460460
[email protected]