Privacy policy

Doppelset Labs S.L. (“Doppelset”, “we”, “us”) is the data controller for personal data you give us when you visit our website, sign up for an account, or talk to our team. We're registered in Spain at Rúa do Paseo 28, 41870 Aznalcóllar, Seville. You can reach our Data Protection Officer at privacy@doppelset.com.

We try to collect as little as possible. The categories we process are:

• Account data: name, work email, organisation, preferred language, role.
• Usage telemetry: aggregated page views, generation-job counts, error logs. Per-user identifiers are pseudonymous and rotated every 30 days.
• Billing data: processed by Stripe; we receive the last four digits of the card and the country of issue.
• Communications: messages you send us via the contact form, email, support tickets, or Slack channels we share with customers.
• Tenant operational data: the metadata about your generation jobs (schema, row count, ε used). The actual records — yours and your customers' — never reach us on shared cloud and never leave your VPC on Vault.

• To operate the service: log you in, run your generations, meter your usage, and bill you.
• To improve the platform: aggregate, never re-identified, usage analysis.
• To communicate with you: transactional notices, security alerts, and optional product updates you can unsubscribe from at any time.
• To comply with law: tax records, anti-money-laundering checks on enterprise customers where required.

We do not sell personal data. We do not share it with advertising networks. We don't train any model — synthetic or otherwise — on your tenant data without an explicit, separate opt-in.

• Contract: for everything required to operate your account.
• Legitimate interest: for aggregate telemetry, fraud prevention, and account security. We carry out and document balancing tests; you can request a copy.
• Consent: for optional marketing emails and any non-essential cookies. Consent can be withdrawn at any time.
• Legal obligation: for tax, accounting, and anti-money-laundering records.

Because Doppelset's business is synthetic data, your tenant data deserves a stronger commitment than any privacy policy normally provides. We commit to:

• Never training, fine-tuning, or evaluating any Doppelset model on your tenant data unless you opt in for a specific experiment, in writing, with a defined retention window.
• Storing your data in the region you select (EU or US) and never replicating it across regions without your written approval.
• Issuing a signed, hash-anchored receipt for every generation job so you can independently verify that your data was used for nothing other than the job you requested.

We share personal data only with our subprocessors (below), with our auditors and legal counsel under confidentiality, and when compelled by valid legal process — which we always notify you of unless legally prohibited.

The list below is current; we'll notify you of changes 30 days before they take effect.

EU customers' data stays in the EU by default. Where we use US subprocessors (e.g., WorkOS, Linear, Stripe for US-issued cards), transfers rely on the EU-US Data Privacy Framework and Standard Contractual Clauses (2021). A copy of the SCCs is available on request.

Under the GDPR (and equivalents in other jurisdictions), you have the right to:

• access the data we hold about you;
• correct it if it's wrong;
• delete it, subject to legal retention obligations;
• restrict or object to processing;
• port it to another provider;
• withdraw consent where consent is the basis;
• lodge a complaint with the Spanish AEPD or your local supervisory authority.

Email privacy@doppelset.com — we'll respond within 30 days, and usually within five.

We use the smallest number of cookies that lets the site function:

• doppelset.theme — remembers your light / dark choice. Local storage, not a cookie. Never leaves your browser.
• doppelset.locale — remembers your language. Same.
• ds_session — identifies your logged-in session. Necessary; first-party only; HttpOnly; SameSite=Strict; expires after 14 days of inactivity.

We do not run advertising or marketing analytics on the marketing site. Product analytics on the dashboard are routed through a self-hosted PostHog inside our EU region and are anonymised.

Doppelset holds SOC 2 Type II and is in audit for ISO 27001. Production data is encrypted at rest (AES-256) and in transit (TLS 1.3). All access to production requires hardware-backed MFA. Quarterly penetration tests are run by an independent third party; the executive summary is available under NDA.

Report a vulnerability to security@doppelset.com. We commit to acknowledging within one working day, classifying within five, and following coordinated disclosure norms.

Doppelset is a B2B platform; we do not knowingly process the personal data of anyone under 16. If you believe we have, write to privacy@doppelset.com and we will delete it.

When you process personal data through Doppelset, we act as processor and you act as controller. Our standard DPA is pre-signed and available at legal@doppelset.com. It incorporates the EU SCCs (Module 2 and 3 as applicable), covers UK and Swiss equivalents, and is accepted by every customer on Lab and Vault.

Doppelset's models are evaluated for memorisation, attribute disclosure, and membership-inference attacks on every release. A signed evaluation summary ships with every product version. We do not use customer data for any general-purpose AI pre-training. We comply with the EU AI Act's general-purpose model documentation requirements where applicable.

Material changes are announced by email at least 30 days before they take effect, and we keep a public changelog of non-material edits at the foot of this page.

Privacy questions: privacy@doppelset.com
Security disclosures: security@doppelset.com
Press: press@doppelset.com
Postal mail: Doppelset Labs S.L., Rúa do Paseo 28, 41870 Aznalcóllar, Seville, Spain.