glassline.ai
PricingLoginGet Started

Privacy Policy

Glassline.ai β€” Last updated: June 2026


1. Who We Are

Glassline.ai ("Glassline", "we", "us") is a decision-intelligence platform. For data protection enquiries, use our contact form and select Privacy as the reason.

2. Scope of This Policy

This Privacy Policy explains how Glassline collects, uses, stores, and protects personal data in connection with the Glassline platform, accessible at glassline.ai.

Glassline acts as a data controller when you register an account directly (profile, password, subscription). Glassline acts as a data processor when an organization subscribes and invites its members β€” in that case, the subscribing organization is the data controller.

3. Personal Data We Collect
3.1 Account and Profile Data

First and last name, email address, hashed password, timezone preference, organization name, and team membership.

3.2 Decision and Collaboration Data

Decision titles, descriptions, context notes, your scoring inputs across five factors (Impact, Strategic Alignment, Risk Reduction, Effort, Confidence), optional rationale text, endorsements, uploaded attachments, and action timestamps.

3.3 Technical Data

IP address and session tokens (used for authentication and security only). API request logs retained for 30 days. We do not use third-party analytics, advertising cookies, or behavioral tracking. We do not sell personal data.

4. How We Use Your Personal Data

We use your data to provide and operate the Service (contract performance), to authenticate sessions (contract performance), to send transactional emails such as invitations and scoring notifications (contract performance), and for platform security and fraud prevention (legitimate interests). We do not use your data for automated decision-making or profiling.

5. Immutable Decision Records β€” Important Notice

Glassline's core function is to create permanent, tamper-proof organizational memory of governance decisions. When an organization locks a decision, Glassline generates an immutable Snapshot that captures the complete record: who participated, scores, rationales, and outcomes.

Right to erasure and Snapshots: If you exercise your right to erasure, Glassline will anonymize your personal identity (name and email) across all Snapshots you appear in, replacing your name with "[Deleted User]". The structural decision record is retained for the organization's legitimate governance purposes.

6. Your Rights

Under GDPR you have the right to: access your personal data (export via My Profile β†’ "Download my data"); rectification (update via My Profile); erasure/right to be forgotten (request via My Profile β†’ "Request account deletion"); restriction of processing; data portability; and to object to processing.

To exercise your rights, visit your profile settings or use our contact form (select Privacy as the reason).

7. Data Retention

Active user data is retained while your account exists. On account deletion, your personal identifiers are anonymized immediately. Organizational data is retained for 90 days after an organization is deactivated, then permanently deleted.

8. Cookies

Glassline uses only essential session cookies required for authentication and secure operation. No advertising, analytics, or tracking cookies are set. The cookie consent banner you see on first visit is for transparency β€” essential cookies cannot be disabled while using the Service.

9. Security

Glassline uses HTTPS for all data transmission. Passwords are stored as bcrypt hashes and are never stored in plain text. Session tokens are rotated on use and invalidated on logout and account anonymization. We conduct regular security reviews.

10. Contact

For privacy enquiries or data subject requests, use our contact form and select Privacy as the reason.

For privacy-related requests or concerns, contact us at privacy@glassline.ai