Privacy policy

Last updated: March 6, 2026

This Privacy Policy explains how CowLabs ("we", "us", or "our") collects, uses, stores, and protects your information when you use the Aldine AI agent platform and related services (the "Service"). Aldine is a product of CowLabs.

By using the Service, you agree to the collection and use of information in accordance with this policy.

1. Who We Are

CowLabs is a company registered in the United Kingdom. We operate Aldine, an AI agent platform for family offices and professional services firms. For data protection purposes, CowLabs acts as the data controller for website and account data, and as a data processor for Client Data processed through the Service.

2. Information We Collect

Information you provide to us: Account information such as your name, email address, company name, and billing details when you sign up for the Service or contact us.

Client Data you make accessible through the Service: When you connect Aldine to your email, calendar, documents, or other tools, we access and process that data solely to provide the Service. This may include emails, calendar entries, contacts, documents, financial information, and other operational data. We only access what you explicitly connect and authorise.

Information collected automatically: When you visit our website, we may collect basic usage data such as IP address, browser type, pages visited, and referring URLs. We use this information to improve the website and understand how visitors find us.

3. How We Use Your Information

We use your information for the following purposes:

To provide and operate the Service, including delivering morning briefings, triaging emails, running research, scheduling meetings, and generating reports and presentations.

To configure and customise your AI Agent during the Consulting Engagement, including training it on your workflows, branding, and preferences.

To communicate with you about your account, respond to your enquiries, and provide customer support.

To process payments and manage your subscription.

To improve and develop the Service based on usage patterns and feedback.

To comply with legal obligations and enforce our Terms of Service.

4. How We Process Client Data

Client Data is processed solely to provide the Service to you. We do not use your Client Data for any other purpose, including marketing, profiling, or training our own AI models.

Each client's data is stored in a dedicated, isolated infrastructure environment. Your data is not mixed with or accessible to other clients.

When your AI Agent processes a request, relevant Client Data may be sent to third-party AI model providers to generate a response. We select providers that offer zero-retention data processing agreements, meaning your data is not stored or used by those providers beyond the immediate processing of the request.

5. Data Sharing

We do not sell your data. We only share your information in the following circumstances:

With third-party AI model providers as necessary to process requests through the Service, under zero-retention data processing agreements.

With payment processors to handle billing and subscription management.

With service providers who assist us in operating the Service, such as cloud hosting providers. These providers are bound by contractual obligations to protect your data and only process it on our instructions.

Where required by law, regulation, or legal process, or to protect the rights, safety, or property of CowLabs, our clients, or the public.

In connection with a merger, acquisition, or sale of assets, in which case we will notify you and ensure your data remains protected under terms at least as protective as this Privacy Policy.

6. Data Storage and Security

Client Data is stored on dedicated, isolated infrastructure provisioned specifically for each client. We implement the following security measures:

Encryption at rest using AES-256.

Encryption in transit using TLS 1.3.

Access controls limiting who can access your data to authorised personnel only.

Regular security assessments and monitoring.

Multi-factor authentication on all administrative access points.

We store data in data centres located in the European Economic Area or Switzerland unless otherwise agreed with you. We will inform you of the specific data centre location during onboarding.

7. Data Retention

We retain your Client Data for as long as your subscription is active and the Service is being provided to you.

Upon termination of your subscription, we will provide you with a copy of your Client Data in a standard format within 30 days of your request. After this period, we will securely delete all Client Data from our systems within 90 days, unless retention is required by applicable law.

Account information and billing records may be retained for up to 7 years after termination to comply with tax and accounting obligations.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Access. You can request a copy of the personal data we hold about you.

Correction. You can ask us to correct inaccurate or incomplete personal data.

Deletion. You can ask us to delete your personal data, subject to our legal obligations.

Portability. You can request your data in a structured, commonly used, machine-readable format.

Restriction. You can ask us to restrict processing of your personal data in certain circumstances.

Objection. You can object to our processing of your personal data where we rely on legitimate interests as the legal basis.

Withdrawal of consent. Where processing is based on consent, you can withdraw that consent at any time.

To exercise any of these rights, contact us at the details in Section 13. We will respond within 30 days of receiving your request.

9. International Data Transfers

Where we transfer personal data outside the United Kingdom or the European Economic Area, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the UK Information Commissioner's Office or the European Commission, or transfers to countries recognised as providing an adequate level of data protection.

10. Cookies and Website Analytics

Our website may use essential cookies required for the website to function properly. We do not use tracking cookies or third-party advertising cookies.

If we use any analytics tools on our website, we will ensure they are configured to respect your privacy and comply with applicable data protection laws.

11. Children's Privacy

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will take steps to delete it.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes at least 30 days before they take effect by sending a notice to the email address associated with your account. Your continued use of the Service after the effective date constitutes your acceptance of the revised policy.

13. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us at:

CowLabs Product: Aldine Email: [marius@aldine.ai] United Kingdom

If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk, or with your local data protection authority.