Legal document · effective June 16, 2026
Privacy Policy
Keystro is built with privacy as a core engineering principle. We never store the text you write or the AI's responses — anywhere. This page explains exactly what data we do collect, why, and what rights you have over it.
In one paragraph
We store your account information (email, name), your subscription status, your optional profile and personal vocabulary, and anonymized usage metadata (number of requests, character counts, latency). We never store the text content of your AI requests, your selections, your clipboard, or the AI's output. Your data is processed under GDPR with appropriate safeguards for international transfers. You can access, export, or delete your data at any time.
1. Who is responsible for your data
The data controller is Boris Molton, sole proprietor operating under the Keystro brand, registered in France as a sole proprietorship (micro-entreprise), SIRET 10565927000018. Contact: privacy@keystro.ai.
We have not appointed a Data Protection Officer (DPO), as we do not meet the criteria of GDPR Article 37 (small organization, no large-scale systematic monitoring of individuals, no large-scale processing of special categories of data).
2. What data we collect
2.1 Account data
- Email address — required for authentication and service-related communications
- Full name — synced from your authentication provider (Clerk) when you sign up
- Authentication identifier (Clerk user ID) — links your sessions to your account
- Account metadata — account creation date, last login date, account status (active or suspended)
2.2 Optional profile data
If you choose to provide them in the desktop settings or the web dashboard:
- Job title, company name, sector / industry
- Company description and personal role description (free text, max 2000 characters each)
This information is included as system context in the prompt sent to the AI, so that responses match your professional voice. It is processed with store: false on the AI provider side (see section 4).
2.3 Personal Vocabulary
Terms you add to personalize the AI's output (e.g., company names, brand names, acronyms), within the limits of your plan. This is included in the prompt and is never shared with anyone else.
2.4 Subscription and billing data
Handled by Stripe (Ireland) — we only store the references:
- Stripe customer ID and Stripe subscription ID
- Plan code (Free, Pro, Pro+), subscription status, current billing period
- Bonus request credits (granted by support, if any)
Payment card details are never handled by us — they are entered directly into Stripe's PCI-DSS compliant interface.
2.5 Usage events (metadata only)
For each AI request, we record:
- Action type (Correct, Draft Email, Ask, and legacy action types from earlier versions)
- Number of input characters and tokens (counts only, not the content)
- Number of output characters and tokens
- AI model used (GPT-5.4-mini, GPT-5.4-nano, etc.)
- Latency in milliseconds
- Success or error status, error code if any
- Timestamp
These counts let us enforce monthly quotas, monitor service quality, and bill in aggregate. They contain no fragment of your text.
2.6 Technical data (server logs)
- IP address (used for rate limiting, abuse prevention, then rotated out of logs)
- HTTP request metadata (method, path, status code, response time)
- User agent string
3. What we DO NOT collect
This list is as important as section 2. As a hard engineering rule, Keystro does not store, log, cache, or transmit to any analytics tool:
- The text you select before pressing a Keystro shortcut
- The text the AI generates in response
- The contents of your clipboard at any time
- The text inside any document, email, or message you have open
- Your keystrokes outside of Keystro's registered global shortcuts
- Your screen contents, microphone, or camera
- Your browsing history or activity in other applications
AI requests transit through our backend in real time, are forwarded to the AI provider with the store: false flag (Zero Data Retention contract), and the response is returned to you. Nothing is persisted in our database, nothing is written to our logs, nothing is kept by the AI provider after the response is produced.
4. Why we process this data (legal basis under GDPR Art. 6)
| Purpose | Data used | Legal basis |
|---|---|---|
| Account creation and authentication | Email, name, Clerk ID | Performance of contract (Art. 6(1)(b)) |
| Delivering AI requests | Prompt (input + vocabulary + profile), in transit only | Performance of contract (Art. 6(1)(b)) |
| Subscription and billing | Subscription data, Stripe IDs | Performance of contract (Art. 6(1)(b)) |
| Quota enforcement and abuse prevention | Usage events, IP addresses | Legitimate interest (Art. 6(1)(f)) |
| Aggregate product analytics | Usage events (anonymized counts) | Legitimate interest (Art. 6(1)(f)) |
| Compliance with tax and accounting law | Invoices, subscription history | Legal obligation (Art. 6(1)(c)) — 10 years |
| Service-related emails (security, billing, account) | Performance of contract (Art. 6(1)(b)) | |
| Marketing emails (newsletters, product news) | Consent (Art. 6(1)(a)) — opt-in only |
5. Who we share your data with (sub-processors)
We use the following third-party processors. Each is bound by a Data Processing Agreement (DPA) and provides appropriate safeguards under GDPR Art. 28 and Chapter V.
| Sub-processor | Purpose | Location | Transfer safeguard |
|---|---|---|---|
| Clerk Inc. | Authentication, user management | USA | SCCs + EU-US DPF |
| OpenAI L.L.C. | AI inference (with store: false) | USA | SCCs + EU-US DPF |
| Stripe Payments Europe Ltd | Payment processing | Ireland (EU) | EU-based, no transfer required |
| Railway Corp. | API hosting, PostgreSQL hosting | USA | SCCs |
| Vercel Inc. | Website hosting and CDN | USA | SCCs + EU-US DPF |
| GitHub Inc. | Distribution of the desktop installer (releases) | USA | SCCs + EU-US DPF |
We do not sell, rent, or trade your data with anyone. We do not share data with advertising networks. We do not embed third-party analytics scripts in the website beyond what is strictly necessary.
6. International data transfers
Several of our sub-processors are based in the United States. Transfers to the USA are protected by:
- The European Commission's Standard Contractual Clauses (SCCs) included in our DPAs;
- Where applicable, the EU-US Data Privacy Framework certification held by the recipient organization (adequacy decision of July 10, 2023);
- Our internal data minimization rule: only the data strictly necessary for the sub-processor's purpose is transmitted.
7. How long we keep your data
| Category | Retention |
|---|---|
| Account data, profile, vocabulary, subscription | Until account deletion + up to 30 days in encrypted backups |
| Usage events (metadata) | 24 months, then aggregated and personally non-identifying counts only |
| Server logs (IP, HTTP) | 30 days maximum |
| Invoices and accounting records | 10 years (French Commercial Code Art. L.123-22) |
| Authentication tokens on your device | Encrypted via Windows DPAPI; until you sign out or 30 days of inactivity |
| AI request content | Never stored anywhere |
8. Your rights
Under GDPR you have the following rights, free of charge:
- Right of access (Art. 15): obtain a copy of your data
- Right to rectification (Art. 16): fix inaccurate data
- Right to erasure (Art. 17): delete your account and all associated data — available directly from the dashboard
- Right to restriction (Art. 18): limit how we process your data
- Right to portability (Art. 20): export your profile and vocabulary
- Right to object (Art. 21): for processing based on legitimate interest
- Right to withdraw consent (Art. 7) for any consent-based processing
- Right not to be subject to automated decision-making (Art. 22): we do not perform any decision affecting you legally based solely on automated processing
To exercise any of these rights, email privacy@keystro.ai from the address associated with your account. We will respond within 30 days (extendable by 60 days for complex requests, with notice).
You also have the right to lodge a complaint with the French data protection authority, the CNIL — cnil.fr/en/plaintes.
9. Cookies and tracking
Our website uses only strictly necessary cookies:
- Authentication (Clerk session cookies) — without them, you cannot stay signed in
- Payment (Stripe Checkout cookies) — only set during a checkout session, to prevent fraud
These cookies are exempt from the consent requirement under Article 82 of the French Data Protection Act (CNIL guidance on strictly necessary cookies). We do not use Google Analytics, Facebook Pixel, advertising trackers, or any third-party profiling cookies. If we ever introduce optional analytics, we will display a consent banner allowing you to accept or refuse before any non-essential cookie is set.
10. Security
- All traffic is encrypted in transit (HTTPS / TLS 1.2+)
- Database connections use TLS, data at rest is encrypted by our hosting provider
- Authentication tokens stored on your device are encrypted via Windows DPAPI through Electron
safeStorage - HTTP-level protection (Helmet headers: HSTS, X-Frame-Options, X-Content-Type-Options) and rate limiting on every API endpoint
- Webhooks are signed and verified cryptographically (svix for Clerk, Stripe's built-in signature verification)
- Account deletion cascades through all related tables (subscription, usage events, vocabulary, profile) and triggers a request to remove your data from sub-processors
In the event of a data breach affecting your rights and freedoms, we will notify the CNIL within 72 hours and inform you directly without undue delay (GDPR Art. 33-34).
11. Children
Keystro is not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has signed up, contact privacy@keystro.ai and we will delete the account.
12. California residents (CCPA / CPRA)
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):
- The right to know what personal information we collect about you
- The right to request deletion of your personal information
- The right to correct inaccurate personal information
- The right to opt out of the sale or sharing of your personal information
- The right to non-discrimination for exercising your rights
We do not sell or share personal information for cross-context behavioral advertising. To exercise your CCPA rights, contact privacy@keystro.ai.
13. UK residents (UK-GDPR)
UK residents enjoy the same rights as EU residents under the UK-GDPR. Complaints can be filed with the Information Commissioner's Office (ICO) at ico.org.uk.
14. Other jurisdictions
Wherever you are, we apply the GDPR standard of protection as our baseline. If your local law grants you additional rights, we will honor them. To make a request, write to privacy@keystro.ai and tell us where you are based.
15. Changes to this policy
We may update this policy as Keystro evolves or as legal requirements change. For any material change (new sub-processor handling significant data, new processing purpose, change of controller), we will notify you by email at least 30 days before the change takes effect, and the "effective" date at the top of this page will be updated. Continued use after the effective date constitutes acceptance.
16. Contact
For any privacy question, request, or concern: privacy@keystro.ai.
See also: Terms of Use · Terms of Sale · Mentions légales (FR)