← Back to Blaise

Privacy Policy

Last updated: March 2026

Your privacy is critically important to us. At Noemata Technologies GmbH, we have a few fundamental principles:

  • We are thoughtful about the personal information we ask you to provide and the personal information we collect about you through the operation of our services.
  • We store personal information for only as long as we have a reason to keep it.
  • We aim to make it as simple as possible for you to control what information is shared publicly or kept private.
  • We aim for full transparency on how we gather, use, and share your personal information.

Who We Are and What This Policy Covers

We are Noemata Technologies GmbH, the company behind Blaise — an AI agent coordinator platform designed to streamline development workflows. This Privacy Policy explains how we collect, use, and share information about you when you use Blaise and its associated services (collectively, the "Services").

This policy applies to information collected when you use our website, web application, and any APIs or integrations we provide.

Information We Collect

We only collect information about you if we have a reason to do so — for example, to provide our Services, to communicate with you, or to improve our Services. We collect information from three sources: directly from you, automatically through your use of our Services, and from third-party services.

Information You Provide to Us

  • Account information: When you sign up, we collect your name, email address, and authentication credentials (such as via GitHub OAuth). We may also collect a profile picture if provided by your authentication provider.
  • Workspace information: When you set up a workspace, we collect the name and configuration details you provide.
  • Payment information: If you subscribe to a paid plan, we collect billing information (processed securely via our payment processor — we do not store full card numbers).
  • Communications with us: If you contact us for support or feedback, we keep a copy of that correspondence.
  • Integration credentials: When you connect third-party services (such as Linear), we store the access tokens or configuration necessary to operate the integration.

Information We Collect Automatically

  • Log information: We collect standard web server log data including IP addresses, browser type, referring pages, and timestamps when you use our Services.
  • Usage information: We collect information about how you interact with our Services, such as pages visited, features used, and actions performed within the application.
  • Device information: We may collect information about the device you use to access our Services, including operating system and browser version.
  • Cookies and similar technologies: We use cookies and similar tracking technologies to maintain your session and preferences. You can control cookie usage through your browser settings.

Information We Receive from Third Parties

  • OAuth providers: If you sign in via GitHub or another supported provider, we receive information such as your username, email address, and profile picture from that provider, subject to your authorization.
  • Integration services: When you connect Blaise to third-party services, we may receive data from those services as needed to operate the integration (e.g., issue data from Linear).

How and Why We Use Information

Purposes for Using Information

  • To provide our Services: Set up and maintain your account, operate the platform, and deliver the features you use.
  • To improve our Services: Understand how users interact with Blaise so we can build better features and fix issues.
  • To communicate with you: Send transactional emails (e.g., account confirmations), respond to support requests, and share important updates about the Services.
  • To protect our Services and users: Detect and prevent security incidents, spam, and fraudulent or illegal activity.
  • To comply with legal obligations: Fulfill our obligations under applicable law.

Legal Bases for Processing (EU/GDPR)

For users in the European Union or EEA, our legal bases for processing personal information are:

  • Contract performance: Processing necessary to provide the Services you signed up for (e.g., account management, payment processing).
  • Legitimate interests: Processing necessary for our legitimate interests, such as improving our Services, maintaining security, and communicating with users — provided these interests are not overridden by your rights.
  • Legal obligation: Processing required to comply with applicable law.
  • Consent: Where you have given explicit consent, for example for optional cookies or marketing communications.

Sharing Information

We share information about you only in limited circumstances and with appropriate safeguards:

  • Service providers: We share information with third-party vendors who help us operate our Services, such as cloud hosting providers, payment processors, and analytics services. These vendors are contractually required to protect your information and process it only on our behalf.
  • Legal requirements: We may disclose information if required by law, court order, or governmental authority.
  • Protection of rights: We may disclose information when we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Noemata Technologies GmbH, our users, or the public.
  • Business transfers: If Noemata Technologies GmbH is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your information is transferred and becomes subject to a different privacy policy.
  • With your consent: We may share information with your explicit consent or at your direction.
  • Aggregated or anonymized data: We may share aggregated or de-identified information that cannot reasonably identify you.

How Long We Keep Information

We retain personal information for as long as necessary to provide our Services and fulfill the purposes described in this policy, or as required by law. When you delete your account, we will delete your personal information within a reasonable time, except where we are required to retain it for legal or legitimate business reasons (e.g., to resolve disputes or comply with legal obligations).

Log data is typically retained for up to 90 days. Integration tokens are deleted when you disconnect an integration or delete your account.

Security

We take reasonable technical and organizational measures to protect your information against unauthorized access, disclosure, alteration, or destruction. This includes encryption of data in transit (TLS), access controls, and regular security monitoring. No online service can guarantee absolute security, and we encourage you to use strong passwords and protect your account credentials.

Your Rights

Depending on your location, you may have certain rights regarding your personal information.

European General Data Protection Regulation (GDPR)

If you are located in the EU, EEA, or a country subject to GDPR, you have the following rights:

  • Right to access your personal data;
  • Right to correction or deletion of your personal data;
  • Right to object to our processing of your personal data;
  • Right to restriction of processing;
  • Right to data portability; and
  • Right to lodge a complaint with a supervisory authority (in Germany: the Berliner Beauftragte für Datenschutz und Informationsfreiheit).

Your Choices

  • Account information: You can update your account information through your account settings.
  • Marketing communications: You can opt out of marketing emails by following the unsubscribe link in any marketing email we send.
  • Cookies: You can control cookies through your browser settings, though some features may not function properly without them.
  • Account deletion: You can delete your account at any time through your account settings. Please note that some information may be retained for a period after deletion as described above.

Data Controller

The data controller responsible for your personal information is:

Noemata Technologies GmbH
Waldemarstr. 3b
10179 Berlin
Germany

Managing Director: Michele Piccirillo
Email: [email protected]

International Data Transfers

Our Services are operated from the European Union. If you access our Services from outside the EU, your information may be transferred to and processed in countries with different data protection laws. We take appropriate measures to ensure that your information is protected in accordance with this policy, including using standard contractual clauses approved by the European Commission where required.

Third-Party Services

When you connect Blaise to third-party services (such as GitHub or Linear), those services operate under their own privacy policies. We encourage you to review those policies before connecting. We are not responsible for the data practices of third-party services.

Privacy Policy Changes

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice in the application or sending you an email. Your continued use of our Services after a change becomes effective means you accept the updated policy.

How to Reach Us

If you have questions about this Privacy Policy, or wish to exercise your rights, please contact us at: [email protected]