Last updated June 8, 2026
Privacy Policy.
This Privacy Policy explains how Deepslate Inc., doing business as Embrasure (“Embrasure,” “we,” “us,” or “our”), collects, uses, discloses, and protects personal information when people visit our website, evaluate or buy Embrasure, use the Embrasure product, or contact us. For customer deployments, this public policy is supplemented by our Data Processing Addendum (“DPA”) and any signed agreement with the customer.
Scope and roles
Embrasure provides software that helps teams connect governed data sources, ask questions, build context, and operate data agents. In most customer workspaces, the customer is the controller of the personal information they choose to put in or connect to Embrasure, and Embrasure is the processor or service provider. Embrasure is the controller for account administration, website visitors, sales, billing, security, and product improvement data we collect for our own business operations.
This policy applies to Embrasure websites, hosted product interfaces, local tooling that authenticates to Embrasure services, support communications, and related business interactions. It does not govern a customer's own data practices or third-party websites that may link to or from Embrasure.
Information we collect
| Account | Name, work email, company, title or role, workspace membership, authentication identifiers, SSO domain, invited users, and administrative settings. |
|---|---|
| Customer data | Prompts, agent instructions, dashboard content, notebook content, uploaded or connected metadata, semantic definitions, query plans, and rows returned to a chat, workflow, notebook, or dashboard session. |
| Connector data | Connection configuration, hostnames, schemas, table and column names, access scopes, sync status, and encrypted credentials or tokens provided by authorized workspace administrators. |
| Usage | Pages and features used, searches, runs, model selections, errors, latency, logs, device/browser information, IP address, approximate location derived from IP, and audit events. |
| Support | Messages, call notes, implementation details, bug reports, screenshots, and other information shared with our team. |
| Commercial | Plan, billing contact, invoice status, contract metadata, procurement information, and communications with sales or customer success. |
Embrasure does not intentionally collect payment card numbers directly; payment information is processed by our payment or billing providers if a paid plan requires it.
How we collect information
- Directly from users and workspace administrators when they create accounts, configure workspaces, connect data sources, invite teammates, contact us, or use the product.
- Automatically from the product and website through logs, cookies, analytics events, security telemetry, and similar technologies.
- From connected systems that an authorized customer user chooses to connect, such as warehouses, identity providers, collaboration tools, or business applications.
- From business sources such as procurement systems, partner referrals, public company websites, and communications with prospective customers.
How we use information
- Provide, secure, maintain, and improve Embrasure.
- Authenticate users, enforce workspace roles, support SSO and domain restrictions, and prevent unauthorized access.
- Connect to customer-authorized data sources, generate catalog metadata, run approved queries, produce agent outputs, and maintain auditability.
- Provide support, debug issues, investigate errors, and communicate about product changes, incidents, billing, and security.
- Measure usage, reliability, performance, and feature adoption so we can improve the product and prioritize engineering work.
- Protect against abuse, fraud, security threats, and violations of our agreements or acceptable use rules.
- Comply with legal, tax, accounting, security, and compliance obligations.
Warehouse and customer data
Embrasure is designed for governed access to customer data sources. We do not bulk replicate source warehouse tables into Embrasure. We may store the metadata, semantic definitions, query plans, prompts, agent activity, and bounded result rows needed to provide the product, maintain conversation history, support audit logs, and troubleshoot customer-reported issues.
Customers control the credentials, scopes, workspace roles, governance settings, retention expectations, and connected sources they configure. Customers should not connect data sources or provide personal information unless they are authorized to do so.
AI processing and model training
Embrasure uses large language models and related AI services to generate responses, plans, summaries, workflows, and other product outputs. Input to those services can include prompts, schema metadata, query context, selected result rows, and workspace configuration necessary to complete the requested task.
- We do not train Embrasure-owned foundation models on customer data.
- We do not sell customer data or share it for cross-context behavioral advertising.
- For listed AI subprocessors, we configure commercial/API processing settings intended to prevent provider training on customer data and enable zero data retention where available.
- Customers can choose available model providers and should treat AI outputs as generated assistance that may require review before business use.
Cookies and analytics
We use necessary cookies and similar technologies for authentication, session management, security, preference storage, and load balancing. We may use product analytics to understand aggregate product usage, diagnose reliability issues, and improve onboarding and core workflows.
We do not use cookies to sell personal information or to serve third-party behavioral advertising. Browser settings may allow you to block or delete cookies, but some product features may not work without necessary cookies.
How we disclose information
| Subprocessors | We use subprocessors to host, secure, deliver, support, and operate Embrasure. Our current infrastructure and AI subprocessors are listed on the Security page. |
|---|---|
| Customer admins | Workspace owners and administrators may access workspace membership, roles, audit events, settings, usage, content, and connected-source configuration according to their permissions. |
| Legal | We may disclose information when required by law, subpoena, court order, government request, or to protect rights, safety, security, and integrity. |
| Business transfers | If Embrasure is involved in a merger, acquisition, financing, reorganization, or sale of assets, information may be transferred as part of that transaction subject to appropriate protections. |
| With consent | We may disclose information when a customer or user directs us to do so or gives consent. |
We do not sell personal information. We do not share personal information for third-party cross-context behavioral advertising.
Security
We use administrative, technical, and organizational safeguards designed to protect personal information, including encryption in transit, encryption at rest, workspace access controls, row-level security, audit logging, least-privilege production access, and vulnerability management. More detail is available on our Security page.
No method of transmission or storage is perfectly secure. Customers are responsible for managing their own accounts, user permissions, connector scopes, and source-system access controls.
Retention and deletion
| Workspace data | Retained while the workspace subscription or evaluation remains active, then deleted or de-identified within 30 days after termination unless a contract, legal obligation, security need, or backup lifecycle requires a different period. |
|---|---|
| Backups | Backups are retained for disaster recovery and security purposes and expire on a rolling schedule. Deleted data may remain in backups until the backup expires. |
| Logs | Security, audit, and operational logs are retained as needed for investigation, abuse prevention, compliance, and reliability. |
| Commercial records | Invoices, contracts, tax records, and related business records are retained as required for accounting, legal, and compliance obligations. |
Customers may request deletion or export through their workspace administrator or by contacting us. We may need to verify authority before acting on a request.
International transfers
Embrasure operates primarily from the United States. If personal information is transferred from the European Economic Area, United Kingdom, Switzerland, or another jurisdiction with transfer restrictions, we use appropriate safeguards such as contractual commitments, data processing terms, and Standard Contractual Clauses where applicable.
Privacy rights
Depending on your location and relationship with Embrasure, you may have rights to access, correct, delete, restrict, object to, or receive a portable copy of personal information. You may also have the right to withdraw consent or lodge a complaint with a data protection authority.
If your information is part of a customer workspace, we may refer your request to the customer or ask the customer to authorize the request. To exercise rights, email privacy@embrasure.ai. We will respond as required by applicable law.
Legal bases for EEA, UK, and Swiss users
| Contract | To provide Embrasure, administer accounts, support users, and perform customer agreements. |
|---|---|
| Legitimate interests | To secure, improve, market, and operate Embrasure, prevent abuse, debug issues, and communicate with business contacts. |
| Legal obligation | To comply with accounting, tax, security, sanctions, law enforcement, and regulatory obligations. |
| Consent | Where required for optional communications, certain cookies, or other processing that depends on consent. |
California and other US state notices
Embrasure is a business-to-business service. We do not sell personal information and do not share personal information for third-party cross-context behavioral advertising. We use sensitive personal information only as needed to provide, secure, support, and improve the service, comply with law, or as otherwise permitted by applicable law.
Depending on your state, you may have rights to access, delete, correct, or receive a copy of personal information, and to appeal certain decisions. You can exercise those rights by emailing privacy@embrasure.ai.
Children
Embrasure is not directed to children and is intended for business use. We do not knowingly collect personal information from children under 16. If you believe a child provided personal information to Embrasure, contact us and we will take appropriate steps to delete it.
Changes to this policy
We may update this policy from time to time. If changes are material, we will provide notice through the product, by email, or by other reasonable means. The “last updated” date shows when this policy was most recently revised.
Contact
Privacy requests and questions: privacy@embrasure.ai
Legal notices: legal@embrasure.ai