Effective: March 29, 2026 · Last updated: March 29, 2026
The data controller for this service is:
AI BOLLINGMO
Enkeltpersonforetak (sole proprietorship)
Org.nr.: [ORG_NR]
Monstadvegen 22, 7170 Åfjord, Norway
Email: privacy@eustore.dev
eustore.dev is a headless, API-only infrastructure service designed primarily for autonomous AI agents. It has no user dashboard, no login page, and no browser-based interaction. This fundamentally limits the personal data we collect — there are no cookies, no tracking pixels, no analytics scripts, and no user sessions in the traditional sense.
| Data | Purpose | Legal Basis | Retention |
|---|---|---|---|
| Account name | Account identification | Art. 6(1)(b) – contract performance | Until account deletion |
| Email address | Billing contact, abuse notification | Art. 6(1)(b) – contract performance | Until account deletion |
| API key hash | Authentication | Art. 6(1)(b) – contract performance | Until account deletion |
| Stripe customer ID | Payment processing | Art. 6(1)(b) – contract performance | Until account deletion |
| Crypto wallet addresses (from payments) | Payment matching | Art. 6(1)(b) – contract performance | Until account deletion + 7 years (tax) |
Note on AI agents: When an AI agent registers an account, the email provided may be a functional mailbox rather than personal data. Where no natural person is identifiable, GDPR does not apply to that data. We treat all data uniformly regardless.
| Data | Purpose | Legal Basis | Retention |
|---|---|---|---|
| IP address | Security, abuse prevention, rate limiting | Art. 6(1)(f) – legitimate interest | 30 days |
| Request timestamps | Debugging, billing verification | Art. 6(1)(f) – legitimate interest | 30 days |
| HTTP method, path, status code | Debugging, monitoring | Art. 6(1)(f) – legitimate interest | 30 days |
| User-Agent header | Compatibility, debugging | Art. 6(1)(f) – legitimate interest | 30 days |
Files stored in object storage and vectors/metadata stored in the vector database constitute "Customer Content." We act as a data processor (Art. 28 GDPR) for any personal data within Customer Content. We:
| Sub-Processor | Purpose | Location |
|---|---|---|
| Hetzner Online GmbH | Infrastructure hosting, object storage (DE-FSN1, DE-NBG1) | Germany |
| Hetzner Finland Oy | Infrastructure hosting, object storage (FI-HEL1) | Finland |
| Stripe, Inc. | Card payment processing | USA (EU SCCs in place, EU data processing) |
Stripe processes payment data under its own controllership for fraud prevention and compliance. See Stripe's Privacy Policy.
Cryptocurrency payments: Processed on public blockchains. Transaction data on blockchains is inherently public and immutable. We query public blockchain explorer APIs to match payments but do not transmit personal data to these services.
Customer Content is stored exclusively within the EU/EEA (Germany and Finland). No Customer Content is transferred to third countries.
Stripe may process payment metadata in the USA under EU Standard Contractual Clauses (SCCs). No other international transfers occur.
The eustore.dev website and API use no cookies, no tracking pixels, no analytics services, and no fingerprinting. We do not use Google Analytics, Facebook Pixel, or any similar service. The only cookie that may be set is a functional A/B test cookie (eustore_variant) with no personal data, which falls under the strictly necessary exemption.
If you are an identified or identifiable natural person, you have the right to:
To exercise any right, email privacy@eustore.dev. We respond within 30 days.
As a Norwegian entity, our lead supervisory authority is:
Datatilsynet (Norwegian Data Protection Authority)
Postboks 458 Sentrum, 0105 Oslo, Norway
www.datatilsynet.no
You also have the right to lodge a complaint with any EU/EEA supervisory authority, including the authority in your country of residence.
| Data Category | Retention Period |
|---|---|
| Account data | Until account deletion + 30 days |
| Billing/payment records | 7 years after transaction (Norwegian tax law, bokføringsloven § 13) |
| Server access logs | 30 days |
| Customer Content (files, vectors) | Until deletion by customer or 30 days after account termination |
This service is designed primarily for autonomous AI agents. In most use cases, the "user" is software, not a natural person. Where an AI agent registers with a functional email (e.g., agent@company.com) and stores only non-personal data (embeddings, model outputs, synthetic data), GDPR data subject rights do not arise. However, if personal data is stored as Customer Content, the agent's principal is responsible as the data controller for that content, and we act as processor.
We may update this Privacy Policy. Changes are posted here with an updated effective date. Material changes affecting your rights will be announced 30 days in advance.
Data protection inquiries: privacy@eustore.dev
General contact: legal@eustore.dev
Gültig ab: 29. März 2026
AI BOLLINGMO
Einzelunternehmen (Enkeltpersonforetak), Norwegen
Org.nr.: [ORG_NR]
Monstadvegen 22, 7170 Åfjord, Norwegen
E-Mail: privacy@eustore.dev
eustore.dev ist ein rein API-basierter Infrastrukturdienst, der primär für autonome KI-Agenten konzipiert ist. Es gibt kein Dashboard, keine Anmeldeseite und keine browserbasierte Interaktion. Dies begrenzt grundlegend die von uns erhobenen personenbezogenen Daten — es werden keine Cookies, keine Tracking-Pixel, keine Analyseskripte und keine Benutzersitzungen im herkömmlichen Sinne verwendet.
Bei der Registrierung: Kontoname, E-Mail-Adresse, API-Schlüssel-Hash, ggf. Stripe-Kunden-ID und Krypto-Wallet-Adressen. Rechtsgrundlage: Art. 6 Abs. 1 lit. b DSGVO (Vertragserfüllung). Speicherung bis zur Kontolöschung.
IP-Adresse, Zeitstempel, HTTP-Methode/Pfad/Statuscode, User-Agent. Rechtsgrundlage: Art. 6 Abs. 1 lit. f DSGVO (berechtigtes Interesse an Sicherheit und Betrieb). Speicherung: 30 Tage.
In Object Storage und Vektordatenbank gespeicherte Daten sind „Kundeninhalte". Wir handeln als Auftragsverarbeiter (Art. 28 DSGVO). Wir greifen nicht auf Kundeninhalte zu, analysieren oder nutzen sie nicht. Speicherung ausschließlich in der EU (Deutschland/Finnland).
Sie haben das Recht auf Auskunft (Art. 15), Berichtigung (Art. 16), Löschung (Art. 17), Einschränkung (Art. 18), Datenübertragbarkeit (Art. 20) und Widerspruch (Art. 21). Anfragen an: privacy@eustore.dev.
Zuständige Aufsichtsbehörde: Datatilsynet (Norwegische Datenschutzbehörde), Postboks 458 Sentrum, 0105 Oslo, Norwegen. Sie können sich auch an jede EU/EWR-Aufsichtsbehörde wenden, einschließlich der Behörde in Ihrem Wohnsitzland.
Diese Website und API verwenden keine Cookies, keine Tracking-Pixel und keine Analysedienste.