Privacy Policy

Last updated: 25 May 2026 · Perform Digital Private Limited

This policy explains how Perform Digital Private Limited ("Perform Digital", "we", "our") collects, uses, stores, and protects personal data when you visit perform.digital, contact us, or contract us to build, train, or operate an AI agent on your behalf.

1. Who we are

Perform Digital Private Limited is incorporated in the European Union and the Republic of India. Our European entity is the controller for data collected in the EU and the UK; our Indian entity is the controller for data collected in India and the rest of APAC. References to "Perform Digital" below mean whichever entity is the controller for your data in your jurisdiction.

2. The data we process

We process two categories of personal data.

2.1 Visitor data

Collected when you browse perform.digital or contact us. It includes the contents of any form you submit (name, email address, company, message), strictly necessary cookies, opt-in analytics events, and server logs (IP address, user agent, referer, timestamp).

2.2 Client engagement data

Collected when an organisation contracts us to design, build, fine-tune, or operate an AI agent. It includes documents, datasets, prompts, conversation logs supplied by the client, operational metrics from the deployed agent, configuration values, and audit trails. We process this data as a processor on behalf of the client.

2.3 Blog comment data

Collected when you submit a comment on a blog post: your name, email address, and the comment itself. Comments are reviewed before they appear. If published, your name and comment are shown publicly with the post; your email address is never published and is used only to contact you about your comment.

2.5 Cost estimator data

Collected when you use the cost estimator on perform.digital. The estimator is a nine-question modal. Each answer is saved to our database as you click through, so you can resume if you close the tab. The answers are operational inputs only: project shape, scope, user count, compute preference, data residency, evaluation rigour, and so on. We do not ask for, and the modal does not collect, any special-category data, financial account data, or any information about anyone other than the person filling it in.

At the end, the modal offers to email you a PDF breakdown of the estimate. The email address is optional. If you provide it, we store it lowercased and trimmed, alongside a hashed form of your IP address (salted with a key we rotate yearly), the version of the consent text you saw, and the timestamp of your choice. If you tick the marketing checkbox, we record that as a separate, withdrawable consent under Article 7 of the GDPR. If you do not tick it, we use the email only to deliver the PDF and for any direct reply to a question you raised.

We only accept work email addresses on the estimator form. Free email providers (gmail, outlook, yahoo, icloud, and similar) and disposable email services are rejected at submit time. This is a quality signal, not a value judgement, and you are welcome to contact us through any other channel.

2.4 Spiderbrain data

Spiderbrain is a source-available software tool published by Perform Digital under the Business Source Licence 1.1, with a Change Date of 2030-01-01 that converts it to the Apache-2.0 open-source licence. The tool itself collects no telemetry. It runs locally against a project directory and writes only to the sibling brain folder it creates.

Where Perform Digital is engaged to operate Spiderbrain on behalf of a client (a hosted deployment), the contents of the client's codebase, the generated dependency graph (synganglion.json), the per-cluster maps, the cephalothorax journal, and the dragline snapshots are treated as Client Engagement Data under section 2.2 and processed under the residency, encryption, retention, and deletion controls set out below.

Source code processed by Spiderbrain is never reused for our own model training, benchmarking, or any other purpose. The two public benchmark numbers we cite (154 nodes on perform.digital and 1,629 nodes on Saroir) are aggregates that disclose only the graph shape, not any file contents. Anyone can verify the perform.digital figure by re-running the tool against the public site source. The Saroir figure was disclosed by Saroir under separate agreement.

3. Why we process it (purpose limitation)

Visitor data is processed only to respond to your enquiries, operate and improve the site, and meet our legal obligations.

Where you opt in on the cost estimator, we use your email to send marketing communications about Perform Digital products, services, and research. We cap these at a maximum of three emails per week, and we tailor them to the information you provided in the estimator and to your subsequent actions on perform.digital (which pages you read, which assets you downloaded). You can withdraw this consent at any time using the methods set out in section 9 below, without affecting the lawfulness of any processing already carried out.

Client engagement data is processed only for the purpose set out in the client's Master Services Agreement and Statement of Work. We do not reuse client data for our own model training, benchmarking, marketing, or any other purpose. Each new processing flow is added to a written processing register before activation.

4. Where it is stored (regional residency)

Each client engagement runs on infrastructure provisioned in the same regulatory region as the client. EU clients are served from EU regions; Indian clients are served from Indian regions; clients elsewhere are served from the data centre nearest them that satisfies their compliance obligations.

Model training, fine-tuning, and weight updates for any client-specific model take place in the same region as that client's data. Weights, intermediate checkpoints, and evaluation artefacts do not leave the client's region. Where a multi-region client team needs access, we rely on Standard Contractual Clauses, Adequacy Decisions, or equivalent transfer mechanisms.

5. How it is protected

• Encryption at rest. Every server and storage volume used for client engagements is encrypted at the disk and database layer with industry-standard ciphers (AES-256 or stronger).
• Encryption in transit. Traffic is protected by TLS 1.2 or higher. We use HSTS, certificate pinning where supported, and modern cipher suites.
• Multi-factor authentication. MFA is enforced on every administrative account, every cloud provider console, every code repository, and every shared service.
• Key management. Encryption keys are held in a managed Key Management Service. Key material is itself encrypted, rotated on a defined schedule, and every access is audited.
• Salted credential hashing. Credentials we store are hashed with a salted, memory-hard algorithm (Argon2id or bcrypt). We do not store plaintext credentials.
• Pseudonymization. Wherever a record does not require a direct identifier, we replace it with a pseudonym. The mapping is held separately, with stricter access controls than the pseudonymised store.
• Data minimization. We collect and retain only the personal data needed for the stated purpose. Optional fields are clearly marked. We periodically audit our schemas and drop columns that no longer earn their keep.
• Consent-aware activation. Where consent is the lawful basis, no processing begins for a record until consent is recorded in our consent registry. Withdrawal halts processing automatically and triggers the deletion workflow described below.

6. How long we keep it (retention windows)

Each category of data has a written retention rule, expressed in days, that governs the maximum time we hold it.

• Visitor form submissions: 12 months from collection, unless extended by an active engagement or a legal obligation.
• Strictly necessary cookies: session only.
• Analytics cookies (opt-in): 13 months.
• Server and access logs: 90 days, except where a longer retention is needed for an active security investigation or a legal hold.
• Client engagement data:for the term of the engagement plus the retention period agreed in the SOW (typically 12 to 36 months), after which the data is hand-back or deleted, at the client's election.
• Estimator sessions without an email captured: 12 months from the date the session was started.
• Estimator sessions with an email captured: 36 months from the last consent event or from completion of the estimator, whichever is later, after which the row is hand-deleted or anonymised. Marketing consent records (the consent ledger) are retained for the same window as the underlying session, for audit and regulatory purposes.

7. Deletion workflows

Records that pass their retention window enter an automated deletion workflow. Each run is logged, and the log is itself retained for the longer of two years or the local statute of limitations. On engagement closure, clients receive a Deletion Attestation that lists, by data category and by system, the records removed.

Subjects who exercise their right to erasure are processed through the same workflow within 30 days for EU/UK requests and as soon as practicable for DPDP requests under Indian law.

8. Your rights

Depending on where you live and the applicable law, you have the right to:

• access the personal data we hold about you;
• correct inaccurate or incomplete data;
• request deletion (subject to legal retention);
• restrict or object to processing;
• receive your data in a portable format;
• withdraw any consent you previously gave, at any time, without affecting the lawfulness of past processing;
• lodge a complaint with your local supervisory authority (in the EU) or the Data Protection Board (in India).

To exercise any right, email privacy@perform.digital. We aim to respond within 30 days.

9. Marketing communications and unsubscribe

If you opted in on the cost estimator, you can withdraw at any time through any of three routes. The first is the one-click unsubscribe link in the footer of every marketing email we send you; this flips your record immediately and you will see no further marketing from us. The second is by emailing privacy@perform.digital with the word "unsubscribe" in the subject line; we honour these within five working days, and the technical flag is set immediately on receipt. The third applies if you would rather be erased entirely: use the rights process in section 8, and we will delete the underlying record under Article 17 of the GDPR.

Re-subscribing is also a one-click flow. If you change your mind we keep the prior unsubscribed timestamp for audit and add a fresh consent ledger row; we never silently re-enrol anyone.

10. Cookies

We use strictly necessary cookies for session integrity and an analytics cookie that loads only after opt-in. You can change your choice at any time from the cookie banner.

11. Changes to this policy

We update this policy from time to time. The "Last updated" date at the top reflects the most recent revision. Material changes are flagged on the site for at least 30 days before they take effect.

12. Contact

Email: privacy@perform.digital
Data Protection Officer: dpo@perform.digital
Postal: Perform Digital Private Limited, Registered Office, European Union and Republic of India.