Privacy & data handling

Last updated: May 9, 2026

CastorIQ is an invite-only beta. There is no formal company behind it yet, no signed contract, and no commercial offering. This page exists to be transparent about what happens to data you give us.

What we collect

• Application data you submit on the landing form — email, name, role, and your reason for applying.
• Account data created on approval — username (your email), hashed password, and timestamps.
• IFC files and documents you upload to your projects, plus the embeddings derived from them.
• Conversation logs — the prompts you send, the responses you get, and which model produced them.
• Operational logs — request URLs, IP, user agent, error traces. Used to debug and monitor the service.

Where it lives

On a single VPS in the EU (Hetzner). Daily encrypted backups go to a separate Hetzner Storage Box. Nothing is sold. Nothing is shared with third parties for advertising.

Cloud LLM providers

When the cloud LLM providers (Anthropic, Groq) are active in the admin config — which is the default for the beta — your prompts and the relevant context (model entities, document chunks) are sent to them over HTTPS so they can produce a response. They are bound by their own published terms. If you don't want this, you can run CastorIQ against a local Ollama model instead; ask the operator.

What you can ask us to do

• Delete your account and all associated data.
• Export your conversations and uploaded files.
• Stop using cloud LLM providers for your account.

Email the operator at carlo.cogni@protonmail.com. Expect a same-week response — this is a one-person beta.

Cookies

Two cookies only: a session cookie (so you stay signed in) and a CSRF cookie (so forms work). No analytics, no tracking, no ad networks.

← Back to landing