Cresve

Legal

Privacy Policy

Last updated: May 2025

This Privacy Policy describes how Cresve Ltd, a company registered in Scotland, United Kingdom ("Cresve", "we", "us" or "our") collects, uses and protects information about you when you visit cresve.com or use the Cresve platform. We take privacy seriously and only collect what we need to provide the service.

1. Information we collect

We collect three categories of information:

  • Account information — your name, work email, company name and role when you create an account or request access.
  • Business data — data you connect to Cresve through read-only integrations with your advertising, analytics, CRM and finance tools, used to power the AI workforce on your behalf.
  • Usage data — log data, device and browser metadata, and product usage events used to operate, secure and improve the service.

2. How we use information

We use the information described above to:

  • Provide, maintain and improve the Cresve platform.
  • Train per-customer memory used by your dedicated AI workforce.
  • Communicate with you about your account, product updates and security.
  • Detect, prevent and respond to fraud, abuse or security incidents.
  • Comply with applicable legal obligations.

We do not sell your personal information. We do not use your business data to train third-party foundation models.

3. Legal bases (UK & EEA users)

Where the UK GDPR or EU GDPR apply, we rely on the following lawful bases: performance of a contract, our legitimate interests in operating and securing the service, your consent (where required, for example for non-essential cookies), and compliance with legal obligations.

4. Sharing and sub-processors

We share information with a small number of vetted sub-processors that help us run Cresve — for example, cloud infrastructure, error monitoring and customer support tools. All sub-processors are bound by data protection agreements.

5. International transfers

Cresve is operated from the United Kingdom. Where we transfer personal data outside the UK or EEA, we rely on appropriate safeguards such as the UK International Data Transfer Addendum and the EU Standard Contractual Clauses.

6. Retention

We retain personal information for as long as your account is active and for a limited period afterwards as needed to comply with our legal obligations and to resolve disputes. Business data is deleted on request, subject to backup retention windows.

7. Your rights

Depending on where you live, you may have the right to access, correct, delete, port or restrict the processing of your personal information, and to object to certain processing. To exercise any of these rights, email privacy@cresve.com.

8. Security

We use industry-standard administrative, technical and physical safeguards to protect your information — including encryption in transit and at rest, role-based access controls, and regular security reviews. No system is perfectly secure, but we take this responsibility seriously.

9. Children

Cresve is intended for business use and is not directed to anyone under 16. We do not knowingly collect personal information from children.

10. Changes

We may update this policy from time to time. When we do, we will revise the "Last updated" date above and, for material changes, notify you by email or through the product.

11. Contact

Questions about this policy? Email privacy@cresve.com.