Andsent

Privacy policy

Last updated 14 July 2026

This policy covers the Andsent service at andsent.com. The short version: we collect the minimum needed to run an AI spend wallet for your organisation, we never see prompt or completion content, and we do not sell or train on your data.

What we collect

Account data (name, work email, password hash), organisation data (workspace name, teams, budgets, policies), and synced usage aggregates from providers you connect (spend, tokens, requests and seat activity per day per resource). Standard service logs (IP address, user agent) are kept briefly for abuse prevention.

What we do not collect

Prompt or completion content, source code, files, or the substance of anyone's AI conversations. The admin APIs we sync from expose usage metadata, not content, and we request read-only scopes.

How we use it

To provide the service: dashboards, budgets, enforcement, insights and recommendations for your own workspace. Optional AI-written summaries send only the aggregate figures already shown on your screen, and only if your workspace enables them. We do not sell personal data, share it with advertisers, or use it to train models.

Where it lives and how long

Data is stored on Google Cloud, encrypted in transit and at rest, and retained for as long as your workspace exists. Deleting your workspace deletes its data from the live system; replicated backups age out on a rolling window.

Your rights

You can access, correct, export or delete your workspace's data at any time; email privacy@andsent.com. If you are in the UK or EU, you have the rights set out in UK GDPR and GDPR, including complaint to your supervisory authority. Andsent processes member data as a processor on behalf of your organisation, which remains the controller.

Cookies

One httpOnly session cookie to keep you signed in. No advertising or cross-site tracking cookies.

Contact

Questions: privacy@andsent.com.