Legal
Privacy Policy
Last updated: 8 July 2026
This policy explains what information Passcut collects through this website, why we collect it, and the choices you have. We keep it plain because that is how we run everything else.
Passcut is based in Jakarta, Indonesia. If you have any question about this policy or your data, write to us at [email protected].
What this policy covers
This policy covers the passcut.com website and the inquiries you send us through it, such as a workflow audit request or an email.
It does not cover the data your AI agents process once you are a client. That data runs through your own accounts under a separate service agreement, described under 'Client data and production systems' below.
Information we collect
We collect only what we need to answer you and run the site.
- Information you give us. When you submit the workflow audit form, you provide your name, work email, and optionally your company, team size, current software stack, and a description of the workflow you want to automate. When you email us, we receive whatever you write.
- Information collected automatically. Our hosting and any analytics we use may record standard technical data such as your IP address, browser type, pages viewed, and the page that referred you. We use this to keep the site working and understand what content is useful.
- Cookies and similar technologies. The site uses only what is needed to function. If we enable privacy-respecting analytics, we will describe it here and honor your browser and regional preferences.
How we use information
We use the information above to:
- Respond to your inquiry and prepare your workflow audit.
- Communicate with you about a possible or active engagement.
- Operate, secure, and improve the website.
- Meet legal and accounting obligations.
We do not sell your personal information, and we do not use it for advertising to you across other sites.
Legal bases (for EU and UK visitors)
Where the GDPR or UK GDPR applies, we process your information on these bases: your consent, where you give it; our legitimate interest in responding to inquiries and running the site, balanced against your rights; and, once you are a client, the performance of our contract with you.
Client data and production systems
This is the part that makes us different, so we state it plainly. When we build and run agents for you, the data those agents process runs through your own accounts with the model providers, under their no-training API terms. We do not warehouse your business data, and we say so in the contract.
During an engagement we hold access you can revoke, not copies of your data. For clients in the EU we scope engagements and, where needed, sign a Data Processing Agreement so obligations sit where the law puts them. The service agreement, not this website policy, governs that relationship.
How long we keep information
We keep inquiry information for as long as we are in contact and for a reasonable period afterward, so we can follow up and meet our record-keeping obligations. When it is no longer needed, we delete it. You can ask us to delete it sooner.
Your rights
Depending on where you live, you may have the right to access the personal information we hold about you, correct it, delete it, receive a copy, restrict or object to processing, and withdraw consent. If you are in California, you may have the right to know what we collect, request deletion, and opt out of any sale of personal information; we do not sell personal information.
To exercise any of these rights, email us at [email protected]. We will respond within the time the law requires. You also have the right to complain to your local data protection authority.
International transfers
We operate from Indonesia and work with clients and providers in the US and the EU, so your information may be processed outside your country. Where the law requires it, we put appropriate safeguards in place for those transfers.
Security
We take reasonable measures to protect the information we hold, including least-privilege access and encryption in transit. No method of transmission or storage is perfectly secure, so we cannot guarantee absolute security, but we work to keep the surface small.
Children
This site and our services are for businesses. They are not directed at children, and we do not knowingly collect information from anyone under 16.
Changes to this policy
We may update this policy as our practices change. When we do, we will revise the date at the top. Material changes will be made clear on this page.
Contact us
For any privacy question or request, email [email protected]. We read every message.