This Privacy Policy explains how AskFirst collects, uses, shares, and protects personal data when you visit aiskfirst.com, join our waitlist, or use the AskFirst API and related services (the "Service"). We aim to collect only what we need to run the Service well.
01 Overview
AskFirst is a human-in-the-loop approval layer for AI agents. To provide it, we process a small amount of personal data — primarily email addresses and the approval-related information you choose to send through the Service. We do not sell your personal data.
02 Who we are
The Service is operated by AskFirst ("AskFirst", "we", "us"). For privacy questions, contact us at privacy@aiskfirst.com. Where data-protection law applies, we act as the controller for data about our website visitors and account holders, and as a processor for the approval content you submit on behalf of your own users.
03 What we collect
| Category | Examples | Source |
|---|---|---|
| Waitlist data | Email address you submit to join the waitlist | You |
| Account data | Name, email, organization, and login credentials (when accounts launch) | You |
| Approval content | Questions, context, metadata, decisions, and timestamps in your Approval Requests; Approver email addresses you provide | You / your Agent |
| Audit records | Who approved or denied what, when, and the resulting decision log | Generated by the Service |
| Billing data | Plan, billing contact, and payment confirmation (card details are handled by our payment processor, not stored by us) | You / payment processor |
| Technical data | IP address, device/browser type, API request logs, and basic usage analytics | Automatically |
Please avoid putting sensitive personal data (such as health, financial, or government-ID details) into Approval Request questions or context unless it is necessary and you have a lawful basis to do so.
04 How we use it
- To provide the Service — routing Approval Requests, notifying Approvers, returning decisions, and keeping audit logs;
- To manage the waitlist and send you a notification when we launch;
- To create and administer your account and process payments;
- To secure the Service, prevent abuse, and debug issues;
- To understand usage and improve features and reliability;
- To communicate with you about the Service, and (where permitted) about product updates — you can opt out of marketing at any time;
- To comply with legal obligations and enforce our Terms.
05 Legal bases (where GDPR applies)
- Contract— to provide the Service you've requested and manage your account;
- Consent — for joining the waitlist and for optional marketing emails;
- Legitimate interests — to secure, maintain, and improve the Service, where not overridden by your rights;
- Legal obligation — to meet accounting, tax, and compliance requirements.
06 Sharing & processors
We do not sell your personal data. We share it only with service providers ("sub-processors") who help us run the Service, under appropriate contracts, and where required by law. Typical categories include:
- Email & notification providers — to deliver waitlist confirmations and Approval Request notifications;
- Messaging integrations — e.g., Slack, when you enable them;
- Payment processor — to handle subscriptions and billing;
- Hosting & infrastructure — to host the Service and store data;
- Analytics & error monitoring — to keep the Service reliable.
At present we use Resend to deliver waitlist confirmations and email notifications, Slack to deliver notifications when you enable that integration, a third-party payment processor for paid plans, and a hosting provider to run the Service. We keep this list current as our providers change. We may also disclose data if required by law or to protect our rights, users, or the public.
07 Data retention
We keep personal data only as long as needed for the purposes above. Waitlist emails are kept until launch and then either migrated to your account (with notice) or deleted on request. Audit logs are retained for the period associated with your plan and are deleted or anonymized within 12 months of account closure. We respond to deletion requests within 30 days unless a longer period is required by law.
08 Security
We use reasonable technical and organizational measures — such as encryption in transit, access controls, and API-key authentication — to protect personal data. No method of transmission or storage is completely secure, so we cannot guarantee absolute security. If a breach affects your data, we will notify you as required by law.
09 International transfers
We and our providers may process data in countries other than yours. Where required, we use appropriate safeguards (such as standard contractual clauses) to protect data transferred across borders.
10 Your rights
Depending on where you live (e.g., under the EU/UK GDPR or similar laws), you may have the right to:
- Access the personal data we hold about you;
- Correct inaccurate data or complete incomplete data;
- Delete your data ("right to be forgotten");
- Restrict or object to certain processing;
- Receive your data in a portable format;
- Withdraw consent at any time (including unsubscribing from emails);
- Lodge a complaint with your local data-protection authority.
To exercise any of these, email privacy@aiskfirst.com. We will respond within the timeframe required by applicable law.
11 Cookies
Our website currently uses only the minimal cookies and similar technologies needed to operate the site and submit the waitlist form. We do not currently set advertising cookies or third-party tracking. If we add analytics or marketing cookies in the future, we will describe them here and provide a consent mechanism where required. You can control cookies through your browser settings.
12 Children
The Service is not directed to children under 16, and we do not knowingly collect their personal data. If you believe a child has provided us data, contact us and we will delete it.
13 Changes to this policy
We may update this Privacy Policy from time to time. We will revise the "Last updated" date above and, for material changes, provide additional notice where appropriate.
14 Contact
Questions or requests about your privacy? Contact privacy@aiskfirst.com.