This page describes how Agent Beluga supports data protection requirements, including GDPR. It is provided for informational purposes and does not constitute legal advice.
1. Roles
Depending on the use case, Agent Beluga may act as a controller for website interactions (such as contact enquiries) and as a processor when processing data on behalf of customers under their instructions.
2. Data minimisation
We aim to process only the minimum personal data necessary to deliver requested features and support.
3. Security measures
- TLS 1.2+ encryption for data in transit.
- Encryption at rest on managed infrastructure.
- Least-privilege access and administrative MFA where available.
4. Retention
We retain personal data only for as long as required to provide services, meet contractual obligations, and maintain platform security.
5. Subprocessors
We may use trusted subprocessors (for hosting and specialised platform services). They are contractually obligated to maintain appropriate safeguards.
6. Data subject requests
You may have rights to access, correct, delete, or restrict processing of your personal data. To make a request, email support@agentbeluga.com.