data privacy and security

At Octomind, we take data privacy and security seriously and follow best practices to ensure that our customers' data is handled responsibly. We only collect and process data as necessary to deliver our core services, such as website testing, and we do not share any data with third parties outside of essential service providers like infrastructure providers.

Data retention policy

We ensure that all user data related to tests is deleted after 6 weeks, with the exception of essential user profiles that facilitate service continuity. 

All data is processed solely for the intended purpose of delivering and improving our services, and we strive to uphold the principles of data minimization, purpose limitation, and security. To ensure clients' needs are fully met, we are open to discussing any specific privacy or security concerns and are happy to sign a mutual NDA if needed.

User data protection

  • No unnecessary data collection: We do not collect or store any customer data beyond what is necessary for test case creation and execution.
  • Data processing: HTML and screenshots are analyzed during the test creation process. HTML is never stored, and screenshots are kept as part of the test report, following our data retention policy.
  • Data retention: Test runs generate traces and screenshots, which are used solely in test reports to help users understand the quality of the system. All artifacts (such as traces and screenshots) are automatically deleted after six weeks as part of our standard deletion policy.
  • Security: Industry-standard security measures, such as encryption and secure access protocols, are implemented to ensure data confidentiality and protection.

No training and sharing with third parties

Our solution only uses input data for the purpose of composing, running, and maintaining test cases. We do not use this data to train our solution, nor do we share input or output data with third-party companies outside of our standard service providers, such as AWS, Azure or GCP, which are necessary for infrastructure purposes.

Human inspection

Human inspections of input or output data are not systematically conducted unless explicitly requested for support purposes. In such cases, only authorized support personnel have access, solely for the specific purpose of resolving issues. We analyze system failures, especially if our AI agent encounters difficulties during test case creation. These inspections are limited to individual test cases or specific steps within test cases and are carried out only by authorized support personnel.

Generated code: access and ownership

Output data (such as Playwright code) generated by our solution is not subject to third-party rights, nor are there limitations on your use of the generated code. Clients have full access to the Playwright code, which they can use as needed.

The source code generated by Octomind is not available in any public repositories and is not subject to external licensing. Our solution generates an intermediate representation (a data structure describing user flows, such as "click on T-shirt," "select size M," etc.), which is then deterministically converted into Playwright code without the use of AI. The generated Playwright code is fully owned by the client, with no external license requirements.

Use of Posthog analytics

To improve user experience and service quality, we have introduced the use of the Posthog application to track user behaviour on our website and the app. This tool assists us in understanding how users interact with our website, and helps us make improvements based on these insights. The anonymized information that we gather through Posthog is stored securely in the EU cloud instance of Posthog. This ensures that all your data is managed in compliance with the strict data protection laws of the European Union, offering you robust security and privacy. Read more about Posthog data policy in posthog.com/privacy.

Octomind's cookie policy

This Cookie Policy is an integral part of Octomind's Privacy Policy. It explains how we, at Octomind, use cookies on our website (https://www.octomind.dev) and our app (https://app.octomind.dev). Cookies are vital for enhancing your online experience with us.

It's important to note that this policy does not encompass the cookies used by these third parties. Should you prefer not to accept cookies from Octomind, you can set your browser to reject cookies other than essential cookies. However, this may result in a limited experience on our site, as some services and content might become unavailable.

Understanding cookies

A cookie is a tiny data file stored on your device by a website you visit. It often includes details about the site, a unique identifier to recognize your browser on subsequent visits, the cookie's purpose, and its duration. Cookies have several uses - they enable website features, track site usage for analytics, remember your settings (like time zone and preferences), and personalize your experience (like showing relevant ads and language settings). First-party cookies are set by the site you're visiting, tracking only your activity on that site. Third-party cookies, however, are set by external sites and companies and might track your activity across multiple websites using the same service. Octomind uses first-party cookies only.

Types of cookies and their usage at Octomind

Essential Cookies - These are vital for website functionality like account management and payment processes. Octomind uses essential cookies for authentication services to provide a secure log in to our app. We use PropelAuth authentication for these purposes.

Performance Cookies - These cookies collect data about your website usage, helping us understand user behavior, pinpoint problems, and enhance overall user experience. This data is usually anonymous. Octomind employs performance cookies for these insights. We use Posthog analytics for these purposes.

Targeting/Advertising Cookies - Used for tailoring relevant promotional content to your interests, these cookies aid in delivering targeted ads and controlling ad frequency. Octomind does not utilize targeting/advertising cookies.

What rights do you have regarding your data?

You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.

Contact us

If you have any questions about this Privacy Policy, please contact us at [email protected].