Skip to main content
تخطَّ إلى المحتوى الرئيسي
SeaOtter
الاختبار المقارن

Privacy Policy

Last updated: June 29, 2026

Trust controls at a glance

You consent to evaluation, and you can inspect, export, and delete your data

SeaOtter grades the work you submit against your acceptance policy. Evaluation is explicit and opt-in, retention is bounded, export stays available, and deletion removes the records we control for that surface rather than quietly hiding them. Whether your interactions improve our models is your choice — on by default outside the EU and opt-in within it — and training a private critic on your data is a separate, revocable agreement.

Consent

Evaluation is explicit

You send work to be graded — nothing is observed passively. Model improvement is on by default outside the EU and off by default within it, and you control it any time in settings. Training a private critic on your data is a separate, revocable agreement.

Retain

Bounded retention

Submitted artifacts and evaluation records are kept only as long as needed to run the service and your retention settings allow, then deleted.

Export

Export your records

Produce a readable snapshot of your account's evaluation history and any retained submissions we control.

Delete

Delete your data

Purge your evaluation records and submitted artifacts. Cross-system deletion removes the records we control and returns a deletion receipt.

For access or deletion requests, email privacy@seaotter.ai. We reply with deletion proof: what was deleted, what must be retained for legal or security reasons, and the remaining next step if one exists.

Deletion proof path

Deletion is a controlled action, not a vague promise

A legal reviewer should be able to see what starts deletion, what records are in scope, and what proof comes back. SeaOtter separates in-product account deletion from cross-system deletion so the action matches the records being removed.

1

Request: tell us what to delete

Use the in-product delete control for your account data, or email privacy@seaotter.ai for any records held across evaluation, curation, and research systems.

2

Remove: we clear controlled records

Deletion covers the records SeaOtter controls for the named surface. Anything retained for legal or security reasons is named instead of hidden.

3

Prove: you get a receipt

The reply states what was deleted, what remains, why it remains, and the next step if another system owner is involved.

1. What this page covers

SeaOtter is centred on the native macOS Companion, with web, evaluation API (MaaS), MCP/SDK integrations, an adversarial acceptance corpus (DaaS), and a curation and labelling console. This policy covers the specific app, window, project, file, or agent session you approve for the Companion; work submitted for evaluation; account and billing details; accept/reject decisions; and data you explicitly consent to use for training. The historical Tauri/Windows client is retired; the Swift macOS Companion is the current product.

2. What we collect

  • Evaluation submissions: the artifact you send to be checked (video, images, audio, documents, decks, spreadsheets, code, text, or mixed artifacts), the task and context you provide, and the result we return (verdict, located flaws, evidence, and suggested corrections).
  • Companion scope and local context: the approved app, window, project, file, or agent session; bounded structural state needed to identify the active work; and permission/connection status. Local file paths are not serialized to the evaluation API. Artifact content leaves the device only when an approved check uses a remote critic or upload route, and that boundary is disclosed in product.
  • Account and contact: email, organization, plan and billing details, and API keys.
  • Curation and labelling signals: the accept / reject / route decisions made in the console — the acceptance signal that drives the platform.
  • Product analytics: basic, aggregate usage telemetry to operate and improve the service.

3. How we use your data

  • Run evaluations and return OtterScore results and fixes.
  • Operate the curation and labelling console and your acceptance queue.
  • Improve critic and rubric quality, subject to the training rules in section 4.
  • Provide support and respond to you if you ask.

4. Model improvement and training

Your agentic interaction data. When you use SeaOtter's self-serve surfaces, your agentic interaction data — the work your agents submit for evaluation, the OtterScore verdicts, and your accept / reject / re-prompt signals, plus the feedback you give about our evaluations — may be used to train and improve our models. Outside the EU, EEA, UK, and Switzerland this is on by default and you can opt out at any time; in the EU, EEA, UK, and Switzerland it is off by default and we use your data only if you turn it on. If model improvement is on, new and resumed interactions are retained for up to five years; if it is off, we keep only a 30-day operational window and do not use new interactions for training. Manage this any time in your privacy settings. Turning it off or deleting your account excludes your data from future model training and reverts to the 30-day window; data already used to train a released model can't be retracted from that model but will not be used again.

What is never used. Raw artifact bodies, files, emails, prompts, keystrokes, credentials, and personal identifiers are never used to train models — only redacted structural metadata plus the artifact you explicitly submitted are ever eligible. Rejected or stale artifacts marked do-not-train are audit-only metadata and are never model-visible.

Commercial and enterprise plans. Data from commercial, team, enterprise, on-premises, and BYOC deployments is excluded from shared model training entirely. It is only ever used to train your own private critic under an explicit, per-modality training-corpus agreement that you can revoke at any time.

Evaluation, learning, and product surfaces share a privacy and key-custody contract. That contract requires device- or tenant-held keys, no server key copy and no server decrypt capability except for an inference you request, plaintext that is ephemeral and forgotten after inference, and no raw content stored in training rows.

5. Storage, retention, and your boundary

For the hosted service, evaluation and account data are stored in SeaOtter systems with bounded retention, and deletion controls remove submitted artifacts and evaluation records we control. For enterprise on-premises and bring-your-own-cloud (BYOC) deployments, your raw work stays inside your boundary and does not leave it without your consent. We do not sell personal data.

We use a small set of third-party sub-processors to run the hosted service (hosting, database, email, authentication, billing, and LLM inference). The current list, with each provider's purpose and region, is published at /subprocessors. A Data Processing Agreement that references that list is available on request.

6. Cookies & analytics

We keep cookies to a minimum and we do not run advertising or cross-site tracking. The cookies and similar storage we use are:

  • Authentication cookie: a first-party session cookie that keeps you signed in. It is strictly necessary for the product to work, so it is set when you log in and is not optional.
  • Google Analytics 4 (optional): aggregate traffic analytics with IP anonymisation enabled. It is loaded in deny-by-default mode (Consent Mode v2) and only starts after you choose “Accept” in the cookie banner. Choosing “Reject” leaves it off.
  • RUM beacon (optional, no cookie): a privacy-free real-user-monitoring beacon that reports anonymous performance metrics (page-load timing, JavaScript errors). It carries no personal identifiers and sets no cookie.

Opting out: use Reject in the cookie banner to keep analytics off, change your choice by clearing the cookie_consent cookie, or block cookies in your browser settings. Opting out does not affect the strictly-necessary authentication cookie.

7. Your controls and rights

  • Consent: evaluation is opt-in. Model improvement is on by default outside the EU and off by default within it — change it any time in privacy settings. Training a private critic on your data is separate, per-modality, and revocable.
  • Access and export: request a snapshot of your account's evaluation history and retained submissions.
  • Delete: purge your account data in-product, or use the cross-system deletion path for records held across evaluation, curation, and research systems — returned with a receipt.
  • Unsubscribe from all communications.

Requests sent to privacy@seaotter.ai are handled as the cross-system access or deletion path.

8. Contact

Questions about privacy? Email privacy@seaotter.ai

SeaOtter
المنظماتالمطورونالاختبار المقارن
الشروطالخصوصية·hello@seaotter.ai

© 2026 SeaOtter. Generated-media defect intelligence.