Last updated: February 2026
Short version: We collect the minimum data needed to provide the service. We don't track you, we don't sell your data, we don't profile you. When you leave, your data is deleted.
Threshold Signalworks Ltd is a company registered in Ireland. We operate Threshold Cloud and the thresholdsignalworks.com website. Contact: [email protected].
Website visitors: Nothing. This site has no analytics, no cookies, no tracking scripts, no third-party resources. We don't know you visited.
Threshold Cloud users: Your email address (for account creation and essential communications), your API key hash (for authentication), and the data you send us through the service: policies, WAL events, quarantine records. This data exists solely to provide the service.
We don't collect names (unless you provide one), IP addresses (beyond what's necessary for TLS), browsing behaviour, device information, location data, or any form of telemetry from the Keel skill or library. The local Keel skill sends nothing to us unless you explicitly configure a Cloud API key.
To provide the service. That's it. Your policies are stored so your agents can sync them. Your WAL events are stored so you can query and audit them. We don't read, analyse, mine, or otherwise examine your data beyond what's required for the service to function.
Under GDPR, we are a data processor. You (our user) are the data controller. You decide what data your agents generate and what ends up in your policies and logs. We process it on your behalf, under your instructions, to provide the service. A Data Processing Agreement is included in our Terms of Service.
European Union. Our infrastructure is hosted in the EU. Your data does not leave the EU.
We use the following third-party services that may process data on our behalf:
Hosting provider: [To be confirmed before launch — EU-based provider]
Payment processing: Stripe (for subscription billing only — Stripe handles payment data directly under their own GDPR compliance)
We will update this list if sub-processors change and notify active Cloud users.
Your data is retained for the duration of your subscription. WAL events are retained according to your plan tier (90 days for Starter, 1 year for Team). When you cancel your account, all associated data (policies, WAL events, quarantine records, account details) is permanently deleted within 30 days.
Under GDPR, you have the right to access, rectify, erase, restrict processing, data portability, and objection. To exercise any of these rights, email [email protected]. We will respond within 30 days.
If we discover a breach affecting your personal data, we will notify you within 72 hours with details of what happened, what data was affected, and what we're doing about it.
If we change this policy, we'll update the date at the top and notify active Cloud users by email. The current version is always available at this URL.