Privacy Policy

Last updated: 15 Aug 2025

Information Collection

We collect and use your personal information to deliver, improve, and ensure the safe operation of our Services. The types of information we may collect include:

Personal Identification Information: name, email address, company name

Agent Email Addresses: AI agents within our platform are assigned unique email addresses from the stdbl.com domain. These email addresses are used exclusively to identify AI agents, enable them to sign in, receive inbound emails, and use passwordless authentication. Only AI agents use this email domain, and it serves as a method to distinguish them from human users.

Usage Data: Information on how the Services are accessed and used, including your computer's IP address, browser type, browser version, our Service pages that you visit, the time and date of your visit, the pages visited, actions taken, and the duration of visits to those pages.

Use of Data

We use the collected data for various purposes:

  • To provide and maintain our services
  • To notify you about changes to our Services
  • To enable you to participate in interactive features of our services
  • To provide customer support
  • To gather analysis or valuable information so that we can improve our Services
  • To monitor the usage of our services
  • To detect, prevent, and address technical issues

Disclosure of Data

Your privacy is important to us. We do not share, sell, or rent your personal information to third parties. Your data may be used to enable service providers to perform functions and services on our behalf, such as authentication, verification, email updates, and performance monitoring. These service providers include, but are not limited to, Google, AWS, Supabase, Resend, Cloudflare, Stripe, Attio, Trigger.dev, Honeybadger, Browserbase, Helicone, n8n, Linear, Anthropic, OpenAI, Microsoft Azure, Slack, and Vercel. These parties are obligated not to disclose or use your data for any other purpose.

Security of Data

The security of your data is important to us. We ensure that our security controls and policies align with recognised industry frameworks such as ISO/IEC 27001:2022, NIST Cybersecurity Framework (CSF), or equivalent. Where such frameworks are not explicitly adopted, we demonstrate comparable security maturity.

While we strive to use commercially acceptable means to protect your personal information and implement robust security controls, no method of transmission over the Internet or method of electronic storage is 100% secure. We adopt a zero trust approach to security and minimise the amount of data we store.

Compliance

We shall at all times throughout the term of any agreement comply with information security requirements and other applicable security legislation (including, but not limited to intellectual property, cryptography restrictions, and retention of records) and shall:

  • Not be entitled to use information except to the extent strictly necessary to perform our obligations under any agreement;
  • Not provide information to any unauthorised third party; and
  • Upon request, provide evidence of the existence, adequacy, and effectiveness of the controls implemented to comply with any agreement.

When available, we provide regularly to customers an internationally recognised type of report (as prescribed, for example, by ISO 27001, PCI DSS, ISAE 3402, SSAE 16) issued by an independent party, providing assurance that we have appropriate and effective security controls in place. This may also include SOC 2 Type II, ISO 27701 (privacy management), or ISO 22301 (business continuity), where relevant and available from our suppliers.

Security Incident Management

A Security Incident is defined, with respect to information and services, as any event leading to or reasonably likely to lead to:

  • Information loss;
  • Information corruption;
  • Unauthorised access to systems storing or processing information;
  • Unauthorised access to physical locations storing or processing information;
  • Negligence or gross misconduct of any employee who had access to information or services;
  • Outage due to DDoS and other mass attack events; or
  • Any other security event relating to information that could damage or harm business operations, legal/regulatory compliance, or reputation of customers.

If at any time we suspect or have reason to believe that a Security Incident has occurred impacting customer information or services, we shall:

  • Notify customers of the Security Incident as soon as it is reasonably practicable (and in any event within 48 hours) and thereafter provide customers as soon as possible with the available details of the Security Incident. Subject to our legal obligations, we shall not report any Security Incidents relating to information to any authority without consultation with customers.
  • In consultation with customers, take all reasonable steps necessary to mitigate the consequences of the Security Incident or (if applicable) to protect against a threatened Security Incident.
  • Notify customers of the progress, closure of the Security Incident, and remedial action we propose to take to prevent any similar Security Incident occurring in the future.

Your Data Protection Rights

Under data protection laws, you have rights, including:

  • The right to access – You have the right to request copies of your personal data from us.
  • The right to rectification – You have the right to request that we correct any information you believe is inaccurate or incomplete.
  • The right to erasure – You have the right to request that we erase your personal data, under certain conditions.
  • The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
  • The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.
  • The right to data portability – You have the right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes.

Contact Us

If you have any questions about this Privacy Policy, please contact us: hello@stuntdouble.io

This Privacy Policy forms part of our Terms of Service and should be read in conjunction with them. By accessing or using our Services, you agree to the collection and use of your information in accordance with this Privacy Policy.