SetTern.io · Legal · UK GDPR aligned

Privacy Policy

The data we collect, why we collect it, where it lives, and how to delete it — written for humans, not for lawyers' filing cabinets.

Last updated · 8 May 2026 Effective · 8 May 2026 Version · v1.5
★ The short version

We provide guidance and tools to help you update your address. We do not act on your behalf or make changes to third-party services. We collect the minimum we need to generate your personalised plan; we retain Service Agent (support) chat transcripts for a limited period like a helpdesk log; we never sell your data, and you can delete it at any time.

1. Who we are

SetTern.io ("we", "us") is a service operated from the United Kingdom that helps individuals organise the administrative tasks involved in moving home. Contact: hello@settern.io.

2. What we collect

We deliberately keep this list short. We only collect what we need to generate your personalised guidance:

  • Your Google account email and a unique account identifier (when you sign in).
  • The current and new addresses you choose to share, your planned move date, and the origin/destination countries.
  • When you choose to scan Gmail: read-only metadata about messages relevant to a move (sender, subject, plain-text body fragments). We do not download attachments or store entire mailboxes.
  • Consent timestamps, plan tier, and audit metadata (which version of our system generated each output).
  • When you use the in-app Service Agent (support chat): the text of messages you send and the assistant replies, with timestamps — stored on our servers like a basic support transcript to handle enquiries, resolve incidents, investigate abuse, and improve the service.

We do not collect bank details, full identity documents, passwords, or anything we cannot demonstrate is required to deliver the service.

3. How we use it

Your data is used solely to:

  • Generate your personalised journey, draft messages, and recommendations.
  • Enforce free-tier quota and prevent abuse.
  • Maintain a lightweight audit trail (what was generated, when, and at which logic version) so we can support you if something goes wrong.

We do not sell your data. We do not share it with third parties for marketing. We do not use it to train AI models.

4. Sub-processors

To deliver the service we send specific data to:

  • Google — for sign-in (OAuth) and Gmail read-only access when you opt in.
  • OpenAI and Anthropic — for AI inference (drafting journeys and messages). Both providers contractually agree not to train their models on the data we send.
  • Vercel — for hosting and short-term key/value storage (rate-limit counters, session state).
  • Stripe — for payments. Card details never touch our servers.

See the sub-processor register for processing region, data scope and DPA details.

5. AI vendor processing — important

When you use any AI feature of SetTern.io (Gmail scan, plan generation, message drafting, translation, or Service Agent chat), the move-related data we process — current and new addresses, country pair, planned move date, derived service categories, short plain-text fragments of any Gmail messages we matched, and (for Service Agent) your chat messages — is sent to specialist AI vendors who run the underlying models. We currently use:

⚠ Vendor-side retention is outside our control

We have contractually instructed both vendors NOT to train their models on the data we send. However, vendor-side abuse-and-safety retention (typically up to 30 days) is OUTSIDE OUR CONTROL — those copies live on the vendors' infrastructure under the vendors' own privacy terms, not ours.

By choosing to use the AI features you acknowledge that this third-country processing takes place, that the vendors are independent data controllers for that processing, and that any deletion of vendor-side copies must be requested directly from the vendor (we surface the vendor message-IDs in your data export so you can do this).

If you would prefer not to have your move data processed by third-party AI vendors, you can use the manual-entry mode (no Gmail scan, no AI plan) and the service still works in a reduced form. By proceeding with any AI feature you confirm you have read this section and agree to the third-party processing it describes.

6. Storage and retention

Most personal data is processed in-session and is not persisted beyond your active session. Where we do persist on our side, the persisted set is limited to:

  • Your account record (Google sub + email + first/last seen counters).
  • An audit row per analysis, including a derived snapshot of the move plan we showed you (extracted current/new addresses, the services we suggested, AI insights and recommendations) so we can re-display your plan without re-running the analysis.
  • Your consent log (which version of these documents you accepted, when).
  • A minimal security-event log (sign-ins, consent decisions, deletions). We do NOT store your raw IP address — only the truncated /24 network prefix is kept, for abuse-pattern review.
  • Service Agent conversation threads (support chat), including full message text — retained on our servers for up to approximately 180 days through automatic expiry, and removed when you delete your account via the in-app erasure flow (subject to our technical scan limits; any edge case clears at TTL).

Everything above is encrypted at rest and is destroyed when you delete your account. You can download a complete machine-readable copy at any time from My Account → Export, or by emailing privacy@settern.io. You can delete your account and associated data at any time using the in-app "Delete my data" control or by emailing privacy@settern.io.

7. Your rights (UK GDPR)

You have the right to:

  • Access the data we hold about you.
  • Correct inaccurate data.
  • Request erasure of your data.
  • Object to processing or withdraw consent.
  • Lodge a complaint with the UK Information Commissioner's Office at ico.org.uk.

8. Security

We use HTTPS (TLS) for all traffic. Data at rest is encrypted using industry standards (AES-256). We follow the principle of least privilege — engineers can only access what is needed to operate the service. Full controls in our Security overview.

9. Cookies

We use a minimal set of strictly-necessary cookies for sign-in session state and consent tracking. We do not use advertising or cross-site tracking cookies. See our Cookie Notice for details.

10. Changes to this policy

If we materially change how we handle your data we will notify you in-app or by email before the change takes effect.

Questions? Email privacy@settern.io ← Back to SetTern.io