Privacy Policy
This Privacy Policy explains categories of data Ethen may process, how workspace and provider routing affect data paths, and what rights and controls may be available. This statement describes Ethen’s current posture without making unsupported certification or compliance claims.
Privacy Policy
Upcube (“we,” “us,” “our”) provides Ethen, a model workspace for routing, reviewing, and organizing model work. This Privacy Policy describes categories of information that may be processed when you visit our sites, create an account, use workspaces, submit prompts or files, connect services, enable BYOK, or use voice and related features. Processing details can vary by product surface, account configuration, provider selection, and region.
1. Scope and roles
This policy covers personal data and related workspace data processed for Ethen product and site experiences. Depending on context, Upcube may act as a service provider/processor for customer workspace content and as a controller for account administration, site analytics where used, security logs, and business operations data. Enterprise customers may have separate data processing terms. If a signed agreement conflicts with this public policy for that customer’s covered services, the signed agreement controls to the extent of the conflict. This policy does not cover third-party websites, model provider consoles, or services that you access outside Ethen, even if linked from the product. Organizations should document internal handling rules for this category, including who may access it, how long it should be kept beyond product defaults, and whether export is required before offboarding. When in doubt, minimize personal data in prompts and uploads and prefer dedicated secret storage over free-text fields.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Covers Ethen sites and product surfaces operated by Upcube.
- Enterprise contracts may add processor terms.
- Third-party sites and provider consoles have separate policies.
2. Account data
Account data may include name, email address, authentication identifiers, organization membership, role assignments, profile preferences, billing contact details where configured, support tickets, and security settings such as session metadata or multi-factor status indicators. We use account data to authenticate users, administer workspaces, provide support, secure accounts, communicate service notices, and operate commercial features where enabled. Account data is generally required to provide the service you request. You should keep account contact details accurate so security and service notices can reach the right people. Organizations should document internal handling rules for this category, including who may access it, how long it should be kept beyond product defaults, and whether export is required before offboarding. When in doubt, minimize personal data in prompts and uploads and prefer dedicated secret storage over free-text fields.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Account data supports authentication and administration.
- Roles and organization membership may be stored.
- Accurate contact details help security communications.
3. Workspace data
Workspace data may include projects, sessions, labels, configuration, member lists, integration settings, route preferences, feature flags, and operational metadata about how a workspace is used. Workspace data helps Ethen present history, permissions, and product state. Admins and members may create additional structured data such as saved views, workflow definitions, or approval queues. The visibility of workspace data depends on product permissions and sharing settings. Workspace data should be treated as business-sensitive. Invite only trusted members and review integration scopes regularly. Organizations should document internal handling rules for this category, including who may access it, how long it should be kept beyond product defaults, and whether export is required before offboarding. When in doubt, minimize personal data in prompts and uploads and prefer dedicated secret storage over free-text fields.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Workspaces store configuration, membership, and history metadata.
- Permissions control who can see workspace content.
- Integrations can expand workspace data scope.
4. Prompts and outputs
Prompts, instructions, system messages, model parameters, and generated outputs may be processed to provide chat, coding, research, media, voice, and related features. These materials can contain personal data if users include it. Prompts and outputs may be stored as part of sessions, runs, logs, or evidence records depending on feature design and settings. They may also be transmitted to model providers or tools according to the selected route. Users should avoid placing unnecessary sensitive personal data in prompts. Organizations should set internal rules for confidential content, customer data, and regulated information. Organizations should document internal handling rules for this category, including who may access it, how long it should be kept beyond product defaults, and whether export is required before offboarding. When in doubt, minimize personal data in prompts and uploads and prefer dedicated secret storage over free-text fields.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Prompts and outputs are core product data categories.
- They may be stored in sessions or run records.
- Sensitive data should be minimized in prompts.
5. Files and attachments
Users may upload or attach documents, source code, images, audio, archives, or other files. Files may be parsed, previewed, embedded for retrieval, or passed to models and tools as needed for the requested operation. File processing can expose personal data contained inside documents. Malware scanning or type validation may occur for security. Large files or binary assets may have different storage paths than short text prompts. You are responsible for ensuring you have rights to upload files and that sharing them with a model workspace is appropriate for your organization. Organizations should document internal handling rules for this category, including who may access it, how long it should be kept beyond product defaults, and whether export is required before offboarding. When in doubt, minimize personal data in prompts and uploads and prefer dedicated secret storage over free-text fields.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Uploaded files may be parsed and routed for features you use.
- Files can contain personal or confidential data.
- Upload rights and internal policy compliance are user responsibilities.
6. Workflow, approval, and evidence records
Where workflows, approvals, receipts, or evidence packages are enabled, Ethen may process records such as run status, tool traces, diffs, reviewer comments, approval decisions, timestamps, and related artifacts. These records help teams inspect what happened. Evidence and approval data may include personal data about actors in a workflow (for example, who approved a change). Retention of these records may be longer when needed for security, auditability, or dispute review, subject to the Data Retention policy. Do not assume evidence records are a complete legal archive unless your organization configures and validates them for that purpose. Organizations should document internal handling rules for this category, including who may access it, how long it should be kept beyond product defaults, and whether export is required before offboarding. When in doubt, minimize personal data in prompts and uploads and prefer dedicated secret storage over free-text fields.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Workflow and approval features create inspectable records.
- Actor identity and decision metadata may be stored.
- Evidence is for product review, not automatically a legal archive.
7. Connected-service data
If you connect repositories, storage, messaging, issue tracking, browsers, or other services, Ethen may process tokens, scopes, resource identifiers, and content retrieved or written through those connections. The categories of data depend on the integration and permissions you grant. Connected-service data may leave Ethen when actions are executed in external systems. Likewise, external content may be pulled into prompts, tools, or workspace history. Review scopes carefully and revoke unused connections. Upcube does not control the privacy practices of connected third-party services themselves. Organizations should document internal handling rules for this category, including who may access it, how long it should be kept beyond product defaults, and whether export is required before offboarding. When in doubt, minimize personal data in prompts and uploads and prefer dedicated secret storage over free-text fields.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Integrations process tokens and external resource data.
- Scopes determine how much external data is accessible.
- Third-party services have their own privacy practices.
8. BYOK and provider routing
When requests are routed to model or tool providers—whether through platform-configured providers or customer BYOK credentials—prompt content, files, outputs, and request metadata may be processed by those providers under their terms and settings. BYOK gives customers control over provider account selection, but provider-side terms, billing, logs, and retention may still apply. Upcube may still process operational metadata needed to operate routing, show status, enforce limits, or secure the product. Customers should evaluate provider data handling for their industry and risk profile. See the BYOK Data Handling policy for additional detail. Organizations should document internal handling rules for this category, including who may access it, how long it should be kept beyond product defaults, and whether export is required before offboarding. When in doubt, minimize personal data in prompts and uploads and prefer dedicated secret storage over free-text fields.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Provider routing can transmit prompts and files to third parties.
- BYOK does not eliminate provider-side processing.
- Operational metadata may still be processed by Ethen.
9. Voice data
Voice features may process audio recordings, live microphone input, transcripts, generated speech, voice settings, and related metadata. Voice data can reveal identity and may capture bystanders if used carelessly. Voice processing should occur with appropriate notice and permission. The Voice Consent Policy and Voice Cloning Policy describe additional expectations for recording, transcription, synthesis, and voice likeness use. Users should avoid submitting voice content containing sensitive personal data unless they have authority and a suitable workflow.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Voice features may process audio and transcripts.
- Consent and notice expectations apply.
- Sensitive voice content requires extra caution.
10. Local and private lanes
Where local or private model lanes are supported, some processing may run on customer-controlled machines or environments rather than remote provider endpoints. Local lanes can reduce certain third-party transmissions, but they do not automatically eliminate all product telemetry, account authentication, or workspace metadata processing. Local runtime security depends heavily on the customer’s device posture, network, and operational practices. Upcube can provide product pathways; customers control the local environment. Availability of local lanes may vary by feature and setup.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Local lanes may keep some model work on customer infrastructure.
- Account and product metadata may still be processed remotely.
- Local security is largely a customer responsibility.
11. Cookies, analytics, and similar technologies
Ethen sites and apps may use cookies, local storage, session storage, and similar technologies for authentication, preferences, security, and product analytics where enabled. Details are described in the Cookie Policy. Essential storage is typically required for login sessions and core functionality. Analytics or non-essential technologies, if used, should be configurable according to product and regional requirements as those controls are implemented. Browser settings can block some cookies, which may affect login or feature availability.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Cookies and storage support sessions and preferences.
- See Cookie Policy for category details.
- Blocking cookies may break authenticated experiences.
12. Security and access controls
Upcube applies administrative, technical, and organizational measures designed to protect personal data and workspace content, as described at a high level in the Security Statement. No method of transmission or storage is completely secure. Access to production systems is expected to follow least-privilege and need-to-know principles. Customers control workspace membership, keys, and integrations on their side of the shared responsibility model. Report suspected security issues through published security or support channels.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Security measures are described in the Security Statement.
- Shared responsibility applies to customer-controlled access.
- No system can promise perfect security.
13. Retention and deletion
Retention is described by category because exact periods depend on account configuration, product settings, legal obligations, and provider behavior. Account records, workspace content, logs, backups, billing records, and security records may follow different timelines. Deletion requests are handled through available account or support paths. Deletion may not immediately remove all copies from backups, security logs, or provider systems where retention is required or technically delayed. See the Data Retention policy for category-level expectations.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Retention varies by data category and configuration.
- Deletion may lag in backups or provider systems.
- Data Retention policy provides category guidance.
14. User requests and rights
Depending on your jurisdiction and relationship to Upcube, you may have rights to access, correct, delete, or export personal data, object to or restrict certain processing, or withdraw consent where processing is consent-based. Enterprise end users may need to contact their organization administrator first for workspace content controlled by that organization. We may need to verify requests and may deny or limit requests where permitted by law—for example, when disclosure would harm others’ privacy, reveal security-sensitive information, or conflict with legal obligations. Use published privacy or support contact paths to submit requests.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Rights vary by jurisdiction and context.
- Enterprise users may need to go through their admin.
- Verification may be required before fulfilling requests.
15. Disclosures and service providers
We may share data with infrastructure, model, analytics, support, payment, or security service providers that process data on our instructions or as independent providers for specific functions. We may also disclose data when required by law, to protect rights and safety, or in connection with corporate transactions subject to appropriate safeguards. Provider routing means some content is disclosed to model or tool providers as part of fulfilling a user request. BYOK may mean the disclosure is authenticated under the customer’s provider account. We do not sell personal data as “sale” is commonly understood in ordinary commerce. If regional definitions of sale or sharing require additional notices or opt-outs, those mechanisms will be provided where applicable as product and legal requirements mature.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Service providers help operate Ethen.
- Model routing discloses content needed to fulfill requests.
- Legal and safety disclosures may be required.
16. Children and international users
Ethen is not directed to children, and we do not knowingly collect personal data from children in violation of applicable law. If you believe a child has provided personal data inappropriately, contact us so we can take suitable steps. Ethen may be accessed from multiple countries. Data may be processed in locations where Upcube, its providers, or connected services operate. International transfers may rely on appropriate contractual or legal mechanisms depending on context. Users are responsible for determining whether their cross-border use of model workspaces is allowed under their local laws and employer policies.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Service is not directed to children.
- Cross-border processing may occur through providers and infrastructure.
- Local law compliance remains a user and customer responsibility.
17. Policy changes
We may update this Privacy Policy to reflect product changes, legal requirements, or clearer explanations. Updated versions will show a revised effective or update date when published. Material changes may also be communicated through product or account notices when appropriate. Continued use of Ethen after an update means the updated policy applies to subsequent use, except where mandatory law or a signed agreement requires a different process. For questions about this policy, use published Upcube / Ethen contact channels.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Privacy Policy may be updated over time.
- Material changes may be communicated in-product or by notice.
- Related policies should be read together.
18. Operational communications
We may send service notices, security alerts, product changes, and administrative messages related to your account. These communications are part of operating the service and are distinct from optional marketing mail. Marketing communications, if used, should provide unsubscribe mechanisms where required. Organizational admins may receive notices on behalf of their workspaces. Keep contact emails current so security notices are not missed. Support interactions may create ticket records containing the information you submit. Do not place secrets in support tickets when a secure channel exists. Telephone or meeting support, if offered, may generate notes used to resolve issues. Those notes follow support retention practices rather than chat history defaults.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Service notices are operational.
- Keep admin contacts current.
- Avoid secrets in support tickets.
- Support notes follow support retention.
19. Automated decision-making and profiling
Ethen uses models and routing logic to generate outputs and choose routes. These systems assist users; they are not intended as sole automated legal, credit, or employment decision engines. Product telemetry may aggregate usage patterns to improve reliability. Aggregated operational metrics should not be confused with advertising profiles. If a feature applies automated safety filtering, that filtering may block or transform some outputs to reduce abuse. Safety systems are imperfect and may produce false positives or false negatives. Users remain responsible for reviewing model outputs before high-impact use. Organizations should not present Ethen outputs as unreviewed automated determinations in regulated processes without appropriate human oversight and legal analysis.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Routing and generation assist users; they are not sole regulated decision engines.
- Telemetry differs from advertising profiling.
- Safety filters can err.
- Human review remains required for high-impact use.
20. Contacting Upcube about privacy
Privacy questions, requests, and complaints may be submitted through published privacy or support contact channels on Upcube / Ethen properties. Include enough detail to identify your account and request type. We may need to verify identity or organizational authority before fulfilling requests about personal data or workspace content. Enterprise end users may be directed to their organization administrator for content controlled by that organization. If you are unsatisfied with a response, you may have the right to contact a supervisory authority in your jurisdiction, where applicable law provides that right. This statement does not limit rights that cannot be limited by contract. Regional representatives or additional notices may be published when required for particular markets. Until such notices are published, use the general contact paths.
Readers should treat this section as operational guidance for product use and evaluation. Where a control or retention behavior depends on plan, region, provider route, or admin configuration, confirm the live setting in product UI or a written enterprise agreement before relying on a specific outcome. Upcube updates public policy pages when material product posture changes, but customers remain responsible for their internal compliance programs.
- Use published privacy/support channels.
- Verification may be required.
- Enterprise users may need admin paths.
- Mandatory legal rights are preserved where applicable.
21. Summary of key privacy takeaways
Ethen processes account data, workspace content, prompts, outputs, files, workflow records, and related operational metadata to provide a model workspace. Some content is transmitted to model or tool providers according to selected routes, including BYOK paths where enabled. Local lanes may reduce certain remote transmissions but do not automatically eliminate all product metadata processing.
Users and organizations should minimize unnecessary personal data in prompts, manage membership carefully, protect keys, and use available deletion and export tools where offered. Rights requests are handled through published channels with verification as needed.
This Privacy Policy avoids unsupported certification claims and should be read with the Cookie Policy, Data Retention policy, BYOK Data Handling policy, Security Statement, and Voice policies where relevant.
If your use case involves regulated data classes, obtain internal legal and security approval before broad enablement. Public transparency is not a substitute for a fit-for-purpose risk assessment.
- Multiple data categories support the workspace product.
- Provider routing and BYOK change processing locations.
- Minimize sensitive data in free-text prompts.
- Regulated use cases need internal approval beyond public policy reading.
Scope of this policy
This policy applies to personal data and workspace-related data processed in connection with Ethen websites, accounts, consoles, APIs, and related product surfaces operated by Upcube. It should be read with the Cookie Policy, Data Retention policy, BYOK Data Handling policy, Voice Consent Policy, and Security Statement.
- Product surfaces: Web app, console, APIs, and related account experiences.
- Provider paths: Some processing happens on model or tool providers you or Upcube configure.
- Local lanes: Where supported, local or private runtimes change data paths.
- Enterprise overlays: Enterprise agreements may add privacy terms for specific customers.
Policy status
This Privacy Policy is published public policy text describing Ethen data categories and practices without unsupported compliance certification claims.
- Category-based disclosure: Focuses on data types and purposes rather than unverifiable guarantees.
- Provider dependencies: Routing and BYOK affect where content is processed.
- Related policies: Retention, cookies, BYOK, voice, and security pages add detail.
- Enterprise terms: Customer contracts may add processor obligations.
Not legal advice
These pages explain product and policy posture for Upcube / Ethen. They are not legal advice, do not create a lawyer-client relationship, and do not replace advice from qualified counsel for your jurisdiction, industry, or use case.
Evidence and claim boundaries
This statement describes Ethen’s current posture without making unsupported certification or compliance claims. Where a control depends on account configuration, provider selection, local runtime setup, or enterprise agreement terms, that dependency is called out instead of implied as universal.
- No certification claim: This page does not claim SOC 2, ISO 27001, HIPAA, PCI, or similar certification status.
- Provider-dependent behavior: Model and service providers may apply their own terms, logs, billing, and retention practices.
- Configuration-dependent behavior: Workspace settings, BYOK, local lanes, and connected services can change data paths.
- Human responsibility: Users remain responsible for prompts, files, outputs, approvals, and downstream use.
Related privacy reading
Use these pages for retention, cookies, BYOK, and security context.
Related policies
- Privacy Policy
How Ethen handles account, workspace, and provider-related data.
- Acceptable Use Policy
What uses are permitted or prohibited.
- AI Use Policy
How to treat model outputs and high-impact work.
- Security Statement
Security posture without unsupported certification claims.
- BYOK Data Handling
Customer-managed provider keys and routing responsibilities.
- Data Retention
Retention categories and deletion expectations.
- Cookie Policy
Cookies, storage, and preference controls.
Frequently asked questions
Does Upcube claim GDPR certification on this page?
No. This policy describes privacy posture and categories without unsupported certification badges.
If I use BYOK, is my prompt only on my provider account?
Prompts may be processed by the selected provider under your key, but Ethen may still process operational metadata and workspace records needed to run the product.
Can I delete my data?
Deletion requests can be submitted through available account or support paths. Some records may remain in backups, security logs, or provider systems for a period as described in the Data Retention policy.
Does Ethen sell personal data?
Upcube does not sell personal data in the ordinary commercial sense. Model routing discloses content to providers as needed to fulfill requests you initiate.
Privacy Policy · Ethen by Upcube