Mr. ChamberlainPrivacy Policy
Last updated: February 23, 2026
Mr. Chamberlain is designed with your privacy in mind. We process only the data necessary to provide our AI butler service, and you remain in control of your information at all times.
1. Controller
The controller responsible for data processing on this website is the operator identified on our Legal Notice (Impressum) page.
2. Data We Process
2.1 Account Data
When you create an account, we process:
- Email address (via Clerk authentication)
- Display name (if provided)
- Account creation date
Legal basis: Art. 6(1)(b) GDPR — performance of a contract (providing the butler service).
2.2 Chat and Butler Interaction Data
When you interact with Mr. Chamberlain, we process:
- Messages you send to the butler
- Butler responses and actions taken on your behalf
- Documents you upload for analysis
- Butler memory and preferences you configure
Legal basis: Art. 6(1)(b) GDPR — performance of a contract (the core butler service as described in our Terms of Service).
2.3 Payment Data
Payments are processed by Stripe. We store subscription status and credit balances but never handle your card details directly.
2.4 Technical Data
Our hosting infrastructure automatically collects:
- IP address (for security and rate limiting)
- Browser type and operating system
- Date and time of access
Legal basis: Art. 6(1)(f) GDPR — legitimate interest in security and service stability.
3. Third-Party Services
3.1 Clerk (Authentication)
We use Clerk for user authentication. Clerk processes your email address and login credentials.
3.2 Stripe (Payments)
We use Stripe for payment processing. Stripe processes payment method details, billing address, and transaction history.
3.3 AWS (Infrastructure)
Our service runs on Amazon Web Services (AWS) in the EU (Frankfurt) region. AWS processes data as a sub-processor under our instructions.
3.4 AI Model Providers
Chat messages are processed by third-party AI model providers to generate butler responses. Messages are sent via encrypted connections and are not used to train AI models.
4. Cookies
We use only essential cookies required for the service to function:
| Cookie | Purpose | Duration |
|---|---|---|
| __clerk_* | Authentication session | Session |
| chamberlain-theme | Your theme preference (dark/light) | Persistent |
5. Your Rights (GDPR)
Under the General Data Protection Regulation, you have the following rights:
- Right of access (Art. 15) — request information about your personal data
- Right to rectification (Art. 16) — request correction of inaccurate data
- Right to erasure (Art. 17) — request deletion of your data
- Right to restriction (Art. 18) — request limited processing
- Right to data portability (Art. 20) — receive your data in a portable format
- Right to object (Art. 21) — object to data processing
To exercise these rights, contact us at our contact page. We will respond within 30 days.
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Account data | Until account deletion |
| Chat history | 365 days (configurable in settings) |
| Payment records | 10 years (legal requirement) |
| Server logs | 30 days |
7. International Data Transfers
Our primary infrastructure is in the EU (AWS Frankfurt). Where data is transferred outside the EEA (e.g., to AI model providers), it is protected by EU Standard Contractual Clauses (SCCs) and the EU-U.S. Data Privacy Framework where applicable.
8. Data Security
We implement appropriate technical measures:
- HTTPS encryption for all connections
- Encrypted data at rest (AES-256)
- Per-user data isolation
- Regular security audits
9. Supervisory Authority
You have the right to lodge a complaint with a supervisory authority:
10. Changes to This Policy
We may update this privacy policy from time to time. The current version is always available on this page. Significant changes will be communicated via email or in-app notification.