Legal
Privacy Policy
Effective date: May 1, 2026 · Last updated: July 6, 2026
Lineation provides AI agent security and governance software, available as a managed cloud service and as on-premises software you deploy in your own environment. This Privacy Policy explains how we collect, use, disclose, and protect information when you visit lineation.ai, create an account, or use the Lineation platform.
1. Who we are
Lineation ("Lineation," "we," "us," or "our") operates the Lineation platform and the lineation.ai website. If you have questions about this policy or our privacy practices, contact us at privacy@lineation.ai.
2. Scope
This policy applies to:
- Our website (lineation.ai), including pages where you request a demo, sign up for Lineation Cloud, or contact us;
- Lineation Cloud, our multi-tenant hosted service; and
- Lineation On-Premises, software you install and operate within your own infrastructure.
If you use Lineation under a separate written agreement (such as an enterprise order form or data processing addendum), that agreement may supplement or override portions of this policy for your organization.
3. Information we collect
Information you provide
We collect information you voluntarily submit, including:
- Account and profile data — name, work email address, organization name, job title, and authentication credentials;
- Communications — messages you send through contact forms, support requests, sales inquiries, and email;
- Billing information — payment and invoicing details processed by our payment providers (we do not store full payment card numbers on our systems); and
- Configuration data — settings, policies, and integration credentials you configure in the platform.
Public website analytics
When you browse lineation.ai (our public marketing website), we and our analytics partners collect certain information automatically to understand how visitors use the site and measure the effectiveness of our advertising. This includes:
- PostHog — product analytics that records page views, navigation paths, referrer, browser type, device information, and approximate location derived from IP address. PostHog is operated by PostHog, Inc. See the PostHog Privacy Policy.
- Google Ads — conversion measurement via Google tag (gtag.js) to evaluate advertising campaign performance. Google may set cookies and collect interaction data about your visit. Google is operated by Google LLC. See Google's Privacy Policy and How Google uses information from sites that use its services.
These third-party services are loaded only on the public lineation.ai website. They are not present in Lineation Cloud, on-premises deployments, or authenticated product interfaces.
Lineation platform
When you use Lineation Cloud, we automatically collect certain operational and security data necessary to run the service, including:
- Usage and audit logs — agent activity metadata, policy evaluation events, authentication events, and administrative actions within your tenant;
- Technical data — IP address, browser type, device identifiers, timestamps, and diagnostic logs; and
- Security data — signals used to detect abuse, unauthorized access, and service incidents.
The Lineation platform (Cloud and on-premises) does not use third-party advertising pixels, social media trackers, or cross-site behavioral tracking technologies.
Customer content and agent data
Depending on how you configure Lineation, the platform may process metadata about AI agent interactions (such as provider identifiers, tool invocations, policy decisions, and trace records). You control what data flows through Lineation. We treat this information as Customer Data and process it only to provide, secure, and support the service as described in your agreement with us and in Section 4 of this policy.
4. How we use information
We use the information we collect to:
- Provide, operate, maintain, and improve the Lineation platform;
- Understand how visitors use lineation.ai and measure advertising effectiveness (public website only, via PostHog and Google Ads);
- Authenticate users and enforce access controls;
- Detect, prevent, and respond to security incidents and abuse;
- Provide customer support and respond to inquiries;
- Process transactions and manage subscriptions;
- Comply with legal obligations and enforce our terms; and
- Generate aggregated, de-identified analytics to understand product performance (we do not use Customer Data for third-party advertising).
5. Cloud and on-premises deployments
Lineation Cloud
When you use Lineation Cloud, Customer Data is stored and processed in cloud infrastructure operated by us or our infrastructure subprocessors. We apply administrative, technical, and physical safeguards designed to protect Customer Data in transit and at rest.
Lineation On-Premises
When you deploy Lineation on-premises, Customer Data remains within your environment under your control. We may receive limited information for license validation, security updates, and support if you enable those features. You are responsible for securing your on-premises deployment, network, and underlying infrastructure.
6. Third-party services: website vs. platform
Public website
As described in Section 3, the lineation.ai marketing website uses PostHog for product analytics and Google Ads for conversion measurement. These providers process data on our behalf to help us understand site traffic and advertising performance. We do not use Customer Data or platform usage data for these website analytics.
You can limit website tracking through your browser settings (including blocking cookies), browser extensions, or platform opt-out tools such as Google Ads Settings. Blocking cookies may affect site functionality.
Lineation platform
Lineation is built for security-conscious organizations. We do not sell personal information, and we do not use third-party advertising networks, retargeting pixels, or cross-site tracking technologies in Lineation Cloud or on-premises software.
We do not permit subprocessors to use Customer Data for their own marketing or profiling purposes. Any subprocessors we engage are limited to providing infrastructure, communications, or payment services necessary to operate Lineation Cloud.
7. How we share information
We may share information in the following circumstances:
- Service providers — with vendors who assist us in hosting, monitoring, email delivery, customer support, payment processing, website analytics (PostHog), and advertising measurement (Google), subject to contractual confidentiality and security obligations;
- Your direction — when you integrate Lineation with third-party AI providers, identity systems, or other tools you authorize;
- Legal requirements — when required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of Lineation, our customers, or others; and
- Business transfers — in connection with a merger, acquisition, financing, or sale of assets, subject to continued protection of personal information.
We do not sell or rent personal information to third parties.
8. Data security
We implement safeguards appropriate to the nature of the data we process, including encryption in transit, access controls, logging, and vulnerability management. No method of transmission or storage is completely secure; we cannot guarantee absolute security.
If you believe your account or data has been compromised, notify us immediately at security@lineation.ai.
9. Data retention
We retain personal information for as long as necessary to provide the service, fulfill the purposes described in this policy, comply with legal obligations, resolve disputes, and enforce our agreements. Retention periods for Customer Data in Lineation Cloud may be configurable within your account or governed by your enterprise agreement.
When you close your account or request deletion, we will delete or anonymize personal information within a reasonable period, except where retention is required by law or legitimate business needs (such as backup cycles or audit logs).
10. International data transfers
Lineation is based in the United States. If you access the service from outside the United States, your information may be transferred to, stored in, and processed in the United States and other countries where we or our subprocessors operate. Where required, we use appropriate safeguards for cross-border transfers, such as standard contractual clauses.
11. Your privacy rights
Depending on where you live, you may have rights to access, correct, delete, or export personal information, to restrict or object to certain processing, and to withdraw consent where processing is consent-based. You may also have the right to lodge a complaint with a supervisory authority.
To exercise these rights, contact privacy@lineation.ai. We will verify your request and respond within the timeframe required by applicable law. If you are an end user of a customer organization, please contact your organization administrator first; we may direct your request to the customer that controls your data.
California residents
If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA), as amended by the CPRA, including the right to know what personal information we collect, the right to delete personal information, and the right to opt out of the sale or sharing of personal information.
We do not sell personal information. Our use of Google Ads on the public website may constitute "sharing" of online identifiers for cross-context behavioral advertising as defined by California law. You may opt out via Google Ads Settings or by contacting privacy@lineation.ai. We do not share Customer Data or platform usage data for advertising purposes.
European Economic Area, UK, and Switzerland
Where the General Data Protection Regulation (GDPR) or UK GDPR applies, Lineation acts as a data controller for account, website, and billing data, and typically as a data processor for Customer Data you submit to the platform. Enterprise customers may execute a Data Processing Addendum (DPA) that governs our processing of Customer Data on your behalf.
12. Children's privacy
Lineation is a business service not directed to children under 16 (or the age required by local law). We do not knowingly collect personal information from children. If you believe we have collected information from a child, contact us and we will delete it.
13. Changes to this policy
We may update this Privacy Policy from time to time. If we make material changes, we will post the updated policy on this page and update the "Last updated" date. Where required by law, we will provide additional notice. Your continued use of the service after changes become effective constitutes acceptance of the revised policy.
14. Contact us
Questions about this Privacy Policy or our data practices:
- Email: privacy@lineation.ai
- Security incidents: security@lineation.ai
- Website: lineation.ai
See also our Terms of Service.