The 80-word version
Eleven11 collects only what we need to run the products you use. We don't sell your data, we don't run third-party trackers, and we don't read your content beyond what you authorize. You can read, export, or delete your data at any time. Talk to a person at [email protected].
Who we are
Eleven11 is a brand operated by AilyakEleven Experiences LLP, registered in India at Jibhi, Himachal Pradesh 175123, India. For privacy-related questions, write to [email protected] (or [email protected] if you prefer the data-protection-officer address). For legal correspondence, [email protected].
What we collect
We collect different things for different products. Across the fleet, the data we may handle falls into these classes:
| Data | Purpose | Lawful basis | Retention | Region |
|---|---|---|---|---|
| Account | Authenticate the customer; bind drafts to a workspace. | Performance of contract | Until account deletion + 90 days backups. | EU (Germany), EU (Finland) |
| Content artifacts | Render and store drafts, captions, and exported assets. | Performance of contract | Until customer deletes the draft, or account deletion + 90 days backups. | EU (Germany), EU (Finland) |
| OAuth tokens | Publish customer-authored content to channels the customer has connected (Instagram, Facebook). | Consent | Encrypted at rest; revoked on disconnect or account deletion (within 24 hours of either). | EU (Germany), EU (Finland) |
| Audit subjects | Run the scan you authorized against the domains and endpoints you authorized. | Performance of contract | Findings retained for the engagement term + 7 years for legal-hold compliance unless contractually shorter. | EU (Germany), EU (Finland), India |
| Operational telemetry | Operate the scan reliably; debug failed runs. | Legitimate interest | 30 days. | EU (Germany), EU (Finland) |
| OAuth tokens | Maintain a connection to your calendar provider on your behalf. | Consent | Encrypted at rest; revoked on disconnect or account deletion. | EU (Germany), EU (Finland) |
| Calendar | Read availability and (only with explicit per-feature consent) write events. | Consent | Cached for the duration of your session. | EU (Germany), EU (Finland) |
| Matter content | Store the matter content you upload and the proposals/asks you create. | Performance of contract | Until you delete the matter or the workspace. | EU (Germany), EU (Finland) |
| Content artifacts | Render and version proposals, decks, and other artifacts. | Performance of contract | Until you delete the artifact or the workspace. | EU (Germany), EU (Finland) |
| Canvas content | Store the canvases tenants create and collaborate on. | Performance of contract | Until tenant deletes the canvas or the workspace. | EU (Germany), EU (Finland) |
| Account | Authenticate the tenant and their invited collaborators. | Performance of contract | Until account deletion + 90 days backups. | EU (Germany), EU (Finland) |
| Audit subjects | Aggregate findings from authorized scans into a cross-target intelligence graph. | Performance of contract | Aggregated patterns retained for the engagement term + 7 years; raw findings inherit the source product's retention. | EU (Germany), EU (Finland) |
| Prospect contact data | Reach out to prospects you have a lawful basis to contact, on cadences you set. | Legitimate interest | Until the prospect opts out (immediately suppressed) or you delete the campaign. | EU (Germany), EU (Finland) |
| Content artifacts | Generate, version, and publish content drafts you direct. | Performance of contract | Until you delete the artifact or the workspace. | EU (Germany), EU (Finland) |
| Scraping targets | Capture content from URLs and domains you authorize, respecting robots.txt and applicable terms. | Performance of contract | Captured artifacts retained for the engagement term unless contractually shorter. | EU (Germany), EU (Finland) |
| Scraping targets | Capture the legacy site content you control for the rebuild. | Performance of contract | Source-site captures retained for the rebuild engagement term. | EU (Germany), EU (Finland) |
| Content artifacts | Stage and serve the rebuilt site at <slug>.punah.pro. | Performance of contract | Until cutover or engagement termination. | EU (Germany), EU (Finland) |
For per-product detail (which classes apply to which product, and the exact deletion path), see the per-product transparency cards linked under Per-product summaries below.
What we don't collect
- No third-party trackers. No Google Analytics, no Meta Pixel, no Hotjar, no advertising attribution scripts. Our analytics (Plausible) is self-hosted and cookieless.
- No data sale. We do not sell, rent, or trade personal data. We never have. We never will.
- No cross-site profiling. We do not build behavioral profiles of you across other websites.
- No reading content beyond what you authorize. If you connect a Google or Meta account, we use the OAuth scopes you grant — and only those — to do the work you asked for. We do not read DMs, comments, calendar history outside your stated window, or other account data unrelated to the connected feature.
Per-product summaries
Each product handles data differently. The cards below name the data classes, lawful basis, retention, OAuth scopes, subprocessors, and deletion path for that product specifically.
- Studio — Carousel and short-form content creation, with optional one-click publish to connected social channels.
- Dhara — Audit engine that scans systems you own or are explicitly authorized to test, producing structured reports and an intelligence knowledge graph.
- Cal — Calendar sync hub. Connects Google Calendar (and other calendars on the roadmap) and synthesizes availability across surfaces.
- Architect — Workspace canvas for sessions, asks, proposals, and matter management.
- Manch — Multi-tenant canvas / collaboration surface. Tenants invite collaborators to shared boards.
- Discovery — Attack surface management and intelligence knowledge graph aggregating findings across customers and engagements.
- Outreach — Outreach engine for campaigns, scans, teasers, and email send.
- PR — Editorial pipeline producing structured content from a profile and fact-bundle, publishing via signed ingest.
- Harvester — Universal capture substrate for recipe-driven scraping. Operates on URLs you authorize.
- Phoenix (punah) — WordPress-site rebuilder CLI. Captures legacy sites you control and stages modernized rebuilds.
Subprocessors
We use a small number of vendors to operate Eleven11. Each is listed at /subprocessors with its purpose, data categories, region, and DPA link. We give 30 daysnotice before adding a new subprocessor; you can object, and if we can’t accommodate the objection, you can terminate without penalty.
| Vendor | Purpose | Region | Conditional | DPA |
|---|---|---|---|---|
| Hetzner Online GmbH | Compute and storage hosting for Eleven11 services | EU (Germany), EU (Finland) | — | Vendor DPA |
| Cloudflare, Inc. | DNS, CDN, edge proxy, and tunneling | Global | — | Vendor DPA |
| GitHub, Inc. | Source code hosting and container registry (GHCR) | United States | — | Vendor DPA |
| Anthropic, PBC | Large language model inference. Used only when a customer has not configured their own BYOK provider; Eleven11 never silently routes BYOK-configured workloads to Anthropic. | United States | Only when no BYOK LLM provider is configured for the workspace. | Vendor DPA |
| Google LLC | Gmail and Calendar OAuth ingress for customer-connected accounts | User-region | Only when a customer connects a Google account via Cal. | Vendor DPA |
| Meta Platforms, Inc. | Instagram and Facebook publishing via Graph API for customer-connected accounts | User-region | Only when a customer connects a Meta account via Studio. | Vendor DPA |
| Eleven11 self-hosted mail server (docker-mailserver on Hetzner) | Inbound and outbound email for Eleven11-hosted customer mailboxes | EU (Germany) | Disclosed for transparency. Not a third-party processor; operated by Eleven11 directly on Hetzner infrastructure. | — |
| Self-hosted Plausible Analytics on Hetzner (planned) | First-party, cookieless website analytics for marketing surfaces. No cross-site tracking, no advertising attribution. | EU (Germany) | Planned deployment; not yet live. We will operate Plausible directly on our own infrastructure when activated. No third-party SaaS will receive visitor data. This page is the single update point on activation. | — |
| Stripe, Inc. | Payment processing | United States | Will be activated when paid plans launch. Listed in advance for transparency. | Vendor DPA |
| Customer-supplied LLM provider (BYOK) | LLM inference using credentials the customer brings. Customer is the Controller of this flow; Eleven11 acts as Processor only relative to the customer's configured provider. | Customer-controlled | Only when a customer configures their own LLM API key in their workspace. | — |
Your rights
Whatever your jurisdiction, these rights are available to you over the data we hold about you:
- Read it — request a copy of the personal data we hold about you.
- Correct it — ask us to fix or update something we have wrong.
- Delete it — ask us to erase your data. We comply unless we have a documented legal obligation to retain a specific piece (e.g., tax records).
- Export it — request your data in a structured, commonly-used format.
- Object — object to processing based on legitimate interest.
- Withdraw consent — for anything you consented to, withdraw that consent at any time.
- Walk away— close your account and take your data elsewhere. We don’t hold you hostage.
California residents specifically: we do notsell or share your personal information for cross-context behavioral advertising. We have no “Do Not Sell or Share” toggle because there is nothing to toggle off.
How we honor requests
Email [email protected] from the address on your account. We confirm receipt within 7 days and complete the request within 30 days, regardless of where you live. We do not charge a fee. We may verify your identity by asking you to reply from the account email or to confirm a recent transaction reference; we ask the minimum necessary to be sure we’re acting on the right person’s instruction.
If you’re unhappy with how we handled a request, India residents can escalate to [email protected] for grievance redressal under DPDP Act §13. EU/UK residents have the right to lodge a complaint with their national supervisory authority.
Children
Eleven11 is not directed to users under 18. We do not knowingly collect personal data from anyone under that age. If you believe a child has provided us with data, write to [email protected] and we will delete it.
Defensive tripwires
We use defensive tripwires (canary tokens) on our own infrastructure to detect compromise. They never track website visitors, never appear on customer-facing surfaces, and never collect data about you. Full detail at /security.
International transfers
Eleven11’s default infrastructure runs in the EU (Hetzner Germany and Finland). Some products may, with your connection, route data through user-region endpoints (e.g., when you connect a US-region Google or Meta account). We rely on Standard Contractual Clauses for transfers from the EU/UK and the equivalent country-list permissions from India.
Changes
When this policy changes materially, we update the version number and effective date in the masthead and notify account holders at their registered email at least 30 days before the change takes effect. Current version: 1.0, effective 2026-04-27.
Contact
[email protected] for privacy questions. [email protected] for legal correspondence. [email protected] if you just want to talk to a person.