Skip to main content

Privacy Policy

Last updated: June 4, 2026

La Rebelion Labs ("La Rebelion Labs," "we," "us," or "our") operates websites, products, software, platforms, communities, documentation, and related services under the La Rebelion Labs umbrella.

This Privacy Policy applies to:

Together, these are referred to as the "Services."

Your privacy matters to us.

We design our products with:

  • privacy-by-default
  • minimal data collection
  • developer control
  • clear ownership
  • self-hosted and air-gapped options where applicable

This Privacy Policy explains what data we collect, why we collect it, how we use it, and the choices you have.

1. Our Privacy Principle

Our principle is simple:

Your data is yours. We only touch what is necessary to operate, secure, support, and improve the Services.

We do not sell personal data.

We do not use customer prompts, MCP payloads, tool executions, or connected API data to train AI models by default.

2. Scope of This Policy

This Privacy Policy applies to information processed through the Services, including:

  • Websites
  • Documentation
  • Dashboards
  • CLIs
  • APIs
  • Community portals
  • Membership systems
  • Developer tooling
  • Cloud services
  • Managed services
  • Support channels
  • Related La Rebelion Labs offerings

This Privacy Policy does not apply to:

  • Third-party services not operated by us
  • Customer-operated self-hosted systems where we do not receive data
  • Third-party AI model providers, cloud providers, payment processors, identity providers, or communication platforms
  • External websites linked from our Services

Third-party services are governed by their own privacy policies and terms.

3. Information We Collect

We collect only what is necessary for the Services we provide.

3.1 Information You Provide Directly

You may provide information such as:

  • Name
  • Username
  • Email address
  • Organization or company name
  • Billing or subscription details
  • Account information
  • Community membership information
  • Support requests
  • Feedback
  • Messages or communications you send to us
  • Files, prompts, configurations, or payloads you intentionally submit to a hosted Service

We do not require personal data to run self-hosted, local, or air-gapped deployments unless you choose to connect those deployments to a managed service or support channel.

3.2 Information Collected Automatically

When you access our websites or hosted Services, we may collect limited technical data such as:

  • IP address
  • Browser type
  • Device type
  • Runtime environment
  • Operating system
  • Approximate location, such as country or region
  • Timestamps
  • Referring pages
  • Basic request metadata
  • Error logs
  • Performance metadata
  • Security events

This information is used for:

  • Security
  • Abuse prevention
  • Reliability
  • Performance monitoring
  • Troubleshooting
  • Product improvement
  • Understanding high-level usage patterns

3.3 Account, Membership, and Billing Data

If you create an account, subscribe, purchase access, join a membership, or become a commercial customer, we may process data needed to manage that relationship.

This may include:

  • Account identifiers
  • Subscription status
  • Plan or license type
  • Payment status
  • Billing contact details
  • Invoice metadata
  • Organization information
  • Access permissions

Payment information may be processed by third-party payment providers. We do not intentionally store full payment card numbers unless explicitly stated by a payment provider or commercial agreement.

3.4 MCP, API, Agent, and Tooling Data

Some Services may help you expose, connect, or operate:

  • APIs
  • MCP servers
  • AI agents
  • tool calls
  • Skills
  • workflows
  • plug-ins
  • automations
  • connected enterprise systems

Important clarification:

  • We do not inspect, store, or train on MCP payloads, prompts, tool execution data, or connected API business data by default.
  • Requests may be processed ephemerally to provide the requested functionality.
  • Logging, tracing, observability, analytics, or debugging may be configurable depending on the product, deployment, and plan.
  • Enterprise or self-hosted users may configure their own logging and retention.
  • For local, on-premise, or air-gapped deployments that do not connect to our managed services, La Rebelion Labs may have no access to runtime traffic.

You are responsible for the data you expose to agents, tools, APIs, workflows, models, and integrations.

3.5 AI and Assistant Data

If you use hosted AI features, assistant experiences, agent workflows, or connected automation features, we may process the information needed to provide those features.

This may include:

  • Inputs you submit
  • Tool instructions
  • Workflow configuration
  • Agent configuration
  • Conversation context
  • Files or data you intentionally provide
  • Metadata about execution success, errors, or performance

We do not use this data to train AI models by default.

If a feature uses a third-party AI model provider, that provider may process data according to its own terms and privacy policy. We aim to design integrations so users can understand and control these flows.

3.6 Cookies and Similar Technologies

We may use cookies or similar technologies for:

  • Essential functionality
  • Authentication
  • Security
  • Session management
  • Preferences
  • Reliability
  • Performance
  • High-level usage analytics

We do not use cookies for:

  • Behavioral advertising
  • Cross-site tracking
  • Selling personal data
  • Invasive profiling

You can manage or disable cookies through your browser settings. Some features may not work correctly without essential cookies.

4. How We Use Information

We use information to:

  • Provide and operate the Services
  • Authenticate users
  • Manage accounts, memberships, subscriptions, and licenses
  • Process payments and invoices
  • Provide support
  • Respond to requests
  • Improve reliability and performance
  • Detect and prevent abuse, fraud, security incidents, and misuse
  • Debug errors and troubleshoot issues
  • Communicate important updates
  • Improve developer experience
  • Maintain documentation and community resources
  • Comply with legal obligations
  • Enforce our Terms, licenses, and commercial agreements

We do not sell personal data.

We do not use customer prompts, MCP payloads, tool executions, or connected API data for AI model training by default.

Where applicable, we process personal data based on one or more legal bases, including:

  • Consent — when you explicitly provide information or opt into a feature
  • Contractual necessity — to provide the Services, memberships, subscriptions, support, or commercial access
  • Legitimate interests — to secure, operate, improve, and protect the Services
  • Legal obligations — when processing is required by applicable law

6. How We Share Information

We may share limited information only when necessary.

This may include sharing with:

  • Hosting providers
  • Infrastructure providers
  • Analytics providers
  • Payment processors
  • Authentication providers
  • Email or communication providers
  • Support tools
  • Security tools
  • Professional advisors
  • Legal authorities when required by law

We require vendors to process data only for appropriate service-related purposes.

We do not sell personal data.

We do not share MCP execution data, prompts, tool payloads, or connected API business data with third parties for AI model training.

7. Third-Party Services and Integrations

The Services may integrate with third-party platforms, including:

  • Cloud providers
  • AI model providers
  • Identity providers
  • Payment providers
  • Communication channels
  • Developer tools
  • Git providers
  • API platforms
  • Observability tools
  • Customer systems

When you connect a third-party service, data may be shared with that provider according to your configuration and their terms.

You are responsible for reviewing and approving third-party integrations before use.

8. Self-Hosted, Local, On-Premise, and Air-Gapped Deployments

Some La Rebelion Labs products may support self-hosted, local, on-premise, or air-gapped deployments.

For these deployments:

  • You control the runtime environment
  • You control logs and retention
  • You control secrets and credentials
  • You control access to your systems and data
  • La Rebelion Labs may have no access to runtime data
  • Telemetry may be disabled or configurable depending on the product

You are responsible for securing and operating your deployment.

9. Data Retention

We retain personal data only as long as necessary for the purposes described in this Privacy Policy.

Typical retention may include:

  • Account data: while your account remains active
  • Membership or subscription data: while needed to manage access and records
  • Billing data: as required for accounting, tax, legal, or compliance purposes
  • Support communications: as needed for follow-up, auditing, and service improvement
  • Logs and telemetry: generally short-lived unless needed for security, debugging, compliance, or configured retention
  • Self-hosted logs: controlled by you

We may retain certain information longer when required by law, necessary to resolve disputes, enforce agreements, or protect the Services.

10. Security

We take security seriously and use reasonable technical and organizational measures, such as:

  • Encryption in transit
  • Access controls
  • Least-privilege principles
  • Secure deployment practices
  • Dependency and infrastructure reviews
  • Credential protection practices
  • Monitoring for abuse and suspicious activity

However, no system is 100% secure.

You are responsible for securing your own systems, accounts, secrets, credentials, APIs, agents, workflows, and self-hosted deployments.

11. Your Rights and Choices

Depending on your location, you may have rights to:

  • Access your personal data
  • Correct inaccurate personal data
  • Request deletion
  • Object to processing
  • Restrict processing
  • Request portability
  • Withdraw consent where processing is based on consent
  • Opt out of certain uses where applicable

To exercise your rights, contact us using the information below.

We may need to verify your identity before fulfilling a request.

12. California Privacy Notice

If applicable, California residents may have specific rights regarding personal information, including the right to know, delete, correct, and opt out of certain sharing or selling of personal information.

La Rebelion Labs does not sell personal data.

La Rebelion Labs does not use personal data for behavioral advertising by default.

If our practices change in a way that requires additional California privacy disclosures, we will update this Policy.

13. International Data Transfers

The Services may be operated from, or use providers located in, different countries.

If personal data is transferred across borders, we use appropriate safeguards where required by applicable law.

14. Children’s Privacy

The Services are not intended for children under 13.

We do not knowingly collect personal data from children under 13.

If you believe a child has provided personal data to us, please contact us so we can take appropriate action.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

When we do:

  • We will update the "Last updated" date
  • Material changes may be communicated when appropriate
  • Continued use of the Services means acceptance of the updated Policy

If you do not agree with the updated Policy, you should stop using the Services.

16. Contact Us

Questions about this Privacy Policy or our data practices?

La Rebelion Labs
🌐 https://rebelion.la
📧 Contact Us

Built with transparency.
Designed for developers.
Privacy by default.