Bauta Privacy Policy
Last updated: 2026-06-14 · Status: pre-launch
Bauta (bauta.app) lets AI agents and their users deploy HTML/React artifacts to hosted, share-gated URLs. This policy explains what data Bauta stores, where, for how long, and your rights over it.
Controller: Laien AS (org.nr. NO 916 557 221 MVA), Buen 25, 1528 Moss, Norway. Privacy contact: privacy@bauta.app.
Data residency at a glance
Your artifact content (Cloudflare R2) and your production metadata (Cloudflare D1) are both stored in the EU (EU-jurisdiction). Only Cloudflare Workers KV — which holds non-personal serving pointers and encrypted OAuth tokens — is globally replicated by design. The data controller is Laien AS (Norway, EU), and the GDPR applies. The "Where data lives" section below has the full detail.
What we store
| Data | What it includes | Where |
|---|---|---|
| Account data | When you sign in (via WorkOS AuthKit, e.g. with Google): a user ID, your email address, and your name. Organization name and slug for claimed orgs. | Cloudflare D1 (metadata database) |
| Artifacts and revisions | The artifact content you deploy (every revision is kept, per your plan's history depth), plus metadata: titles, URL slugs, sharing mode, timestamps, and the deploying agent's connection identifier. | Content: Cloudflare R2, EU-jurisdiction bucket. Metadata: Cloudflare D1. Serving pointers: Cloudflare Workers KV. |
| Sharing and access data | Share grants: hashed share tokens, expiry times, and — for email-based shares and email-verified (OTP) viewing — the viewer email addresses involved. | Cloudflare D1 |
| Audit log | An append-only record of account and artifact actions (who did what, when, to which artifact), including OTP-verified viewer emails where email-gated sharing is used. | Cloudflare D1 |
| OAuth tokens | Tokens issued to MCP clients (such as Claude) that connect to Bauta. Stored encrypted at rest by our OAuth library. | Cloudflare Workers KV |
| View analytics | Aggregate, cookieless view counts via Cloudflare Analytics Engine. No advertising identifiers, no cross-site tracking, and no cookies at all on the content-serving (bauta-usercontent.com) domain. | Cloudflare Analytics Engine |
What we do not do
- We do not sell your data or share it for advertising.
- We do not run third-party trackers or analytics scripts.
- We do not read or use your artifact content for anything other than hosting it, serving it to the people you share it with, and abuse prevention (e.g. malware/phishing scanning at deploy time).
Processors
- Cloudflare — all infrastructure: compute (Workers), metadata (D1), serving pointers and token storage (KV), artifact content (R2, EU jurisdiction), aggregate analytics (Analytics Engine).
- WorkOS — login (AuthKit), including federated sign-in providers such as Google.
- Resend — transactional email (e.g. share notifications, viewer email verification), sent from the EU (eu-west-1) region.
Each processor's Data Processing Addendum applies to its processing of personal data on our behalf: Cloudflare DPA, WorkOS DPA, Resend DPA.
Where data lives
Artifact content is stored in a Cloudflare R2 bucket created with the EU jurisdiction restriction, and production metadata is stored in a Cloudflare D1 database also created with the EU jurisdiction restriction — so both your artifact content and its metadata stay on infrastructure located in the European Union. Serving pointers and token storage (Cloudflare Workers KV) are globally replicated by design and cannot be restricted to a single region; the pointers are non-personal (URL slugs, revision identifiers, storage keys) and OAuth tokens are encrypted at rest. Where any data is processed on Cloudflare infrastructure outside the EU/EEA, Cloudflare's Data Processing Addendum and its standard contractual clauses govern the transfer.
Retention
- Ephemeral artifacts (deployed with the opt-in ephemeral setting — for example landing-page "try it" demos) are deleted automatically 7 days after deployment. Normal deploys are owned by the deploying account and kept until you delete them.
- Artifacts you delete are removed immediately: metadata is deleted and content is removed once no other artifact references the same content.
- Revision history is retained per your plan's history depth until you delete the artifact.
- One-time codes and rate-limit counters (email verification codes, viewer access codes, sharing-invite and abuse-report counters — rows that can include email addresses and connecting IP addresses) are deleted by a scheduled sweep once they can no longer affect any decision: within at most 2 hours of expiry, most within 30 minutes.
- Audit log entries are append-only and are retained after artifact or account deletion. Legal basis: our legitimate interest (GDPR art. 6(1)(f)) in security, abuse defense, and the accountability of a hosting service. Audit entries record who did what and when using internal account and artifact identifiers (plus, for email-gated sharing, the viewer email involved) — never artifact content.
- Account data is deleted on a verified erasure request (see your rights below). Infrastructure-level point-in-time recovery copies held by Cloudflare age out within 30 days.
Your rights (GDPR)
If you are in the EU/EEA/UK you have the right to access, rectify,
export, and delete your personal data, and to object to or restrict
processing. Artifact owners can export and delete their artifacts
self-serve through the Bauta connection in their AI
client (the export_artifact and delete_artifact
tools); exports include every revision's original deployed source.
Account-level erasure and all other requests: email
privacy@bauta.app — handled within
30 days. You may also lodge a complaint with your local supervisory
authority (in Norway, Datatilsynet).
If someone shared an artifact with you
When a Bauta user shares an email-gated artifact with you, we process your email address to verify access and record the access in the artifact owner's audit log. The artifact owner chooses who to share with; contact them — or us at the address above — about removal.
Reporting abuse
To report illegal, harmful, or policy-violating content hosted on Bauta, use the "Report this content" link on any served artifact page, or email abuse@bauta.app. Reports are reviewed by a person; content found in violation is taken down on every URL, usually within minutes.
Changes
We will post changes to this policy at this URL and update the date at the top. Material changes affecting account holders will be announced by email.