Privacy Policy

Juniper OS is operated by Juniper Enterprises Holdings Limited, a company registered in England and Wales. We are the data controller for the personal data you provide to us through the Juniper OS platform at juniperos.co.uk.

Our registered office address is available on request to privacy@juniperenterprises.co.uk. Our ICO registration reference is to be confirmed.

We collect and process the following categories of data:

• Account information — your name, email address, password hash, and any profile fields you add. Provided by you at signup and in settings.
• Business data — company details, financial records, customer lists, documents you upload, and any information you share about your operations so that our AI agents can assist you.
• Conversations — messages you exchange with Juniper OS and the other Juniper OS agents, including any attachments. These are used to build and refine the model we hold of your business.
• Integration data — information we retrieve with your explicit permission from third-party services you connect (for example, Stripe).
• Usage analytics — technical information about how you use the platform: log timestamps, API usage, error reports, and approximate location derived from your IP address. Used to operate the service and protect it from abuse.
• Consent records — an immutable audit trail of the consents you give and withdraw, stored as required by GDPR Article 7.

We use your data to:

• Operate the Juniper OS platform and the AI agents you activate.
• Personalise every agent reply so it speaks to your specific business, industry, currency and regulatory context.
• Produce morning briefings, artifacts, and proactive suggestions grounded in the information you share with us.
• Handle billing, subscription management, and tax reporting.
• Detect and prevent fraud, abuse, and security incidents.
• Comply with our legal obligations.

We do not sell your data, and we do not use your business data to train third-party foundation models.

Under UK GDPR we rely on the following legal bases: performance of our contract with you (to deliver the platform), our legitimate interests (to secure and improve the service), your explicit consent (for optional processing such as platform intelligence opt-in), and compliance with legal obligations.

We use the following sub-processors to operate Juniper OS. Each is bound by a data processing agreement:

• Anthropic — provides the Claude models that power Juniper OS and every functional agent. Your conversations are sent to the Claude API to generate replies.
• Supabase — hosts our PostgreSQL database and authentication layer. Your business data is stored at rest in the eu-west-2 region.
• Stripe — processes payments and manages subscriptions. Card details are collected and held by Stripe, not by us.
• Vercel — hosts and serves the Juniper OS web application.
• Resend — delivers transactional email from us to you.

A current sub-processor list is available on request. We will notify customers of material changes before they take effect.

We retain your account and business data for as long as your Juniper OS subscription is active, and for a limited period thereafter to meet legal, accounting and audit obligations. Immutable consent records and audit logs are retained for the statutory period and cannot be deleted, as required by GDPR.

You may request deletion of your account at any time. A 30-day recovery window applies after deletion requests, after which data is permanently removed.

Under UK GDPR you have the right to:

• Access — request a copy of the personal data we hold about you.
• Rectification — ask us to correct inaccurate or incomplete data.
• Erasure — ask us to delete your personal data (subject to legal retention requirements).
• Portability — receive a structured, machine-readable export of your data.
• Restriction — ask us to limit how we process your data while a dispute is being resolved.
• Objection — object to processing carried out on the basis of legitimate interests.
• Withdraw consent — at any time, for processing based on consent.
• Complain — to the UK Information Commissioner's Office at ico.org.uk.

To exercise any of these rights, contact privacy@juniperenterprises.co.uk. We will respond within one month.

Your business data is stored in the European Union (Supabase eu-west-2). Some of our sub-processors — notably Anthropic, Stripe and Vercel — process data in the United Kingdom, the European Economic Area and the United States. Where data is transferred outside the UK or EEA, we rely on the UK International Data Transfer Addendum or Standard Contractual Clauses approved by the European Commission.

Juniper OS uses essential cookies only — session tokens required to keep you logged in and CSRF tokens that protect authenticated actions. We do not use advertising cookies, third-party tracking, or analytics cookies that identify you.

See our Cookie Policy for details.

All traffic is encrypted in transit via TLS. Data is encrypted at rest. Every table in our database enforces row-level security so customers can never see each other's data. All agent actions are recorded in an immutable audit trail.

We may update this policy from time to time. Material changes will be announced in the Juniper OS dashboard and, where appropriate, by email before they take effect. The current version is always available at juniperos.co.uk/privacy.

Questions, requests or complaints about this policy should be sent to privacy@juniperenterprises.co.uk.

Juniper Enterprises Holdings Limited, registered in England and Wales. ICO registration: TBC.