Talk to an expert
Start Building

Privacy Policy

Last updated: 07/01/2026

This Privacy Policy explains how Pina Vida Ltd (“Brunelly”, “we”, “us”, “our”) collects, uses, stores, and protects personal data when you use the Brunelly website and platform.

Controller:
Pina Vida Ltd
Registered in England and Wales
Registered office: 71-75 Shelton Street, London, Greater London, United Kingdom, WC2H 9JQ

Contact: hello@pinavida.co.uk

1. Scope

This Privacy Policy applies to:

  • visitors to the Brunelly website
  • users of the Brunelly platform and related services

It does not apply to third-party websites or services linked from Brunelly.

2. Information we collect

A. Website and marketing data

  • Name, email address, company name (when you submit forms)
  • IP address and device/browser information
  • Usage data collected via cookies and analytics tools

B. Account and workspace data

  • Account details (name, email address, authentication details)
  • Workspace membership, roles, and permissions

C. Product and project data

When you use Brunelly, we may process:

  • Ideas, requirements, descriptions, and instructions you provide
  • Documents or files you upload
  • Generated outputs such as:
    • structured requirements
    • architecture overviews and schemas
    • documentation
    • source code and related artefacts
  • Usage metadata (feature usage, timestamps, build runs, credit usage)

D. Repositories and integrations

If you connect a source-code repository (e.g. GitHub):

  • Brunelly may temporarily access repository metadata, code, and documentation
  • Access is limited to what is required to analyse or modify the project
  • Repository content is not stored long-term and is processed transiently to perform requested tasks

E. Payments

Payments are processed by Stripe.
We do not store full payment card details.

3. How we use your data

We use personal data to:

  • operate and provide the Brunelly platform
  • generate and refine outputs you request
  • manage accounts, credits, and billing
  • monitor performance, reliability, and security
  • improve features and user experience
  • communicate service updates and support information
  • meet legal and regulatory obligations

We do not sell personal data. 

4. AI processing and third-party services

Brunelly uses third-party AI model providers and infrastructure services to process requests, including providers such as:

  • OpenAI
  • Anthropic (Claude)
  • Google (Gemini)
  • Moonshot AI (Kimi)

Only the data necessary to complete a task is processed.
We do not use customer content to train Brunelly’s own models.

Use of third-party services is subject to their respective terms and privacy policies.

5. Analytics and cookies

We use analytics tools to understand how the website and platform are used:

  • Google Analytics 4 (GA4) – usage and performance analytics
  • Microsoft Clarity – session insights and interaction analysis

These tools may collect IP addresses, device information, and interaction data.
Cookies are managed via our cookie banner and can be controlled through browser settings.

6. Legal basis for processing (UK GDPR)

We process personal data under one or more of the following legal bases:

  • Contract – to provide the Brunelly service
  • Legitimate interests – to operate, secure, and improve the platform
  • Consent – for optional cookies and marketing communications
  • Legal obligation – where required by law

7. Data hosting and international transfers

Data is hosted in the United Kingdom using secure cloud infrastructure.

Where third-party providers process data outside the UK or EEA, appropriate safeguards are used, such as standard contractual clauses or equivalent protections.

8. Data retention

We retain data only for as long as necessary to:

  • provide the service
  • comply with legal obligations
  • resolve disputes and enforce agreements

You may request deletion of your account and associated data, subject to legal and operational requirements (such as backups).

9. Security

We implement appropriate technical and organisational measures to protect personal data.

Pina Vida Ltd is ISO 27001 certified, and this certification covers Brunelly’s operational scope.

No system is entirely secure, but we take reasonable and proportionate steps to safeguard information.

10. Your rights

You have the right to:

  • access your personal data
  • correct inaccurate data
  • request deletion
  • restrict or object to processing
  • request data portability (where applicable)
  • withdraw consent (where consent is used)

Requests can be made by contacting hello@pinavida.co.uk

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO).

11. Business transfers

If Pina Vida Ltd undergoes a merger, acquisition, or sale of assets, personal data may be transferred as part of that transaction, subject to appropriate safeguards.

12. Changes to this policy

We may update this Privacy Policy from time to time.
Material changes will be posted on our website and, where appropriate, notified to users.