Privacy Policy

Last Updated: June 1, 2025

Your privacy is important to us. This Privacy Policy explains what information Elastic Copilot collects, how we use and share that information, and the choices you have. This policy applies to all users of the Elastic Copilot VS Code extension, our website (https://elasticapp.ai), and any related services (collectively, the "Service"). By using Elastic Copilot, you agree to the collection and use of information as described in this Privacy Policy. If you do not agree, please do not use the Service.

We are committed to protecting your data and being transparent about our privacy practices. We encourage you to read this Privacy Policy fully. For any questions or concerns, feel free to contact us at founders@elasticapp.io.

Information We Collect

We collect information that you provide to us directly, information that is collected automatically as you use Elastic Copilot, and information from third-party integrations if you choose to connect them. The types of information we collect include:

●Account and Contact Information: When you sign up for Elastic Copilot, we collect personal information such as your name, email address, and login credentials. If you register through a third-party OAuth (for example, signing in with Google Workspace), we collect the basic profile information that service provides (such as your name and email). This information is used to create and maintain your account and to communicate with you (for example, sending verification emails, updates, or support responses).

●Payment Information: If you subscribe to a paid plan, our payment processor (e.g., Stripe) will collect your payment card details and billing information. We do not store your full credit card number or CVV on our servers. We may store a record of your transactions (e.g., that you subscribed on a certain date, the plan type, and amount). Payment information is used solely for processing payments, fraud prevention, and compliance with legal obligations (like tax calculation).

●Usage Data (AI Queries and Code Context): When you use the Elastic Copilot extension in VS Code, it will collect certain data in order to provide AI assistance:

○Prompts and Queries: The text you input into Elastic Copilot (for example, a question you ask the AI, a request for code completion, or a debugging command) and related context (such as surrounding code or error messages) are collected so that the AI models can process them and generate a response. This data may include snippets of your source code or other project content to provide context for the AI. By design, this usage data can include code or text that you are editing in your IDE. We treat this information as confidential and use it only to fulfill your request and improve the Service (as detailed below).

○AI Outputs: The suggestions or explanations returned by the AI (the "Suggestions") may be temporarily logged on our servers (for example, to send them to your editor and to allow you to view past AI responses in your development history). These outputs are typically derived from your inputs and do not usually contain additional personal data beyond what you provided.

○Click and Action Data: We may collect data on your interactions with Elastic Copilot's interface – for instance, whether you accepted an AI suggestion, edited it, or ignored it. We might log which commands or features you use (e.g., "Explain code" vs "Write tests" features) and how often, as well as timestamps of usage. This information helps us understand feature usage and improve the user experience.

○Terminal and File Operations: If you use Elastic Copilot's features that execute terminal commands or modify files (with your permission), we may log the fact that an operation was executed (e.g., "Ran npm install via Copilot" or "Created new file X via Copilot"), along with success/failure information or error logs. We do not collect the full contents of your files via such logging, but we might capture file names or command parameters for telemetry.

●Device and Technical Information: We collect certain information about the devices and applications you use to access Elastic Copilot:

○Device/IDE Info: We may collect details like your operating system, VS Code version, Elastic Copilot extension version, and hardware identifiers (such as a device ID or IP address). This helps in troubleshooting compatibility issues and providing proper support.

○Log Data: Our systems automatically record certain information in log files. This can include your IP address, browser type (for web requests), the features you used, error messages, and other diagnostic data. For example, when the Elastic Copilot extension communicates with our server (to authenticate or to fetch an AI response), we log the time of request and whether it was successfully fulfilled. These logs are important for monitoring system health, security, and usage.

●Cookies and Website Analytics: When you visit our website or web dashboard, we may use cookies or similar tracking technologies to remember your preferences and gather usage statistics. For instance, we might use cookies to keep you logged in, or to track pageviews and feature clicks on our documentation or landing pages. We do not use cookies for third-party advertising. We may use analytics tools (like Google Analytics or a self-hosted analytics solution) to understand how our website is used, but any analytics service will be configured not to collect unnecessary personal info (IP anonymization where applicable, etc.). You can set your browser to refuse cookies, but some website features may not function properly without them.

●Third-Party Integration Data: Elastic Copilot integrates with certain third-party services only if you choose to connect them:

○Slack Integration: If you connect Elastic Copilot with Slack (for example, to get notifications or ask coding questions through a Slack channel), we will receive from Slack the information necessary to enable this – such as your Slack user ID, workspace ID, and messages you send to the Elastic Copilot bot. We will store tokens/credentials provided by Slack to maintain the connection. We use Slack data only to perform the functions you request (e.g., respond within Slack to your query or send alerts).

○Google Workspace Integration: If you integrate Google services (for instance, sign in with Google OAuth or allow Elastic Copilot to access Google Drive files or Gmail for some coding-related function), we collect the authentication tokens and any data you explicitly permit. For example, if Elastic Copilot were to read a Google Docs file because you ask it to analyze some content there, it will access that content only for the purpose of fulfilling your request. We will abide by Google's API user data policy and will not use data from your Google account for any purpose other than providing the requested service to you.

○Other Integrations: For any future integrations (e.g., GitHub, GitLab, Jira, etc.), similar principles will apply: we will only collect the minimal data needed from those services and only after you have authenticated/authorized the integration. We will be transparent about what is collected and how it's used at the time you connect any integration.

Sensitive Personal Data: Elastic Copilot is not intended to collect sensitive personal information such as government IDs, health information, biometric data, or financial account details outside of the context of payment. We ask that you do not input any sensitive personal data into prompts or code when using the AI features. Our Service is focused on code and technical data, and any personal information appearing in code (e.g. names, email addresses in config files) will be handled as described in this policy, but please minimize any sensitive personal data you expose to the Service. We do not knowingly collect any data about children under 13, and our Service is not directed to children (see "Children's Privacy" below).

How We Use Your Information

Elastic AI (the company behind Elastic Copilot) uses the collected information for the following purposes:

●To Provide and Maintain the Service: We use your information to operate Elastic Copilot's core functionalities. This includes using your code snippets and prompts to generate AI suggestions, using your account data to log you in and personalize your environment, and processing transactions for paid plans. For example, we take the code context you've provided and send it to our AI model providers (like OpenAI or Anthropic) to generate the completion or explanation you requested. Without your data, these features wouldn't work.

●To Improve and Develop the Platform: We continually work on enhancing Elastic Copilot's capabilities, performance, and user experience. We analyze usage data and feedback to:

○Debug and fix errors or outages. (For instance, error logs and telemetry might alert us that a certain feature is crashing the extension, and we'll use that data to repair the issue.)

○Optimize AI model performance and accuracy. We might evaluate (either by algorithms or manually) some anonymized prompt/response pairs to see how well the AI is doing and where it fails, helping us fine-tune prompts or decide on model updates. If Privacy Mode is enabled for your account, we will not use your specific code or prompts for such evaluations – we would rely on aggregate data or opt-in data from others.

○Develop new features. Understanding which features are most used (e.g., "generate code" vs "run tests") and how users interact with the tool guides our development priorities. We may also use user feedback submitted to us (via email or forums) to design improvements.

○Train our own models or algorithms. Elastic Copilot may utilize anonymized, aggregated usage data to train internal algorithms (for example, improving our suggestion ranking or building a model to better understand code context). We do not include your private code in any public dataset, and any training that involves user code or prompts would be done under strict controls and only with data from users who have not opted out (see Privacy Mode). We also have zero-retention agreements with our third-party AI providers, so OpenAI, Anthropic, and similar services are contractually bound not to use your data for their own training or improvement.

●To Communicate with You: We use contact information (like your email) to send service-related communications:

○Onboarding emails, password reset messages, and account notifications.

○Information about feature updates, security alerts, or policy changes. For example, we might send an email if we update this Privacy Policy or introduce important new security features.

○Support responses: If you contact us with a problem or question, we'll use your email and any info you provide to respond. We may ask for additional diagnostic data (like logs) if needed to assist you.

○We may also send you product announcements or promotional communications to your email if you have opted-in to receive them. You can unsubscribe from marketing emails at any time by clicking the "unsubscribe" link, or adjusting preferences in your account settings. Transactional and account-critical emails, however, may still be sent even if you opt out of marketing, as they are necessary for the Service.

●For Security and Fraud Prevention: We are committed to ensuring the security of your data and our systems. We will use data (like IP addresses, log-in attempts, usage patterns) to detect and prevent fraud, abuse, or security incidents. For example, if we notice unusual access to your account or suspect an access token has been compromised, we might use that information to block access or notify you. We also may use automated tools to screen for known malicious activity (like scanning uploaded content for viruses or verifying OAuth tokens with providers). Audit logs of certain actions (like a history of major changes or AI actions performed on your code) are kept to help investigate any security-related events.

●Compliance with Legal Obligations: We may process and retain your personal information as needed to comply with laws, regulations, and legal requests. For example, if required by law, we might retain certain financial records for tax auditing, or disclose information to law enforcement in response to a valid legal process. We also use personal information to enforce our Terms of Use (such as to investigate violations or handle user disputes).

●Aggregated and Anonymized Data: We may aggregate or anonymize data so it can no longer be linked to you or your organization. We might use this aggregated data for purposes such as analyzing trends (e.g., "X% of users use feature Y weekly"), academic research, or marketing (e.g., publishing the number of code completions generated by Elastic Copilot across all users). This aggregated information contains no personally identifiable information and no private code content tied to any individual.

We will not sell your personal information to third parties. We do not use the information we collect to create profiles about your behavior for advertising purposes, nor do we share your data with advertisers or data brokers.

How We Share and Disclose Information

Elastic AI respects your privacy and shares personal data only in limited circumstances. The types of third parties and scenarios where we may share information include:

●AI Model Providers: As explained, when you request an AI completion or other AI-driven function, we send your prompt and relevant context to the chosen AI provider (e.g., OpenAI, Anthropic, Google Vertex AI) in order to receive the result. These providers act as processors of your data on our behalf. We have explicitly negotiated agreements that prevent these providers from storing or using your data for any purpose other than to provide the AI response. They do not retain your code or prompts after delivering the result. However, using the AI providers is essential for the core functionality of Elastic Copilot – if you do not want your code or prompt data sent to such third parties, you should not use the AI features of the Service (or you should enable Privacy Mode such that only minimal data is sent; see Privacy Mode below).

●Cloud Hosting and Storage (Infrastructure): Elastic Copilot"s servers and databases are hosted on Google Cloud Platform (GCP) in the United States. All your data (account info, usage logs, any stored code context, etc.) is stored on secure servers in data centers located in the U.S. GCP, as our cloud provider, technically processes data as needed for storage and backup. We rely on GCP"s robust security certifications and compliance with privacy standards. GCP does not access your content except as needed to maintain the cloud service (and as permitted by law or our agreement with them).

●Payment Processor: When you make payments, your data is shared with Stripe (or a similar payment processor). Stripe will receive information like your name, email, and payment details to process transactions. Stripe is PCI-DSS compliant and is prohibited from using your payment info except to provide payment services. We share only the information necessary for billing (such as your email to send receipts, or an ID to link the payment to your account).

●Error Tracking and Analytics: We use services like Sentry (error tracking) and possibly analytics tools to improve Elastic Copilot. Sentry may receive context about an error in the app, which can include anonymized identifiers or snippets of code where an error occurred. We strive to strip out or mask any sensitive data from error reports, and Sentry is obligated to protect any data it does receive per its service terms. Similarly, if we use an analytics service (like Google Analytics on the marketing site), it might use cookies and collect usage info such as page visits or user agent. These third-party analytics tools are configured not to collect sensitive personal data, and IP addresses may be anonymized when required. All third-party service providers are selected for their commitments to data protection.

●Third-Party Integrations (User-Enabled): If you connect Slack, Google, or another integration to Elastic Copilot, we will share data with and receive data from that third party as necessary to provide the integration. For example, if you enable Slack integration, Elastic Copilot will send messages to Slack (which could include AI-generated content or code snippets you asked it to summarize) and will listen for messages you send to it via Slack. Similarly, if you ask Elastic Copilot to analyze a Google Doc, we send the document content to our AI for analysis. These actions are under your control, and the data shared is only what is necessary for the integration"s function. Slack and Google will handle any data on their side according to their own privacy policies, so we encourage you to review those if you use the integrations.

●Service Providers and Subprocessors: Elastic AI may engage trusted third-party companies to perform certain business-related functions. These parties are our service providers (or "subprocessors") and may handle your data on our behalf, under strict confidentiality and data protection terms. For example:

○Email Service: We might use a service like SendGrid or Amazon SES to send transactional emails (like verification codes or notifications). They would process your email address and the content of the email.

○Logging/Monitoring: We might use Datadog or similar for system monitoring (which may involve processing anonymized metrics about usage, with Privacy Mode filtering out code data).

○Database and Analytics: As noted, we use cloud databases (like a managed MongoDB or similar) to store non-code analytics data for users without Privacy Mode. This means if Privacy Mode is off, some usage analytics (excluding raw code) might be stored and processed in those systems.

○All such providers are bound by contracts to only use data as we instruct and to maintain adequate security. A list of current subprocessors can be provided upon request if required.

●Business Transfers: If Elastic AI (the company) is involved in a merger, acquisition, sale of assets, or reorganization, your information could be transferred to the successor or new owner as part of that transaction. We would require that any new owner honor the commitments in this Privacy Policy or obtain your consent for any material changes. We will notify you (for example, via email or a prominent notice on our site) of any ownership change or uses of your personal information that differ from those in this policy, as well as any choices you may have regarding your data.

●Legal Compliance and Safety: We may disclose your information if required to do so by law or in a good-faith belief that such action is necessary to: (a) comply with a legal obligation, such as a subpoena, court order, or search warrant; (b) protect and defend the rights, property, or safety of Elastic AI, our users, or the public. This could include exchanging information with law enforcement or other agencies to prevent fraud or investigate illegal activities. We will attempt to notify you of any governmental request for your personal information (to the extent allowed by law and if we have your contact information) so that you may seek to limit or protect it, unless we are prohibited from doing so by law (for example, an order under 18 U.S.C. § 2705(b) in the U.S.).

●With Your Consent: Aside from the cases above, we will share your personal information with third parties only with your consent. For instance, if we ever want to use a quote from your feedback or identify your company as a user on our website, we would seek your permission. Or if there"s a new integration that requires sharing data in a way not covered here, we would ask for your consent explicitly.

We want to emphasize that your code and prompts are not shared with any third parties except our subprocessors and AI model providers as necessary to serve you, and in those cases we have taken steps to ensure the data is not retained or misused. We do not provide your content or personal data to advertisers or unrelated third parties.

Data Retention and Deletion

Data Retention: We retain personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Here are some general retention practices for different categories of data:

●Account Information: We keep your account registration information (like your name, email, and account settings) for as long as your account is active. If you delete your account, we will remove or anonymize this information within a reasonable time after account deletion, except to the extent it is necessary to retain it for legal obligations (for example, records of payments for financial reporting, or logs needed for security and audits).

●AI Usage Data: By default (when Privacy Mode is not enabled), Elastic Copilot may store certain usage data:

○Prompt/Response logs: We may keep logs of prompts and AI outputs for a period of time to help improve the service and troubleshoot issues. These logs might be stored in a secure database and associated with a random identifier or your user ID. We aim to limit retention of raw prompt data to what is necessary. For instance, we might keep last 30 days of interactions for quick retrieval in your development history or for analysis, and aggregate statistics longer.

○Code Index data: If our service indexes your code for providing context, by default that index might be cached either locally (on your machine) or on our servers. However, Elastic Copilot uses local code indexing by design – meaning the full index of your repository stays on your machine. In some cases, a transformed or compressed representation of your code (like embeddings) might be stored on our server to enable certain features (e.g., long-term context or team collaboration). If so, those representations would exclude raw source code and be meaningless outside serving the AI functionality, but if Privacy Mode is on, we would not retain even these embeddings persistently (see Privacy Mode below).

○Telemetry and logs: General usage logs (without code content) may be kept for a longer period for security auditing and service analytics.

●Privacy Mode (Zero Retention) Option: We offer a Privacy Mode setting for users (especially important for enterprise or sensitive use-cases). When Privacy Mode is enabled, we guarantee that code data is not persistently stored on our servers. This means:

○We do not log or retain the actual content of your prompts or code that you send for AI processing. They pass through memory to the AI providers and are not written to disk on our side.

○We do not include your code or prompt data in any analytics or training datasets. Even our error logs or analytics will exclude code content if Privacy Mode is on (we implement filters to scrub such data).

○The AI model providers (OpenAI, Anthropic, etc.) already have zero-retention on their end for all users, as stated. Privacy Mode ensures we also do not retain it.

○If code embeddings or indexing are needed for functionality, Privacy Mode users have those processes either disabled or done in a non-persistent way. For example, if a cloud service were to store embeddings for searching your code, Privacy Mode would disable that feature or store the embeddings only ephemerally (or encrypt them with a key only you possess).

○Team Privacy Mode: If you are part of a team or enterprise that mandates Privacy Mode, we enforce it across all team members. Our infrastructure and policies are designed such that even inadvertent logging of code from Privacy Mode users is prevented or immediately purged.

●Payment and Transaction Data: We retain payment records and invoices as long as required for financial accounting and compliance (typically at least 7 years in many jurisdictions). However, we do not keep sensitive payment details like card numbers – those are with Stripe.

●Backups: Our systems may create backup copies of data (e.g., database backups) that are retained for disaster recovery purposes. These backups are securely stored and encrypted. Even after data is deleted from our active systems, it may persist in backups for a limited time until those backups are rotated. We have retention limits on backups and will eventually delete or overwrite data in backups according to our backup retention schedule.

●Deletion Upon Request: You have the right to request deletion of your personal data (see "Your Rights" below). Upon such a request, and verification of identity, we will delete or anonymize your personal information from our active databases, unless retaining it is required for legitimate business or legal purposes. Where data has been provided to third-party processors (like AI providers for processing or Stripe for payment), we will instruct them to delete that data as well, to the extent applicable. Note that complete removal from backups may await the natural expiration of those backup files, but those backups are protected and eventually deleted in the normal course.

When we delete data, we will do so in a manner designed to ensure it cannot be readily reconstructed or linked back to you.

Data Security Measures

Elastic AI employs a variety of security measures to protect your information from unauthorized access, disclosure, alteration, and destruction. While our separate Security Policy goes into more technical depth, here is an overview of how we safeguard your data:

●Encryption: All network communication between the Elastic Copilot extension, our servers, and third-party AI providers is encrypted in transit using TLS (HTTPS) to prevent eavesdropping. Sensitive data (such as passwords and tokens) is encrypted at rest in our databases. For example, your password is stored only in a hashed form, and API keys or tokens we store on your behalf are kept encrypted in our database.

●Access Controls: We restrict access to personal data to authorized personnel who need it to operate or improve the Service. Our team is trained on data security and privacy. Administrative access to our systems requires strong authentication (such as multi-factor authentication), and we log and audit administrative actions. Within our infrastructure, we use network segmentation and role-based access so that, for instance, an application server can only access the database records it needs and not others.

●Infrastructure Security: Elastic Copilot is hosted on Google Cloud Platform, which maintains robust physical and environmental security at its data centers. We leverage GCP security features such as firewalls, monitoring, and secure default configurations. We regularly update our software and dependencies to address security vulnerabilities, and we perform routine security testing and code reviews. We also utilize cloud security services for intrusion detection and anomaly monitoring on our systems.

●Third-Party Security: We vet our third-party subprocessors for strong security practices. For example, Stripe is a leading secure payment processor; Sentry has security measures to safeguard the logged data; and our AI partners (OpenAI, Anthropic, etc.) have their own stringent security protocols and compliance certifications. We have Data Processing Agreements in place where appropriate, binding these providers to safeguard personal data according to industry standards.

●Organizational Measures: We have an internal incident response plan for any security breaches or data incidents. If an incident occurs that affects your data, we will notify you and relevant authorities as required by law. We also minimize data exposure by following the principle of least privilege in our internal processes (only giving employees access to the data absolutely necessary for their role).

●User Responsibilities: Despite our efforts, no system is 100% secure. It"s important that you also take precautions: Use a strong, unique password for Elastic Copilot and do not share it. Keep your VS Code and extension updated to the latest versions. If you suspect any unauthorized access to your account, notify us immediately. We also encourage users to avoid sharing credentials or secrets with the AI unnecessarily – treat it as you would any cloud-based tool with regard to sensitive information.

For more details on our security practices, please refer to the Elastic Copilot Security Policy or contact our security team at founders@elasticapp.io.

International Data Transfers

Elastic AI is based in the United States, and our infrastructure is located in the U.S. As such, if you are accessing the Service from outside the United States, your information will be transferred to and processed in the United States (and potentially in other countries where our service providers are located, such as the countries where our third-party AI providers operate or backup data centers might reside). These countries may have data protection laws that are different from those of your country of residence, and in some cases, may not be as protective.

We rely on legally-provided mechanisms to transfer data lawfully across borders. If you are in the European Economic Area (EEA), United Kingdom, or Switzerland (even though our primary market is U.S. and our Service is oriented to U.S. law compliance), we take steps to ensure appropriate safeguards for your personal data, such as standard contractual clauses approved by the European Commission, or verifying that recipients are certified under frameworks like the EU-U.S. Data Privacy Framework (if applicable). By using Elastic Copilot, you consent to the transfer of your information to the United States and other countries as needed for our operations. We will handle your information in accordance with this Privacy Policy wherever it is processed.

If you have questions about international data transfer or require more information on the safeguards we use, please contact us.

Your Rights and Choices

You have certain rights and choices regarding your personal information. We are committed to providing you with access and control over your data. These rights may vary depending on your jurisdiction (for example, users in California or the EU have specific rights under laws like the CCPA or GDPR), but we extend many of these principles generally:

●Access and Portability: You can request a copy of the personal data we hold about you, and information explaining how that data is used and shared. In many cases, you can directly access and view your profile information and usage history by logging into your Elastic Copilot account. If you require a more detailed export, contact us and we will provide your data in a commonly used electronic format (subject to applicable law and authentication of your identity).

●Correction: You have the right to request correction of any inaccurate or incomplete personal information. You can update some of your account information (like your name or email) directly through your profile settings. For any other corrections, reach out to us and we will rectify any inaccuracies.

●Deletion: You can ask us to delete your personal information. As noted in the Data Retention section, if you choose to delete your Elastic Copilot account, we will remove personal data associated with your account (aside from data we are required or permitted to retain for legal or internal business purposes). You may also contact us at any time with a deletion request without deleting your whole account – for example, you might ask us to delete specific content or logs associated with your usage. We will honor deletion requests in accordance with applicable laws. Do note that deleting certain data (like your account or usage history) might impact your ability to use the Service or see past AI interactions.

●Opt-Out of Processing: If you are covered by certain privacy laws, you may have the right to object to or restrict our processing of your data (for example, to opt-out of any sale of data, or certain types of tracking). Elastic Copilot does not sell personal data, but if you have concerns about any specific processing, let us know. For analytics cookies on our website, you can use browser settings or opt-out mechanisms to disable them.

●Opt-Out of Marketing: As mentioned, you can unsubscribe from marketing emails at any time by using the unsubscribe link or contacting us. Transactional emails (account, billing, support) will still be sent as needed.

●Privacy Mode and Data Sharing Choices: A very direct way to control your data with Elastic Copilot is via the Privacy Mode setting. When on, it significantly limits data collection and retention, as described. We encourage users, especially those working with sensitive code, to enable Privacy Mode. Additionally, you can often configure what is sent to the AI – for example, you can exclude certain files or folders from AI suggestions (our extension may allow you to mark them or not include them in context). Check our documentation for features that give you fine-grained control.

●California Privacy Rights: If you are a California resident, the California Consumer Privacy Act (CCPA) provides you specific rights such as the right to know, right to delete, and right to opt-out of sale of personal info. We have covered access and deletion above. As we do not sell your data, the opt-out of sale is not applicable. We also will not discriminate against you for exercising any privacy rights (meaning we won"t deny service or provide different quality of service just because you made a privacy request).

●EU/UK GDPR Rights: If you are in the EEA or UK, our legal bases for processing your data include: (i) your consent (for optional data you provide or marketing communications), (ii) performance of a contract (providing you the Service you asked for), and (iii) legitimate interests (for improving our product, ensuring security, etc.), balanced with your rights. You have rights to access, rectify, erase, restrict, or object to certain processing of your data, as well as the right to data portability. You also have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.

●Authentication: For any request to access, change, or delete personal data, we will need to verify your identity to protect against unauthorized requests. This may involve confirming control of your email or other verification information. We aim to respond to requests within a reasonable timeframe, and within any timeframe required by law (e.g., within 30-45 days as applicable).

Children's Privacy

Elastic Copilot is not directed to children under the age of 13 (or under the age of 16 in certain jurisdictions). We do not knowingly collect personal information from children. If you are under 13, please do not use our Service or provide any personal information to us. If we learn that we have inadvertently collected personal data from a child under 13, we will take steps to delete such information as soon as possible. If you are a parent or guardian and you believe that your child under 13 (or under 16, as applicable) has provided us with personal information, please contact us so that we can delete the information.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we update the policy, we will change the "Last Updated" date at the top of this document. If the changes are material, we will provide a more prominent notice (such as by email notification or a message within the application). Your continued use of Elastic Copilot after any changes to this Privacy Policy signifies your acceptance of the updated terms, to the extent permitted by law. We encourage you to review this page periodically to stay informed about how we are protecting your information.

If you do not agree with any updates to the Privacy Policy, you should cease using the Service and may request deletion of your data as outlined above.

By using Elastic Copilot, you acknowledge that you have read and understood this Privacy Policy. Thank you for trusting Elastic Copilot with your software development needs – we are committed to protecting your privacy and creating a secure experience for our users.

Elastic Copilot