Geta.Team is a platform that provides AI-powered virtual employees for businesses. Each AI employee has its own identity, email, phone number, persistent memory, and professional skill set. They work autonomously 24/7.

How much does Geta.Team cost?

Plans start at $49/month (Entry) with unlimited employees on every plan. Other plans include Solo ($99/mo), Starter ($179/mo), and Pro (from $389/mo). Annual billing saves 24%. A Community plan is available at $9/month.

Yes. Geta.Team uses AES-256 encryption at rest, TLS 1.3 in transit, is SOC2 certified and GDPR compliant. Your data is never used for AI training. Enterprise plans offer full data sovereignty.

Legal

Privacy Policy

How we collect, use, and protect your personal data.

Last modification date: 2026-05-28

Geta.Team ("GAT", "we", "us") is a service operated by Elestio Limited. Geta.Team is a trading name; the legal entity behind the Service is Elestio Limited, and references to "we" in this Privacy Policy refer to Elestio Limited acting under the Geta.Team brand.

Data Controller: Elestio Limited, 66 Fitzwilliam Square, Dublin 2, D02 AT27, Ireland. Company Registration No. 755058.

GAT provides AI Employees for businesses ("Service"). The users of the Service ("Users", "You") value their privacy. The purpose of this Privacy Policy is to provide You with relevant information regarding the use and disclosure of personal information collected through the Service, so You can make informed decisions about whether to use or continue using GAT.

This Privacy Policy is incorporated into GAT's Terms of Use and is subject to them. Capitalized terms not defined herein have the meaning set forth in the Terms of Use. Your use of GAT and any personal information You provide remain subject to this Privacy Policy and the Terms of Use.

1. Information Collected by GAT

Upon registration, purchase of the Service, and each time You access Your workspace, we collect the following information.

a) User-Provided Information

Personally identifiable information (such as name and email address) You provide when registering, configuring an AI Employee, or interacting with the Service.

b) Billing Information

If You sign up for a paid Service, we collect billing information necessary to process the transaction, which may include Your name, address, telephone number, credit card details, VAT/tax identifiers, and similar information as required by tax law. We do not store sensitive billing details: card details are discarded once the transaction is processed. Recurring subscriptions are handled by Stripe, our third-party payment gateway, which retains Your billing information on its secure infrastructure for as long as necessary to carry out the terms of Your subscription. If You close Your account, Your billing information is removed by Stripe.

c) Workspace & AI Employee Data

When You use an AI Employee, the agent processes data You provide to it (instructions, files, messages, generated content, persistent memory). This data is stored on the dedicated Virtual Machine ("VM") provisioned for Your workspace. Each customer workspace runs on its own dedicated VM; we do not aggregate Your AI Employee conversations, files, or memory into a central GAT database. When You delete a workspace, the underlying VM is destroyed and the data with it.

d) Third-Party Connectors (OAuth integrations)

You may connect Your AI Employee to external services such as Gmail, Google Calendar, Google Drive, Microsoft Outlook, Microsoft Teams, OneDrive, SharePoint, Slack, Notion, LinkedIn, X, WhatsApp, Telegram, Discord, and others. When You do so:

You explicitly authorize the connection through the relevant provider's OAuth consent flow.
The data accessed is determined by the scopes You grant.
That data is processed by the AI Employee on Your dedicated workspace VM as needed to perform the tasks You assign.
The third-party service remains an independent data controller; its own privacy policy continues to apply to the data it holds.
You can revoke a connector at any time from Your workspace settings or directly from the provider.

e) Cookies, Similar Technologies and Aggregate Telemetry

When You visit geta.team or use the Service, we use cookies, similar technologies (local storage, session storage), and aggregate telemetry. We treat them in three categories, in line with the ePrivacy Directive and the GDPR:

Strictly necessary cookies — required for the Service to function (authentication, session management, security, load balancing, CSRF protection). These do not require consent. Examples: saas_session_token (httpOnly, lifetime 7 days), theme (UI preference, lifetime 1 year).
Aggregate, memory-only telemetry — at every pageload we initialise our product analytics library (PostHog) in memory-only mode. In this mode, no cookie and no localStorage entry is created; events stay in volatile RAM, contain no persistent identifier, and cannot be linked across sessions. We use this to measure aggregate metrics (pageviews, bounce rate, scroll depth) on the marketing site. Because nothing is stored on Your terminal, this collection does not fall within the scope of Article 5(3) of the ePrivacy Directive.
Non-strictly-necessary cookies and persistent analytics identifiers — set only after You give explicit, prior consent through our cookie consent banner. On Accept, PostHog is upgraded to localStorage+cookie persistence so we can recognise Your device across sessions; on Decline, PostHog is opted-out and no further events are sent. You can change or withdraw Your consent at any time via the "Cookie preferences" link in the footer.

The cookie consent banner is shown on Your first visit and gives a symmetric Accept / Reject choice; refusing is as easy as accepting.

You may also configure Your browser to refuse cookies entirely; some functionalities of GAT (in particular sign-in) require strictly necessary cookies and will not work if all cookies are disabled.

f) Log Files

Our servers automatically record information sent by Your browser, such as Your IP address, browser type and language, referring/exit pages, URL, platform type, number of clicks, pages viewed, time spent on pages, request timestamps, and one or more cookies that may uniquely identify Your browser.

2. Use of the Information

If You submit personally identifiable information to us through GAT, we may use it to:

Provide the Service to You.
Provide customer support and respond to Your requests, questions, and comments.
Diagnose or fix technical problems.
Inform You about Services that may be of interest to You.
Operate, evaluate, and improve our business (developing new Services, managing communications, analyzing the effectiveness of our sales and marketing, and performing accounting, auditing, invoicing, reconciliation, and collection activities).
Perform data analysis (market and consumer research, trend analysis, financial analysis, and anonymization of personal information).
Protect against, identify, and prevent fraud and other criminal activity, claims, and other liabilities.
Comply with applicable legal requirements and our policies.

2.1 Legal Bases for Processing (GDPR Article 6)

Under the GDPR, every processing activity must rely on a specific legal basis. The table below maps each purpose described above to the legal basis on which we rely:

Providing the Service to You (account creation, workspace provisioning, AI Employee execution, customer support) — necessary for the performance of the contract between You and us (Art. 6(1)(b)).
Billing, invoicing, payment processing, accounting, tax records — necessary for the performance of the contract (Art. 6(1)(b)) and for compliance with our legal obligations (Art. 6(1)(c), in particular Irish accounting and tax law).
Diagnosing and fixing technical problems, securing the Service, log retention — necessary for our legitimate interests in ensuring the security, integrity, and reliability of the Service (Art. 6(1)(f)).
Fraud prevention, abuse detection, enforcement of our Terms of Use — necessary for our legitimate interests in protecting the Service, our Users, and third parties (Art. 6(1)(f)).
Marketing communications and product updates — based on Your prior consent where required (Art. 6(1)(a)), or on our legitimate interests in promoting our Service to existing Users (Art. 6(1)(f)), subject in either case to Your right to object or withdraw consent at any time.
Service improvement, analytics, market and trend analysis — based on our legitimate interests in evaluating and improving the Service (Art. 6(1)(f)); we do not use Your AI Employee content for these purposes (see Section 3).
Cookies and similar technologies (non-strictly-necessary) — Your consent (Art. 6(1)(a)) collected via our cookie consent mechanism (see Section 1.e).
Responding to legal requests, complying with court orders, regulatory cooperation — compliance with our legal obligations (Art. 6(1)(c)) and, where relevant, our legitimate interests in defending legal claims (Art. 6(1)(f)).

Where we rely on legitimate interests (Art. 6(1)(f)), we have carried out a balancing test to ensure that Your rights and freedoms do not override those interests. You have the right to object to such processing — see Section 7.f.

3. No Use of Your Data to Train AI Models

We do not use Your data — including the content of Your AI Employee conversations, files, memory, or connected third-party data — to train, fine-tune, or otherwise improve any large language model, whether ours or operated by a third party.

When we route requests to LLM providers (such as Anthropic, OpenAI, Google, and OpenRouter), we use API endpoints and contractual terms that prohibit the provider from using customer inputs or outputs for model training.

4. Sub-processors

We rely on a limited number of third-party providers ("sub-processors") that perform services on our behalf to operate GAT. These sub-processors are bound by contractual obligations consistent with this Privacy Policy and applicable data protection law.

Anthropic — LLM provider powering the AI Employees (United States).
OpenAI — LLM provider powering the AI Employees (United States).
Google — LLM provider powering the AI Employees (United States).
OpenRouter — LLM provider routing requests to multiple model providers (United States).
Elestio — infrastructure provider hosting the dedicated workspace VMs (EU or US region, selected by You).
Stripe — payment processing.
Brevo — transactional email delivery.
Additional sub-processors may be added; the current list is maintained on this page and updated when changes occur.

This list refers only to providers we use to operate the Service. It is distinct from the third-party connectors (Section 1.d) that You optionally connect to Your AI Employee.

5. Data Location and International Transfers

Each workspace runs on a dedicated VM hosted in the region You select (European Union or United States). You choose the hosting region at workspace creation, and Your workspace data stays in that region.

Some sub-processors (notably Anthropic, OpenAI, Google, and OpenRouter for LLM inference) are located in the United States. Where personal data is transferred outside the European Economic Area, we rely on appropriate safeguards under the GDPR, including Standard Contractual Clauses where applicable. The data is always held securely and in accordance with applicable law.

6. Disclosure of Information

We do not sell, or otherwise share, personal information about You, except as described in this Privacy Policy.

We may share personal information with the sub-processors listed in Section 4, based on our instructions, who are not authorized to use or disclose the information except as necessary to perform services on our behalf or comply with legal requirements.

We may release personally identifiable and/or non-personally identifiable information if required to do so by law, or in the good-faith belief that such action is necessary to comply with applicable laws or respond to a court order, subpoena, or search warrant.

It may be necessary to share information to investigate, prevent, or take action regarding suspected or actual illegal activities, including fraud, potential threats to public safety, violations of our Terms of Service, or as otherwise permitted by law.

GAT also reserves the right to disclose personally identifiable and/or non-personally identifiable information that we believe, in good faith, is appropriate or necessary to enforce our Terms of Use, take precautions against liability, investigate and defend ourselves against third-party claims, assist government enforcement agencies, protect the security or integrity of our websites and services, and exercise or protect the rights, property, or personal safety of GAT, our staff, our Users, or others.

7. User Rights

The General Data Protection Regulation provides You with several rights as a data subject. We will respond to Your requests within one month of receipt, or inform You where an extension is required.

You are not obligated by law to provide us with any information. You acknowledge and agree that any information You do provide is provided of Your own free will and consent, for the purposes described herein.

a) Right of Access

We will provide You with details relating to Your information upon receipt of a request sent by email to contact@geta.team, after verification of Your identity.

b) Right to Rectification

Most information we store about Your account is accessible through Your workspace and account settings. You may use this interface to correct, update, or delete Your information at any time. We encourage You to keep this information up to date so that customer service requests and billing processes operate efficiently.

c) Right to Erasure

You can erase the data held on Your dedicated workspace VM at any time by deleting the workspace directly from Your account: this destroys the VM and the data it contains. If You only cancel Your subscription without deleting the workspace, the VM remains active until the end of the current billing period, after which it is decommissioned. To completely remove the remaining account-level personal information from our systems (e.g., profile, billing identifiers), send an email to contact@geta.team and ask for account deletion; we will require You to confirm certain security information in order to verify Your identity and process Your request.

d) Right to Data Portability

You can request to receive the personal data You provided to us in a structured, commonly used, and machine-readable format, and have the right to transmit this data to another controller.

e) Right to Restriction of Processing (Art. 18)

You have the right to ask us to restrict the processing of Your personal data in the circumstances set out in Art. 18 GDPR — for example, while the accuracy of data You contest is being verified, or while we evaluate an objection You have raised. While processing is restricted, we will only store the data; further processing requires Your consent or another lawful ground.

f) Right to Object (Art. 21)

Where we process Your personal data on the basis of our legitimate interests (Art. 6(1)(f)) — including for fraud prevention, security, analytics, or direct marketing — You have the right to object at any time on grounds relating to Your particular situation. We will stop the processing unless we can demonstrate compelling legitimate grounds that override Your rights, or the processing is necessary to establish, exercise, or defend legal claims. Where the processing is for direct marketing, You have an absolute right to object and we will stop immediately.

g) Rights Related to Automated Decision-Making (Art. 22)

GAT does not subject You to decisions based solely on automated processing — including profiling — that produce legal effects concerning You or similarly significantly affect You. While Your AI Employees process information autonomously, the outcomes of that processing are operational tasks performed under Your instruction and supervision; they are not used by us to make decisions about You as a data subject (e.g., eligibility, pricing, account standing) without human involvement.

h) Right to Withdraw Consent (Art. 7(3))

Where we process Your personal data on the basis of Your consent (Art. 6(1)(a)) — for example, marketing communications or non-strictly-necessary cookies — You have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal. You can withdraw consent by changing Your communication preferences in Your account settings, by clicking the unsubscribe link in our marketing emails, by updating Your cookie preferences via our cookie consent mechanism, or by emailing contact@geta.team.

i) Data Retention

We retain Your information for as long as Your account is active, or as needed to provide the Service. Conversations, files, and memory generated by Your AI Employees are retained on Your dedicated workspace VM for the lifetime of that workspace; they are removed when You delete the workspace, or when the workspace is decommissioned at the end of the billing period following subscription cancellation (see Section 7.c). We retain and use Your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

j) Right to Lodge a Complaint with the Data Protection Commissioner

Because the legal entity operating Geta.Team (Elestio Limited) is established in Ireland, You have the right to lodge a complaint with the Irish Data Protection Commissioner by emailing info@dataprotection.ie, or by writing to the Data Protection Commissioner, Canal House, Station Road, Portarlington, R32 AP23 Co. Laois, Ireland.

7.1 Data Protection Officer (DPO)

We have appointed a Data Protection Officer (DPO) responsible for overseeing questions related to this Privacy Policy and our data protection practices. If You have any questions about this policy or how we handle Your personal data, including any requests to exercise Your legal rights, please contact our DPO (Steven Betito) at: steven@elest.io.

8. Data Security

We maintain administrative, technical, and physical safeguards designed to protect personal information You provide against accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use. We cannot, however, guarantee the security of any information You provide, and You do so at Your own risk. Once we receive the information You submit, GAT makes commercially reasonable efforts to ensure the security of our systems. However, it is not guaranteed that information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.

To protect Your privacy and security, we take reasonable steps (such as requiring a unique password) to verify Your identity before granting account access or making corrections. You are responsible for maintaining the secrecy of Your password and account credentials at all times.

If GAT becomes aware of a security breach, we may (i) notify You electronically so that You can take appropriate protective steps, or (ii) post a notice on our website.

Given that the Internet is a global environment, using it to collect and process personal data involves the transmission of data on an international basis. Data You pass to us may be processed outside the European Economic Area, but it will always be held securely and in accordance with applicable law.

When processed as part of a hosted service, the information is processed and stored on the infrastructure of the sub-processors listed in Section 4, hired to provide hosting and related services; our agreements with these parties require that they not use, disclose, or share such information beyond what is necessary to operate the Service.

9. Policy on Responding to External Requests for Customer Data

GAT is committed to protecting the privacy, security, and confidentiality of our customers' data.

We will only consider external requests for customer data if one of the following conditions is met:

The request is made pursuant to a valid and enforceable court order, warrant, or statutory obligation recognized under Irish or EU law.
The request is routed through an applicable international legal assistance mechanism (e.g., MLAT).
We have obtained the freely given, specific, informed, and unambiguous consent of the data subject.
There is a legitimate legal obligation under Irish or EU law compelling disclosure.

We limit data collection and retention to the minimum necessary for operational purposes. We use robust security measures, including encryption, access controls, and the dedicated-VM workspace isolation described in Section 1.c, to protect customer data. As a result, certain data may be inaccessible to us even if a valid request is received.

We aim to notify affected customers of any third-party data request involving their information, unless:

We are legally prohibited from doing so,
The request is clearly non-contentious and already disclosed under applicable terms (e.g., fraud detection), or
Immediate disclosure would compromise an investigation or endanger individuals.

10. Other Sites

Our website may contain links to other websites that are outside our control and are not covered by this Privacy Policy. If You access other sites using the links provided, the operators of these sites may collect information from You that will be used in accordance with their privacy policy, which may differ from ours.

11. Changes and Updates to This Privacy Policy

This Privacy Policy may be revised periodically; revisions will be reflected in the "Last modification date" stated at the top of this page. Please revisit this page to stay aware of any changes. In general, we use Your personal information only in the manner described in the Privacy Policy in effect at the time we received the information. Your continued use of the Service constitutes Your agreement to this Privacy Policy and any future revisions.

12. Contact Information

Data Controller: Elestio Limited, 66 Fitzwilliam Square, Dublin 2, D02 AT27, Ireland. Company Registration No. 755058.

Data Protection Officer (DPO): Steven Betito — steven@elest.io. The DPO is Your point of contact for any question or request regarding the processing of Your personal data, including the exercise of Your rights under the GDPR.

General privacy enquiries: contact@geta.team.

Last updated: 2026-05-28