Privacy Policy

Last Updated: February 2026

Your privacy is not just a policy; it is our primary product feature. Whitehirst is designed to minimize data collection and maximize your sovereignty.

1. Data Location & Sovereignty

All virtual workstations and associated storage volumes are hosted physically in Nuremberg, Germany.

Whitehirst Ltd. is a registered company in the United Kingdom. We operate under the jurisdiction of England & Wales. We are not a US subsidiary, and your data is not subject to the US CLOUD Act.

2. No AI Training (Zero Retention)

Your workstation is a private enclave. We strictly do not use your data, code, or usage patterns to train Artificial Intelligence models.

Active Removal of Copilot: We actively surgically remove Microsoft "Copilot", "Recall", and AI integration services from the operating system image before provisioning. We block the relevant network endpoints at the firewall level. Your code remains your intellectual property and is never ingested by third-party LLMs.

3. Data We Collect

We collect only what is strictly necessary to provide the service:

4. Data We Do NOT Collect

Unlike standard Windows installations, our custom OS build has aggressive privacy modifications:

5. Data Retention

If you delete a workstation instance (or a Day Pass expires), the underlying disk is securely wiped by our infrastructure provider (Hetzner). Once deleted, data cannot be recovered.

6. GDPR Rights

As a UK/EU citizen, you have the right to request access to, correction of, or deletion of your personal data. To exercise these rights, please contact privacy@whitehirst.com.