Muster
Legal

Privacy notice

How Muster handles personal data when you visit muster.team or use the Muster service.

Last updated: 27 March 2026

Who we are

Muster is operated by the Muster team (the "Company", "we", "us"). Contact: hello@muster.team. Registered office and full legal entity name will be added once the operating company is incorporated.

This notice covers two surfaces: the marketing site at muster.team and the Muster email automation service. Different roles apply to each (see below).

Roles under GDPR

On the marketing site we act as a controller for the limited personal data we collect from visitors and prospective customers. Inside the product we act as a processor on behalf of the customer organisation that subscribes to Muster. The customer is the controller of the personal data they upload, configure, or generate inside their tenant. Our role and obligations as a processor are set out in the Data Processing Addendum.

What we collect on the marketing site

  • Contact data you submit voluntarily. When you email hello@muster.team or fill in a demo request, we receive your name, email, and the content of your message.
  • Anonymous traffic metadata. Standard server logs (timestamp, request path, response status, truncated IP address). We do not run third-party analytics or advertising trackers on the marketing site.
  • Theme preference.Stored in your browser's local storage to remember whether you prefer light or dark mode. Never sent to our servers.

What we collect inside the product

Inside the Muster service, the data we process is the data your employer authorises, configures, or generates while using Muster:

  • Account identifiers (name, work email, role within the tenant).
  • Shared mailbox metadata, processing state, reviewer routing (where review mode is enabled), and delivery records for employee email questions.
  • Employee email content while it is being processed to draft and send an answer (and, where review mode is on, to route the draft for reviewer approval).
  • SharePoint document references, retrieved policy chunks, citation metadata, and reviewer decisions where applicable.
  • Operational telemetry (login times, IP, user agent) used for security monitoring and audit.

We do not sell, rent, or share product data with third parties for marketing purposes. Language-model inference runs on self-hosted infrastructure inside Muster's environment; no third-party AI vendor receives your tenant's email content, SharePoint policy passages, or generated drafts, and your tenant's data is not used to train any model.

Lawful bases

  • Contract. To provide and operate the service you have signed up for.
  • Legitimate interest. Limited security logging, fraud prevention, and product improvement that does not rely on personal content.
  • Consent. Optional cookies or features that require your active opt-in. We default to the most privacy-preserving option.
  • Legal obligation. When required by tax, accounting, or law-enforcement requests we have validated.

Retention

Marketing-site enquiries are kept for 24 months unless you ask us to delete them sooner. Inside the product, retention defaults are tenant-configurable. Email body content is designed to be processed for the workflow and discarded after completion; operational records keep metadata, reviewer decisions, source references, and delivery state. Changes to a tenant's retention defaults are themselves recorded as audit rows.

Your rights

If you are in the EEA or the UK you have the right to access, correct, delete, restrict, or port your personal data, and to object to processing based on legitimate interest. To exercise these rights for marketing-site data, email hello@muster.team. For product data, contact your tenant administrator first; we will support them in fulfilling the request.

You may also lodge a complaint with the data-protection authority of your member state.

International transfers

Our infrastructure is hosted within the European Union by default. Some subprocessors may transfer data outside the EEA under Standard Contractual Clauses; the current list is maintained on the Subprocessors page.

Security

We follow standard practices for a SaaS handling internal policy email data: encryption in transit and at rest, least-privilege access for staff, regular dependency updates, secrets stored in a managed vault, audit logs for production access, and tenant isolation for mailbox records and retrieval collections. A short security summary is available on request.

Changes to this notice

Material changes will be announced in-product and via email to tenant administrators at least 30 days before they take effect. Non-material changes (clarifications, contact details) take effect on publication.

Contact

Questions or requests: hello@muster.team.