Privacy Policy

• Account data: name, email, and authentication identifiers from your identity provider (Google, GitHub, etc.).
• Workspace data: DNS records, domain names, deployment metadata, provider connections, chat messages, and workflow state that you create or import into the Service.
• Technical data: request logs, error traces, and aggregate usage metrics needed to operate, debug, and secure the Service.
• Billing data: processed by our payment provider — we never see your raw card details.

We use this information to provide the Service, authenticate users, sync with third-party providers you connect, send transactional communications, enforce security, and comply with law. We do not use your workspace data to train AI models — the agent reads your records on demand to answer your questions and proposes changes you explicitly approve.

We do not sell your personal information. We use a small list of subprocessors for hosting, payments, and email delivery. When you connect a provider (Cloudflare, Vercel, Azure, etc.), we exchange data with that provider under your authorization and the scope you grant.

We retain workspace data while your account is active and as needed for backups, security investigations, and legal obligations. You may request account deletion at any time — production data is removed within 30 days, encrypted backups age out within 90 days.

Depending on your region (GDPR, CCPA, and similar), you may have rights to access, correct, export, or delete personal data. Contact us through in-app support or your workspace admin and we'll respond within 30 days.

We encrypt data in transit (TLS) and at rest. Provider credentials and OAuth tokens are stored encrypted and scoped to a single workspace. For full details see the Security overview.

We may update this policy from time to time. Material changes will be announced via in-app notice or email. The change history below tracks every meaningful edit.