Privacy Policy

Account information: your name and email address, managed through our identity provider (Ory) when you sign up or sign in.

Billing information: if you subscribe to a paid plan, payment details are collected and processed by Stripe. We do not store full card numbers.

Usage and workspace data: the projects and content you choose to use with the Service, plus basic logs (such as IP address and timestamps) we keep for security and reliability.

We use your information to provide and secure the Service, authenticate you, process payments, respond to support requests, detect and prevent abuse, and improve the product. We do not sell your personal information.

Where applicable law requires a legal basis, we rely on performance of our contract with you (to provide the Service), our legitimate interests (to secure and improve the Service), your consent (where requested), and compliance with legal obligations.

We share data with vetted providers only as needed to run the Service: Ory (identity and authentication), Stripe (payments), DigitalOcean (cloud hosting), Cloudflare (DNS, CDN, and security), and Postmark (transactional email). Each processes data on our behalf under its own terms.

We use strictly necessary cookies — primarily a secure session cookie to keep you signed in. We do not use advertising or cross-site tracking cookies.

We keep your information while your account is active. When you close your account, we delete or anonymize your personal data within a reasonable period, except where we must retain it to meet legal, accounting, or security obligations.

Depending on where you live, you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. To exercise these rights, contact us at [email protected].

We protect your data with encryption in transit, access controls, and other safeguards. No method of transmission or storage is completely secure, but we work to protect your information and to address issues promptly.

We may process and store information in countries other than where you live. Where required, we use appropriate safeguards for such transfers.

The Service is not directed to children under 13 (or the age of digital consent in your country), and we do not knowingly collect their personal data.

We may update this Policy from time to time. We will revise the "Last updated" date above and, for material changes, take reasonable steps to notify you.

Questions about your privacy or this Policy? Email us at [email protected].