Privacy Policy

What we collect

• Account info: Email and GitHub profile (via OAuth). No passwords stored.
• Designs: Organization designs you save to the cloud.
• API keys: Encrypted at rest (AES-256-GCM). Used only to run your Cloud Gateway.
• Usage data: Basic analytics (page views, feature usage) via Vercel Analytics. No personal tracking.

What we don't do

• We don't sell your data
• We don't share your data with third parties (except infrastructure: Supabase, Vercel, Fly.io, Stripe)
• We don't log your API keys or AI conversations
• We don't use your data to train AI models

Data storage

• Local-only mode: All data stays in your browser. Nothing sent to our servers.
• Cloud mode: Data stored in Supabase (PostgreSQL) with Row Level Security.
• Gateway: Runs on Fly.io in the region you choose. Destroyed when you stop it.

Your rights

You can:

• Export all your data at any time
• Delete your account and all associated data
• Self-host the entire application (MIT License)

Cookies

We use essential cookies for authentication (Supabase session). No tracking cookies.

Contact

Questions about privacy? Open an issue on GitHub.