Privacy
Lightweight summary for the private beta. Full policy lands before public launch.
What we store
- Account profile from your identity provider (email, display name, organization membership).
- Build inputs and outputs you submit through the Studio: feature requests, generated specs, code, and validation traces.
- LLM call metadata for cost accounting and forensics — model name, token counts, redacted prompt and response snippets.
- Billing identifiers when you subscribe (Stripe customer ID, subscription state). Card details live with Stripe, not us.
What we don't do
- We don't sell data. We don't share it with third parties beyond the providers needed to run the service (LLM gateway, identity, billing, storage).
- We don't train models on your builds. BYOK builds bypass our LLM gateway entirely.
- We don't read your generated workspaces beyond what's required to validate and deploy them.
Retention
Build artifacts honor the retention_policy you pick on the Launch form (Studio submit). Forensics traces persist alongside the build. Account deletion + data export are coming as part of compliance work tracked in our public ADR queue.
Sub-processors
We rely on a small set of vendor capabilities — identity, LLM routing, structured state, blob storage, payments, deploy hosting. Each is interchangeable by design (capability over vendor) and disclosed in full ahead of public launch.
Questions or a deletion request? Email [email protected]. We'll respond within five business days during the beta.