Legal

Privacy Policy

Last updated May 30, 2026

What we collect

When you create an account we store your email address and, for OAuth sign-ins, your display name and avatar from the provider. We store hashed API keys (never the plaintext) and metadata about API requests you make — the tool called, response time, and status code — to power your usage dashboard and to operate the Service.

How we use it

We use this data to authenticate you, show your usage analytics, enforce rate limits, and improve reliability. We do not sell your personal data.

Third parties

Authentication and data storage are handled by Supabase. OAuth sign-in providers (Google, GitHub) receive only what is required to authenticate you. These providers process data under their own privacy policies.

Retention & deletion

You can revoke API keys at any time from the dashboard. Request account deletion from Settings; we remove your profile and revoke associated keys. Aggregate, non-identifying usage statistics may be retained.

Contact

Questions about privacy? Reach out through the project repository.

This document is a general template and not legal advice. Replace it with a policy reviewed by counsel before commercial launch.