Last updated: March 2026
1. Data We Collect
We collect the minimum data needed to provide Codepylot:
- Account data: Name, email, and profile picture from your OAuth provider (GitHub or Google)
- Project data: Projects, stories, sprints, and acceptance criteria you create
- Usage data: Activity logs of actions taken within the app (story creation, status changes, etc.)
- Payment data: Processed by Paddle. We store only your customer ID and subscription status.
2. How We Use Your Data
- To provide and improve the Codepylot service
- To process payments and manage subscriptions
- To send service-related notifications
3. Third-Party Services
- Paddle for payment processing
- Sentry for error monitoring (anonymous crash reports)
- GitHub/Google for authentication
- Anthropic/Ollama for AI story rewriting (story text is sent to the configured AI provider)
4. Data Retention
We retain your data for as long as your account is active. When you delete your account, we soft-delete your personal information and anonymize your activity logs. Project data associated with other members remains intact.
5. Your Rights
Under GDPR and similar regulations, you have the right to:
- Access your data (Settings → Export Data)
- Delete your account and data (Settings → Delete Account)
- Portability — export your data as JSON
- Rectification — update your profile through your OAuth provider
6. Contact
For privacy inquiries, contact us at privacy@codepylot.dev.