Privacy Policy

1. Information We Collect

We collect the following information to provide our service:

  • Account data: Email address, name, profile image (via OAuth)
  • App data: Prompts, app specifications, code, tests, and metadata
  • API keys: Third-party API keys you store in our encrypted vault
  • Usage data: Build metrics, execution logs, QA reports, and analytics
  • Billing data: Stripe customer ID, subscription status (payment details stored by Stripe)

2. How We Use Your Data

We use your data solely to provide and improve MicroBuilder:

  • Generate and deploy your apps using AI models (OpenAI, Anthropic)
  • Authenticate and authorize access to your apps and data
  • Process payments and manage subscriptions
  • Monitor performance, detect errors, and improve reliability
  • Send transactional emails (verification, receipts, security alerts)

3. Data Security

We take security seriously and implement industry-standard protections:

  • Encryption: API keys encrypted with AES-256-GCM, master key in environment secrets
  • Access control: Owner validation on all sensitive operations (secrets, billing, exports)
  • Audit logging: All access to secrets and sensitive data is logged with timestamps
  • HTTPS only: All communications encrypted in transit
  • Regular backups: Automated backups of all apps and data

4. Data Sharing

We share your data only when necessary to provide our service:

  • AI providers: Prompts sent to OpenAI/Anthropic for code generation (per their privacy policies)
  • Payment processor: Stripe processes payments (per their privacy policy)
  • Cloud provider: Our infrastructure is hosted on enterprise cloud services
  • Analytics: PostHog for usage analytics (anonymized where possible)
  • Error tracking: Sentry for error monitoring (no personal data in error reports)

We never sell your data or share it for advertising purposes.

5. Your Rights

You have the following rights regarding your data:

  • Access: View all your apps, prompts, and account data in the dashboard
  • Export: Download your apps as JSON or code packages
  • Delete: Delete individual apps or your entire account
  • Portability: Export your data in machine-readable formats
  • Rectification: Update incorrect account information

6. Data Retention

We retain your data as follows:

  • Active accounts: Data retained indefinitely while account is active
  • Deleted apps: Soft-deleted for 30 days, then permanently removed
  • Closed accounts: Data retained for 30 days, then permanently deleted
  • Backups: Retained for 90 days for disaster recovery
  • Audit logs: Retained for 1 year for security purposes

7. Contact & Data Requests

For privacy questions, data access requests, or deletion requests, contact us at hello@microbuilder.dev. We will respond within 30 days.

Last updated: November 2, 2025