rigless.ai

Privacy Policy

Effective June 10, 2026

1. What we collect

  • Account data: email, name (optional), and a hashed password.
  • Content: code, files, and chat messages you create in your sessions.
  • BYO API keys: stored encrypted at rest, used only to make requests you initiate.
  • Billing data: handled by Stripe; we store your plan and subscription status, not full card numbers.
  • Operational logs: audit events (e.g. login, key changes) and limited request metadata such as IP address, for security and abuse prevention.

2. How we use it

We use your data to provide and secure the Service, process payments, communicate with you (e.g. verification and password-reset emails), prevent abuse, and comply with legal obligations. We do not sell your personal data.

3. Processors we share with

We share data with service providers strictly to operate the Service: our cloud host (compute and storage), Stripe (payments), Resend (transactional email), and Sentry (error monitoring). If you use BYO keys, requests are sent to the corresponding AI provider (e.g. OpenAI, Anthropic, Google). Each processes data under its own terms.

4. Retention

We keep account and content data for as long as your account is active. Sandbox environments are ephemeral and are torn down after inactivity. Audit logs are retained for a limited period for security purposes.

5. Deleting your data

You can delete your account at any time from Settings. Deletion permanently removes your account, sessions, messages, stored API keys, and custom agents, and cancels any active subscription. Some records may be retained where required by law (e.g. transaction records); audit logs are disassociated from your account.

6. Your rights

Depending on your location (e.g. EEA/UK under GDPR, California under CCPA), you may have rights to access, correct, export, or delete your personal data, and to object to certain processing. Contact us to exercise these rights.

7. Security

We use encryption in transit, encrypt stored API keys at rest, isolate workloads in sandboxed environments, and follow least-privilege practices. No system is perfectly secure, but we work to protect your data and respond to incidents.

8. Changes and contact

We may update this policy; material changes will be posted here with a new effective date. Questions or requests: privacy@riglessai.com.

Terms of Service·Home