Strapping.ai logoStrapping.ai

Legal

Privacy Policy

Last updated: February 14, 2025_

This Privacy Policy describes how Strapping AI, Inc. ("Strapping," "we," "our," or "us") collects, uses, and shares personal information when you visit strapping.ai or use our products and services (the "Services"). By using the Services, you agree to the practices described here. If you do not agree, please discontinue use.

1. Information We Collect

  • Account and profile data: Name, email address, GitHub identity, and authentication tokens provided through Auth0 or similar providers.
  • Workspace and project data: Code, prompts, files, repositories, and related metadata that you create, upload, or edit within the Services.
  • Usage data: Log files, device information, IP address, browser type, timestamps, pages viewed, feature usage, and diagnostics such as error reports.
  • AI interactions: Prompts, messages, and generated outputs when you use AI-powered features. These may be routed through third-party AI providers.
  • Payment data: Billing contact information and transaction records if you purchase a paid plan. Payment card data is handled by our payment processor and not stored by Strapping.
  • Support communications: Feedback, support tickets, and other messages you send to us.

2. How We Use Information

We use information to:

  • provide, operate, and improve the Services (including hosting project workspaces);
  • authenticate you and manage accounts, sessions, and access control;
  • process transactions, subscriptions, and invoicing;
  • generate, deliver, and refine AI outputs and product recommendations;
  • monitor and secure the Services, detect abuse, and prevent fraud;
  • troubleshoot, debug, and enhance performance and reliability;
  • communicate with you about updates, security alerts, and support;
  • comply with legal obligations and enforce our agreements; and
  • create aggregated, de-identified analytics to improve the Services.

3. Cookies and Tracking

We may use cookies, local storage, and similar technologies to keep you signed in, remember preferences, understand usage, and measure the effectiveness of marketing. You can control cookies through your browser settings, but disabling cookies may limit functionality.

4. Legal Bases (EEA/UK Users)

Where required, we rely on the following legal bases to process personal data: (i) performance of a contract (to provide the Services); (ii) legitimate interests (for security, product improvement, and communications); (iii) compliance with legal obligations; and (iv) consent, where applicable.

5. How We Share Information

We share information with:

  • Service providers that support hosting, storage, analytics, logging, security, payments, customer support, email delivery, and AI processing;
  • Identity and version control providers, such as Auth0 and GitHub, to enable authentication and export flows;
  • AI providers to fulfill requests you make through AI features, consistent with your prompts and configuration;
  • Professional advisors (e.g., auditors, lawyers) under confidentiality obligations; and
  • Authorities when required by law, legal process, or to protect rights, property, or safety.

We do not sell personal information. If we are involved in a merger, acquisition, financing, or sale of assets, information may be transferred to the relevant third parties subject to customary confidentiality protections.

6. Data Retention

We retain information for as long as needed to provide the Services, comply with legal obligations, resolve disputes, enforce agreements, and maintain business records. Backup copies and logs may persist for a limited period after active data is deleted. Aggregated or de-identified data may be retained indefinitely.

7. Security

We employ technical and organizational measures such as encryption in transit, network segmentation, isolated per-project workspaces, and access controls. No system is perfectly secure; you are responsible for safeguarding your credentials and reviewing AI-generated code before relying on it.

8. International Transfers

Strapping is based in the United States. If you access the Services from other regions, your information may be transferred to and processed in the United States or other jurisdictions that may not provide the same level of data protection as your home country. Where required, we implement appropriate safeguards for such transfers.

9. Your Choices and Rights

Depending on your location, you may have rights to access, correct, delete, or restrict certain personal information, or to object to processing. To exercise these rights, contact privacy@strapping.ai. We may need to verify your identity and may not be able to accommodate requests that conflict with legal obligations or that would affect others' rights.

You may opt out of non-essential marketing communications by following the unsubscribe instructions in those messages. Transactional and service-related communications will still be sent as needed to operate the Services.

10. Children's Privacy

The Services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe we have collected such information, contact privacy@strapping.ai so we can delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by updating the "Last updated" date, posting the revised Policy, and/or sending an email or in-product notice. Your continued use of the Services after an update means you accept the changes.

12. Contact Us

If you have questions or requests about this Policy or our data practices, contact:

Strapping AI, Inc.
Attn: Privacy
San Francisco, CA 94104, USA (please email to confirm the current mailing address)
Email: privacy@strapping.ai