1. Introduction
This Privacy Policy explains how autoplans.dev ("we", "us", or "our") collects, uses, discloses, and protects your personal information when you use our AI development agent orchestration platform.
We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and other relevant privacy regulations.
3. Information We Collect
3.1 Information You Provide
- Account Information: Name, email address, GitHub username when you sign up
- Profile Information: Additional details from your GitHub profile including avatar, bio, location, and company
- Project Data: Project names, descriptions, tasks, and code you create or generate through our platform
- Communication Data: Messages you send through our chat interfaces and support inquiries
- Payment Information: Processed and stored by Paddle.com (our payment processor) - we do not store credit card details
3.2 Information Automatically Collected
- Usage Data: Pages visited, features used, time spent, and interaction patterns
- Device Information: Browser type, operating system, device type, IP address
- Log Data: Server logs including timestamps, request types, and error messages
- Cookies: Session cookies for authentication and functionality (see Cookie Policy below)
3.3 Information from Third Parties
- GitHub: Profile information, repository data, commit history (only when you authorize access)
- Paddle: Subscription status, payment information, transaction history
4. How We Use Your Information
We use your personal information for the following purposes:
4.1 Service Provision
- Create and manage your account
- Provide AI planning and code generation services
- Enable GitHub integration features
- Process and fulfill your requests
- Monitor token usage and enforce limits
4.2 Communication
- Send service-related notifications and updates
- Respond to your inquiries and support requests
- Send important account and billing information
- Notify you about changes to our services or policies
4.3 Service Improvement
- Analyze usage patterns to improve our platform
- Debug technical issues and improve performance
- Develop new features based on user needs
- Conduct research and analytics
4.4 Security and Fraud Prevention
- Protect against unauthorized access
- Detect and prevent fraud or abuse
- Ensure platform security and integrity
- Comply with legal obligations
4.5 Legal Basis (GDPR)
Under GDPR, we process your data based on:
- Contract Performance: Processing necessary to provide our services
- Consent: When you explicitly agree (e.g., marketing communications)
- Legitimate Interest: For service improvement and fraud prevention
- Legal Obligation: When required by law
5. Information Sharing and Disclosure
We do not sell your personal information. We share your information only in the following circumstances:
5.1 Service Providers
- Paddle.com: Payment processing and subscription management
- OpenRouter: AI model access for code generation and planning
- GitHub: Repository integration (only when you authorize)
- Cloud Infrastructure: Hosting and data storage providers
5.2 Legal Requirements
We may disclose your information if required to:
- Comply with legal obligations or court orders
- Protect our rights, property, or safety
- Investigate fraud or security issues
- Enforce our Terms & Conditions
5.3 Business Transfers
If autoplans.dev is involved in a merger, acquisition, or asset sale, your personal information may be transferred. We will notify you before your information becomes subject to a different privacy policy.
6. Data Security
We implement industry-standard security measures to protect your information:
- Encryption: All data transmitted over HTTPS/TLS
- Token Storage: GitHub access tokens encrypted using AES-256-GCM
- Access Controls: Strict authentication and authorization mechanisms
- Regular Audits: Security assessments and vulnerability scans
- Data Backups: Regular backups with encryption at rest
However, no method of transmission over the internet is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.
7. Data Retention
We retain your personal information for as long as necessary to:
- Provide our services to you
- Comply with legal obligations
- Resolve disputes and enforce agreements
- Maintain business records
When you delete your account:
- Your personal data is removed from active systems within 30 days
- Some data may be retained in backups for up to 90 days
- Certain records may be retained longer for legal or regulatory compliance
8. Your Rights (GDPR)
Under GDPR and similar regulations, you have the following rights:
- Right to Access: Request a copy of your personal data
- Right to Rectification: Correct inaccurate or incomplete data
- Right to Erasure: Request deletion of your personal data ("right to be forgotten")
- Right to Restriction: Limit how we use your data
- Right to Data Portability: Receive your data in a structured, machine-readable format
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Withdraw consent for data processing at any time
To exercise these rights, contact us at privacy@autoplans.dev. We will respond within 30 days.
9. Cookies and Tracking
We use cookies and similar technologies for:
- Essential Cookies: Required for authentication and core functionality
- Functional Cookies: Remember your preferences and settings
- Analytics Cookies: Understand how users interact with our platform
You can control cookies through your browser settings. Note that disabling essential cookies may affect platform functionality.
10. Third-Party Services
Our platform integrates with third-party services that have their own privacy policies:
We recommend reviewing their privacy policies to understand how they collect and use your information.
11. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including:
- Standard contractual clauses approved by regulatory authorities
- Privacy Shield certification (where applicable)
- Other legally approved transfer mechanisms
12. Children's Privacy
autoplans.dev is not intended for users under 13 years of age (or 16 in the EU). We do not knowingly collect personal information from children. If we discover that we have collected data from a child, we will delete it immediately.
13. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by:
- Posting the updated policy on this page
- Updating the "Last Updated" date
- Sending an email notification for material changes
Continued use of our services after changes constitutes acceptance of the updated policy.
15. Supervisory Authority
If you are in the EU/EEA, you have the right to lodge a complaint with your local data protection supervisory authority if you believe we have violated your privacy rights.