Privacy Policy

Account registration details (name, email address)

Payment information processed through our payment provider (we do not store card numbers)

Support requests and feedback you submit

Content you choose to sync via cloud features

Feature usage patterns (which tools you use, not the content you create)

Error reports and crash logs (stripped of personal data)

Performance metrics (startup time, memory usage)

IDE version and operating system

Your source code, unless you explicitly use cloud sync

AI prompt content when using local LLMs

File names or directory structures

Clipboard contents

Browsing history outside skulptor.ai

Provide, maintain, and improve the Services

Process transactions and send related information

Send technical notices, security alerts, and support messages

Respond to your comments, questions, and support requests

Monitor and analyze trends, usage, and activities to improve the Services

Detect, investigate, and prevent fraudulent transactions and abuse

Service providers: We work with third-party companies that help us operate (hosting, payment processing, email delivery). They access data only to perform services on our behalf and are contractually obligated to protect it.

Cloud AI providers: If you use cloud-based AI features (not local LLMs), your prompts are sent to the selected provider (OpenAI, Anthropic, etc.) under their respective privacy policies. We do not store these interactions.

Legal requirements: We may disclose information if required by law, subpoena, or government request.

Business transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

All data in transit is encrypted using TLS 1.3

Data at rest is encrypted using AES-256

API keys are stored in your operating system's native keychain

Cloud infrastructure uses SOC 2 compliant hosting providers

Regular security audits and penetration testing

Automated vulnerability scanning of dependencies

Account data is deleted within 30 days

Telemetry data (if opted in) is purged within 90 days

Backups containing your data are rotated out within 120 days

Payment records are retained as required by law

Access: Request a copy of the personal data we hold about you

Correction: Request correction of inaccurate personal data

Deletion: Request deletion of your personal data

Portability: Request your data in a portable format

Opt-out: Disable telemetry at any time in IDE settings

Withdraw consent: Withdraw consent for optional data processing

Essential cookies: Required for the website to function (session management, security tokens)

Analytics cookies (opt-in): Anonymous usage data via privacy-respecting analytics (no Google Analytics)