Privacy
Last updated: May 23, 2026
What we encrypt
Your module content, conversation history, extracted facts, project state, and assembled context are encrypted at rest by our database. Zero-knowledge client-side encryption is on the roadmap; until then, data is protected by database-level encryption and strict row-level access controls that scope every row to its owner.
What we see
We collect anonymous, structural product events — counts, types, token counts, latencies, and provider/model names. They never contain your module content, conversation text, fact text, or anything you typed. The complete list:
| Event | What it records |
|---|---|
| module_created | type, token_count, has_description |
| module_updated | type, token_count, fields_changed (field names only) |
| module_archived | type, token_count |
| briefing_composed | module_count, total_tokens, types_loaded |
| context_card_copied | module_count, total_tokens |
| module_touched | type, days_since_last_referenced |
| apikey_saved | provider |
| apikey_tested | provider, ok |
| conversation_started | provider, model_id, modules_loaded_count, context_tokens, has_state_block |
| chat_message_sent | provider, model_id, message_index |
| chat_message_received | provider, model_id, message_index, latency_ms, output_tokens |
| conversation_resumed | provider, model_id, prior_message_count |
| relevance_scored | provider, model_id, input_tokens, output_tokens, latency_ms, modules_count, trimmed |
| relevance_skipped | reason |
| gap_suggestion_shown / _accepted / _dismissed | match_count |
| extraction_run | provider, model_id, token counts, latency_ms, message/module counts, facts_count, proposals_count, state_updates_applied, ok, skip_reason |
| fact_reviewed | action, edited |
| proposal_reviewed | action, edited, type |
| state_auto_updated | type |
| onboarding_completed / onboarding_skipped | (no properties) |
| data_exported | module_count, conversation_count, fact_count, proposal_count |
| account_deleted | (no properties) |
| module_tier_changed | to_tier |
| waitlist_joined | source (landing | settings) |
| conversation_deleted | message_count |
| message_copied | role |
| message_edited | messages_truncated |
| onboarding_demo_started | source (suggested | custom) |
| onboarding_message_sent | message_index |
| onboarding_wrapped_up | messages_sent, reason |
| onboarding_modules_created | proposals_count |
| onboarding_apikey_prompt_shown | (no properties) |
| module_auto_approved | count |
| drag_tutorial_shown / drag_tutorial_completed | (no properties) |
| drag_tutorial_dismissed | reason (clicked_got_it | abandoned) |
| project_paired_with_style | action (picked | created | skipped | removed) |
| style_suggestion_shown | (no properties) |
| style_suggestion_resolved | action (added | dismissed) |
| preload_created | module_count, has_provider, has_instructions, has_output_prefs |
| preload_applied | module_count, dropped_count |
| preload_deleted | (no properties) |
| preload_suggestion_shown / _applied / _dismissed | match_count |
| preload_renamed | (no properties) |
| preload_updated | module_count |
| preload_instructions_set | now_has |
| preload_exported / preload_imported | module_count |
| chat_output_saved_as_module | source (entry point tag, e.g., assistant_message) |
| starter_preload_applied | starter_id (public build-time constant) |
| onboarding_starter_picked | starter_id (public build-time constant) |
| preload_output_prefs_set | now_has |
| share_link_created / share_link_imported | module_count |
| prompt_reviewed | grade (sharp/decent/vague), findings_count, modules_count, has_posture, provider, model_id, token counts, latency_ms |
| mcp_token_created / mcp_token_revoked | (no properties) |
What we never do
- Read your module content.
- Use your data to train AI models.
- Sell data to third parties.
- Show ads.
- Retain data after you delete your account.
What you control
- Per-module privacy tier.
cloud_syncis the default.local_onlyandopen_contributionare reserved schema values and coming in a future release. - Full JSON export, available anytime from Settings.
- Full account deletion — immediate and irreversible, available from Settings.
- Choice of which AI provider sees your context (bring your own key).
MCP access tokens
If you connect an MCP client (Claude Code, Cursor, Claude Desktop), you create a personal access token. We store only a SHA-256 hash of it — the token itself is shown once and never again, and is never logged. Requests made with a token can read your modules and preloads and create new modules, scoped to your account only. Revoke any token instantly from Settings.
Your API keys
API keys are stored in your browser only. They are never sent to our servers for storage. For built-in chat they are passed through transiently to your chosen AI provider, then discarded. We never see your AI provider billing or usage.
Waitlist
If you join our launch waitlist (from the landing page or from Settings), we store your email address in a separate table not linked to your app account. Deleting your account does not automatically remove you from the waitlist. To be removed, email us at hi@warpspeedtech.com and we'll delete your row.
Cookies and tracking
We use Supabase session cookies for authentication and PostHog analytics cookies (only after you have logged in). There are no third-party advertising trackers.
Contact
Questions about privacy? Email hi@warpspeedtech.com.