Last updated: April 1, 2026
AivaStack ("we", "our", "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share information when you use our platform and associated products including VersionR, PromptDock, DryRun, and any future products.
We collect information you provide directly, such as your name, email address, and organisation details when you create an account. We also collect information automatically, including IP addresses, browser type, device information, and usage data through cookies and similar technologies.
We use your information to provide and maintain our services, authenticate your identity, manage your organisation and team memberships, process payments, send transactional communications, and improve our platform. We may also use aggregated, de-identified data for analytics and product development.
AivaStack uses Auth0 as our identity provider. When you sign in using social login (GitHub, Google) or email, your authentication data is processed by Auth0 in accordance with their privacy practices. We store a unique identifier linked to your Auth0 account to manage your access across our product suite.
Your data is stored securely using Supabase (PostgreSQL) with row-level security policies enforced at the database level. API keys are stored using bcrypt hashing. We implement industry-standard security measures including encryption in transit (TLS) and at rest. However, no method of transmission over the internet is 100% secure.
We do not sell your personal data. We may share information with trusted third-party service providers who assist in operating our platform, including Auth0 (authentication), Stripe (payment processing), Resend (transactional email), and Vercel (hosting). These providers are contractually obligated to protect your data and use it only for the services they provide to us.
We use essential cookies to maintain your authentication session and remember your preferences. We may use analytics cookies to understand how our services are used. You can control cookie preferences through your browser settings, though disabling essential cookies may affect the functionality of our services.
Depending on your jurisdiction, you may have the right to access, correct, delete, or export your personal data. You may also have the right to object to or restrict certain processing activities. To exercise any of these rights, please contact us at the address below. We will respond to requests within 30 days.
We retain your personal data for as long as your account is active or as needed to provide our services. When you delete your account, we will remove your personal data within 30 days, except where retention is required by law or for legitimate business purposes such as fraud prevention.
Your data may be processed in countries other than your own. Our service providers operate globally, and we ensure appropriate safeguards are in place for international data transfers in accordance with applicable data protection laws.
Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us and we will promptly delete it.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.
If you have any questions about this Privacy Policy or our data practices, please contact us at privacy@aivastack.com.