Effective April 26, 2026

Privacy Policy

This policy explains what personal data MakerLoft collects, why we collect it, who we share it with, and what choices you have.

What we collect

  • When you sign in with GitHub, we receive your GitHub user ID, username, display name, primary email address, and avatar URL.
  • Anything you set in your MakerLoft account: notification preferences, an optional second-factor secret, workspace names, project names and descriptions, and the API keys and OAuth tokens you connect for GitHub, DigitalOcean, and your chosen AI provider.
  • Records of your use of the MakerLoft service: chat messages (the prompts you write and the AI responses you receive), token usage and billing context per turn, project events such as deployments and credential changes, event notifications delivered by GitHub and DigitalOcean, and any runtime errors your deployed app reports back.
  • From your browser: a session cookie (HTTP-only, SameSite=Lax) and your theme preference and analytics consent stored in localStorage. The session record includes your IP address and user agent.
  • If you subscribe to a paid plan, Stripe collects your payment details. We receive only your Stripe customer identifier, the payment method type, and the last four digits of the card. Full card numbers never reach our servers.

How we use what we collect

  • To authenticate you through GitHub and to keep your session active.
  • To run the AI assistant on your behalf, including sending the chat content and project context to the AI provider you configured.
  • To bill you through Stripe and to compute usage rollups so you can see how much your projects are spending.
  • To send transactional email such as trial reminders, security notices, and account-related messages. We do not send marketing email.
  • To diagnose errors and detect abuse using server-side error monitoring. Browser-side error reporting is opt-in and only runs when explicitly configured for the deployment.
  • If analytics are enabled for the deployment, to count visits to the public landing page only. Analytics use Google Consent Mode v2 with default-deny and only run after you accept them in the cookie banner. The site honors the Global Privacy Control browser signal.

What we do not collect

We do not store the source code of your projects: it lives in your GitHub repository. We do not store your deployment artifacts: those live in your DigitalOcean account. We do not proxy your AI API calls: when the assistant runs, your supplied key calls your provider directly during the turn.

Sub-processors

We share data with the following third parties, each of which has its own privacy terms:

  • GitHub - sign-in, repository creation, commits, and event notifications. Receives your GitHub identity, the code generated by the AI assistant, and event subscriptions on your repositories.
  • DigitalOcean - deployment of your projects to your own account. Receives an OAuth token scoped to your account.
  • Stripe - payments and subscription management. Receives your payment method, billing email, and a workspace identifier.
  • AI providers (Anthropic, OpenAI, Google, or any OpenAI-compatible endpoint you configure) - receive the prompts you write, the project context the assistant has read, and the API key from the credential you supplied. Each provider's data-handling terms apply to that traffic.
  • Email provider (Postmark, Resend, AWS SES, or SMTP, depending on configuration) - receives your email address and the body of transactional messages.
  • Sentry - server-side error monitoring. Receives error class, message, stack trace, and request URL. Token-shaped substrings are scrubbed before they leave the app.

Where data lives

Our primary database and our cache and session store are managed databases on DigitalOcean. The region is set per deployment.

How we protect data

  • GitHub, DigitalOcean, AI provider, and Stripe credentials are encrypted at rest.
  • Second-factor secrets are encrypted; recovery codes are encrypted and individually hashed.
  • All connections use HTTPS.
  • Token-shaped substrings are stripped from logs, project events, and event notification payloads before they are written to the database.
  • We never display credentials in the dashboard after they have been saved.

Retention and deletion

You can delete your MakerLoft account at any time. When you do, we immediately remove any encrypted credentials we hold on your behalf, soft-delete your account and related records, and schedule a hard delete after a 30-day grace period. Audit log entries may persist beyond account deletion in a form that no longer identifies you, for security and compliance purposes.

Changes to this policy

We may update this policy. The new effective date will appear at the top of this page. If a change materially affects how we use your personal data, we will notify you by email.

Contact

Privacy questions can be sent to contact@makerloft.com.