Privacy Policy

How we collect, use, and protect your data including application analytics and debugging information.

Last Updated: May 13, 2025

Data Collection & Use

We collect:

  • Email addresses & Firebase UID (authentication)
  • Device information and application analytics (through PostHog)
  • Application usage patterns, crash reports, and session recordings
  • Console logs and error reports for debugging purposes
  • Performance metrics and user interaction data
  • AI request logs (via Helicone proxy)
  • Payment details (processed by Razorpay)

Additional Technical Data:

  • Crash Reports: Automatic collection of application crashes and errors with stack traces
  • Session Recordings: User interface interactions (with privacy controls)
  • Console Logs: Error and warning messages for debugging
  • Performance Data: App startup times, memory usage, and responsiveness metrics
  • User Journey Data: Navigation patterns and feature usage analytics
  • Version Information: Application version for compatibility and debugging

Purposes:

  • Account management & authentication
  • AI feature operation (using OpenAI/Anthropic/Google models)
  • Subscription billing & usage quotas
  • Application analytics and crash monitoring (PostHog) for improving user experience and debugging

Third-Party Sharing:

  • LLM providers receive anonymized prompts (IPs removed)
  • Payment data never stored locally (Razorpay PCI-DSS compliant)
  • Firebase stores authentication tokens (Google Cloud)
  • PostHog (US) receives application analytics, crash reports, and anonymized usage data

Privacy Controls & Data Minimization

Consent at Setup

  • During desktop app setup, we ask whether to enable analytics and session recording.
  • These are optional; you can decline and still use the app.
  • You can change this anytime in the application settings.

Session Recording Controls:

  • Automatic Masking: Passwords, emails, and phone numbers are automatically hidden
  • Selective Recording: Only application interface interactions, not personal content
  • Opt-out Available: Session recording can be disabled in application settings
  • Duration Limits: Sessions shorter than 3 seconds are automatically discarded

Error Reporting:

  • No Personal Code: User code content is not captured in error reports
  • Technical Focus: Only application errors and crashes are reported
  • File Path Privacy: System paths are sanitized to remove personal information

Console Log Privacy:

  • Error Focus: Only error and warning messages are captured
  • No Sensitive Data: Authentication tokens and personal data excluded
  • Development Mode: Detailed logging only in development builds

User Rights

  • Update profile via Settings modal
  • Delete account/data: email support@embedr.cc
  • Opt-out of analytics: Disable PostHog analytics in Settings
  • Data portability: Request analytics data export via support@embedr.cc
  • Selective opt-out: Disable specific analytics features (session recording, crash reports) in application settings

Data Retention

Analytics Data:

  • PostHog Analytics: 12 months for usage analytics and performance data
  • Session Recordings: 30 days for debugging and user experience improvement
  • Crash Reports: 6 months for stability monitoring and bug fixes
  • Console Logs: 30 days for application debugging

User-Controlled Retention:

  • Users can request immediate deletion of analytics data
  • Session recordings can be disabled to prevent collection
  • Historical analytics data is anonymized after 12 months

Security Measures

  • End-to-end encryption for AI requests
  • Quarterly security audits
  • GDPR-compliant data handling for EU users
  • Analytics Data Protection: PostHog data stored in secure US infrastructure
  • Privacy-by-Design: Automatic masking of sensitive information in recordings
  • Minimal Data Collection: Only essential debugging and analytics data captured