Privacy Policy

1. Information We Collect

We collect information you provide directly:

• Account information (name, email, organization)
• Payment information (processed via Stripe — we do not store card numbers)
• Project configurations and scope contracts
• Session logs and gate approval history

We automatically collect:

• Usage metrics (session duration, actions approved/rejected)
• Device and browser information
• IP address and approximate location

2. How We Use Your Information

• To provide and maintain the Service
• To process payments and manage subscriptions
• To improve Watchman monitoring accuracy
• To communicate service updates and security notices
• To enforce our Terms of Service

3. Your Code and Projects

Code generated in your GateStack sessions is yours. We do not use your code, project configurations, or build artifacts to train AI models. Session data used for Watchman improvement is anonymized and aggregated. You may delete your project data at any time.

4. Data Sharing

We do not sell your personal information. We share data only with: (a) service providers necessary to operate the platform (hosting, payment processing); (b) as required by law; (c) with your explicit consent.

5. Data Security

We implement industry-standard security measures including encryption in transit and at rest, access controls, and regular security audits. Session data is encrypted with per-organization keys. Rollback snapshots are stored in isolated, encrypted storage.

6. Data Retention

We retain your data for as long as your account is active. Rollback history is retained per your plan tier. Upon account deletion, we remove your data within 30 days, except where retention is required by law.

7. Your Rights

You have the right to: access your data, correct inaccurate data, delete your data, export your data, and opt out of non-essential communications. Exercise these rights by contacting privacy@getgatestack.com.

8. Contact

For privacy questions or concerns, contact us at privacy@getgatestack.com.