Privacy Policy

Last updated April 29, 2025

This document describes specifically what information we do and don’t collect about you as a customer or visitor to our websites.

As a guiding principle, we aim to collect only the information needed to provide a complete and valuable service.

We’ll never sell or trade your personal information to third parties, and we won’t use your name or company in marketing statements without your permission either. We also strive to minimize the number of third parties that process your data on our behalf.

Our servers do not store any of your billing details like name, address, or card number. Those details are collected and stored securely by our payment processor, Stripe.

What we collect and why

Contact information

When you sign up for an account, we will ask for your name and email address. This helps you reset your password if you forget it, and gives us a way to send you important account updates.

Billing information

If you buy credits, our payment processor will ask you for your billing details. Credit card information is submitted directly to our payment processor and doesn’t touch our servers. We may use aggregate billing information to inform strategic decisions.

Project information

When you create a project, we will ask you to name it and connect it to a ticketing system and code repository. We use Oauth to connect you to these third party services, and we use the resulting tokens to populate your configuration options. Those options are sometimes temporarily stored in your browser's local storage, but are never stored on our servers.

Your code

CheepCode will clone your Git repository while working on projects. We do not store your code beyond the runtime of a single agent task run — it is downloaded fresh each time, and deleted from memory when the run is finished. We only use the code for completing tasks — your code is never used for training AI models or anything else.

Cookies

When you log in, we ask your browser to store a persistent first-party cookie with a temporary token that gives your browser access for that session. It is an opaque token, meaning that it does not encode any information about your account.

Voluntary correspondence

When you email us with a question or to ask for help, we keep that correspondence, including your email address, so that we have a history of past correspondence to reference if you reach out in the future. This correspondence may include information like your name and picture if your email software sends it.

We also store information you may volunteer, for example, written responses to surveys. If you agree to a customer interview, we may ask for your permission to record the conversation for future reference or use. We will only do so with your express consent.

Troubleshooting and maintenance

No human looks at your data except for the purpose of fixing problems when they arise. We may need to fix bugs in our software, or investigate and prevent restricted uses. Accessing a customer’s account when investigating any issue is a measure of last resort. We want to protect the privacy and safety of both our customers and the people reporting issues to us, and we do our best to balance those responsibilities throughout the process.

Where required by applicable law

Lovetap LLC is a U.S. company and has data infrastructure located in the U.S.

Requests for user data. Our policy is to not respond to government requests for user data unless we are compelled by legal process or in limited circumstances in the event of an emergency request. However, if U.S. law enforcement authorities have the necessary warrant, criminal subpoena, or court order requiring us to share data, we must comply. Likewise, we will only respond to requests from government authorities outside the U.S. if compelled by the U.S. government through procedures outlined in a mutual legal assistance treaty or agreement. It is our policy to notify affected users before we share data unless we are legally prohibited from doing so, and except in some emergency cases.
Preservation requests. Similarly, our policy is to comply with requests to preserve data only if compelled by the U.S. Federal Stored Communications Act, 18 U.S.C. Section 2703(f), or by a properly served U.S. subpoena for civil matters. We do not share preserved data unless required by law or compelled by a court order that we choose not to appeal. Furthermore, unless we receive a proper warrant, court order, or subpoena before the required preservation period expires, we will destroy any preserved copies of customer data at the end of the preservation period.
If we are audited by a tax authority, we may be required to share billing-related information. If that happens, we will share only the minimum needed, such as billing addresses and tax exemption information.

If Lovetap LLC is acquired by or merges with another company, we’ll notify you well before any of your personal information is transferred or becomes subject to a different privacy policy.

Subprocessors

We use a few third-party subprocessors to help run our applications and provide our services to you. This list is exhaustive and is always updated prior to the release of new software that uses new subprocessors.

We use WorkOS to manage our customer's identities and access to our services, and Postmark to send email. When you create an account, they will receive your name and email address, and the contents of any email we send you.

We use Stripe to calculate taxes, process payments, and manage subscriptions. When you upgrade from your free trial, they will receive your billing details, billable resource usage, and subscription status information.

We use Fly and Cloudflare to host our website, web application, and databases. Whenever you use our website or API, they will receive your IP address and some information about your device and activity in the process of connecting you to our service and running our servers.

We use Sentry to monitor errors in our software. When you use our service, they will receive error reports and usage data.

Your rights with respect to your information

We strive to apply the same data rights to all customers, regardless of their location. Some of these rights include:

Right to Know. You have the right to know what personal information is collected, used, shared or sold. We outline both the categories and specific bits of data we collect, as well as how they are used, in this privacy policy.
Right of Access. This includes your right to access the personal information we gather about you, and your right to obtain information about the sharing, storage, security and processing of that information.
Right to Correction. You have the right to request correction of your personal information.
Right to Erasure / “To Be Forgotten”. This is your right to request, subject to certain limitations under applicable law, that your personal information be erased from our possession and, by extension, from all of our service providers. Fulfillment of some data deletion requests may prevent you from using our services because our applications may then no longer work. In such cases, a data deletion request may result in closing your account.
Right to Complain. You have the right to make a complaint regarding our handling of your personal information with the appropriate supervisory authority.
Right to Restrict Processing. This is your right to request restriction of how and why your personal information is used or processed, including opting out of sale of personal information. (Again: we never have and never will sell your personal data.)
Right to Object. You have the right, in certain situations, to object to how or why your personal information is processed.
Right to Portability. You have the right to receive the personal information we have about you and the right to transmit it to another party. You can find more details in our Data Export Policy.
Right to not Be Subject to Automated Decision-Making. You have the right to object to and prevent any decision that could have a legal or similarly significant effect on you from being made solely based on automated processes. This right is limited if the decision is necessary for performance of any contract between you and us, is allowed by applicable law, or is based on your explicit consent.
Right to Non-Discrimination. We do not and will not charge you a different amount to use our products, offer you different discounts, or give you a lower level of customer service because you have exercised your data privacy rights. However, the exercise of certain rights may, by virtue of your exercising those rights, prevent you from using our Services.

Many of these rights can be exercised by signing in and updating your account information.

If you have questions about exercising these rights or need assistance, please contact us at [email protected]. If an authorized agent is corresponding on your behalf, we will need written consent with a signature from the account holder before proceeding.

If you are in the EU or UK, you can contact your data protection authority to file a complaint or learn more about local privacy laws.

How we secure your data

All connections between our servers and your browser are encrypted with TLS.

Your data, including content metadata you’ve uploaded, is encrypted at-rest while stored in our database.

Our service runs on multiple servers that run around the world and connect to each other via an encrypted private network managed by our hosting provider. We will never transfer your data over the Internet without using industry-standard encryption systems managed by trusted parties.

Location of site and data

Our products and other web properties are operated in the United States. If you are located in the European Union, UK, or elsewhere outside of the United States, please be aware that any information you provide to us will be transferred to and stored in the United States. By using our websites or services and/or providing us with your personal information, you consent to this transfer.

Cancellation

If you cancel your account, we’ll log out all existing dashboard sessions and disable any account functionality. As per our Cancellation Policy, Your account data will be permanently deleted within 60 days. We do not guarantee that we will be able to restore account functionality if you change your mind before your account data is deleted, but you are welcome to ask.

Changes & questions

We may update this policy as needed to comply with relevant regulations and reflect any new practices. Whenever we make a significant change to our policies, we will refresh the date at the top of this page and take any other appropriate steps to notify users.

Have any questions, comments, or concerns about this privacy policy, your data, or your rights with respect to your information? Please get in touch by emailing us at [email protected] and we’ll be happy to try to answer them!

This privacy policy was adapted from the open source privacy policy published by 37signals. We thank them for sharing a valuable resource with the community.

This policy applies to all products created and owned by Lovetap LLC.

What we collect and why​

Contact information​

Billing information​

Project information​

Your code​

Cookies​

Voluntary correspondence​

When we access or share your information​

Troubleshooting and maintenance​

Where required by applicable law​

Subprocessors​

Your rights with respect to your information​

How we secure your data​

Location of site and data​

Cancellation​

Changes & questions​