Privacy Policy

Last updated 26 April 2026

This is what Dellingr collects, why we collect it, and who we share it with. Short version: we collect what we need to build your sites, and we don't sell data to anyone.

1. What we collect

Account data

  • Your email address
  • Your password (hashed with bcrypt — we don't store it in plain text, we can't see it, even admin can't)
  • If you use OAuth: Google / GitHub ID + profile picture URL
  • Model-action balance remaining, subscription tier, Stripe customer ID

Usage data

  • Companies you create and their briefs
  • Files you upload (PDFs, markdown, text — max 20 MB per company)
  • Images you upload (logo, favicon, gallery / product / hero / post media — per-tier cap from 100 MB on Trial to 10 GB on Commercial; EXIF stripped server-side, MIME-spoof rejected, SVG sanitised)
  • Chat messages and responses
  • Tasks run, their costs, their results
  • Sites built and deployed (HTML stored in Postgres for version history + revert)
  • Per-company GitHub repos we create on your behalf (web-app builds) — you can transfer ownership any time from Settings → Your code, your repo
  • Optional name + trademark clearance results (kept indefinitely as audit evidence under Terms § 5b)
  • Optional Anthropic API key (BYOK) — stored encrypted at rest using Fernet keyed off our SECRET_KEY. Never logged, never echoed back beyond the last 4 characters

Security data

  • Login events — IP address, country (best-effort via ipapi.co), user-agent, timestamp
  • Security alerts generated when we spot unusual sign-ins
  • Password-reset history (timestamps, not the tokens)

Site visitor data (on sites YOU build)

Dellingr-generated sites include lightweight self-hosted analytics (page views, referrer, path). Each visit gets a hash of IP + user- agent + day — not the raw IP — so we can count unique visitors without tracking individuals. No cookies. No third-party pixels.

2. Why we collect it

  • To provide the service. Can't build a site without a brief.
  • To charge the right amount. Each model action in, each model action out.
  • To protect your account. Impossible-travel detection needs login history.
  • To improve the product. Aggregate error patterns — not your specific content.
  • To comply with law. Tax, fraud prevention.

3. Who we share it with

Only service providers who need it to operate Dellingr:

  • Anthropic — receives your chat messages + uploaded file contents to generate responses. Processed per Anthropic's privacy terms; not used to train models.
  • Cloudflare Pages — hosts the deployed sites and serves them via Cloudflare's edge network. Sees the HTML/JS/CSS of sites you build, plus visitor request logs (IP, user-agent) per Cloudflare's standard logging.
  • Cloudflare Turnstile — bot challenge on signup, login, and forgot-password forms (when configured on the backend). Receives a one-time client-rendered token for verification; we don't pass your name, email, or password to Turnstile.
  • GitHub — stores web-app source (when you build a web app).
  • Supabase — stores web-app user data (per-company Supabase project, owned by you).
  • Stripe — processes payments. We never see your card number; Stripe does.
  • Resend — sends transactional email (password resets, security alerts).
  • ipapi.co — free-tier IP-to-country lookup for login tracking. One request per login.
  • Railway — our hosting provider for Dellingr itself. Holds the Postgres database.

We do not sell your data.We don't share it with advertisers. No affiliate networks get your email.

4. Data retention

  • Active accounts: we keep everything until you delete it.
  • Deleted companies: hard-deleted after 7 days in a soft-delete state. Restore window is 7 days.
  • Deleted accounts: email + password hash removed within 30 days. Aggregate usage stats (model actions consumed, tasks run) kept as anonymised counts.
  • Login history: kept 90 days.
  • Security alerts: kept 1 year.
  • Error reports / support tickets: kept indefinitely for reference (admin-searchable by ticket code).

5. Your rights

Under Australian privacy law + the GDPR if you're in the EU, you can:

  • Access: email privacy@dellingr.dev with the email on your account and we'll send a JSON dump of everything we hold within 30 days. (Self-serve Settings → Export is on the roadmap; until then it's a manual admin action.)
  • Correct: edit your email, password, company info at any time from the dashboard.
  • Delete: Danger Zone on each company; email support@dellingr.dev for account deletion.
  • Port: the access dump is plain JSON — move it anywhere.
  • Object: opt out of the onboarding email sequence in account settings.

6. Security

  • Passwords hashed with bcrypt
  • JWT sessions, HTTPS everywhere, security headers (CSP, HSTS, X-Frame-Options)
  • Row-level security on web-app databases
  • Automatic impossible-travel detection on logins
  • Rate limits on login / signup / password-reset

We're not perfect. If you spot a vulnerability, email security@dellingr.dev — responsible disclosure welcome.

7. Cookies

Dashboard uses localStoragefor your JWT and UI preferences. No tracking cookies, no analytics cookies, no advertising cookies. Sites we generate for you don't use cookies either (unless you add Google Analytics via the head editor — that's your choice).

8. Children

Dellingr is for adults. We don't knowingly collect data from anyone under 18. If you believe a child has created an account, email us and we'll delete it.

9. Changes

If we change how we handle your data, we'll email you before the change takes effect. You can close your account at any time if you disagree.

10. Contact

Privacy questions: privacy@dellingr.dev
General support: support@dellingr.dev