FeaturesHow it worksFAQ

Privacy Policy

Last updated: August 26, 2025

What we do

Paperline lets you build mobile apps by chatting with an AI agent in a desktop app. Paperline is currently in closed beta (free). Your project files stay on your device. We store chat history and minimal metadata in the cloud to sync between devices and keep context.

1. Data We Process

  • You provide: account data (email, name, avatar from OAuth), chat messages with the AI agent, support messages, and optional marketing preferences.
  • Collected automatically: app/website telemetry (app version, OS, crash logs), usage analytics (feature interactions), and access logs (IP, timestamp, error codes).
  • Desktop specifics: stability diagnostics only. We do not read or upload your local source files unless you enable collaboration/backup and select data to sync.

We don't intentionally collect special‑category data. Please avoid sharing sensitive data in chats.

2. Purposes & Legal Bases (GDPR)

  • Provide the service (accounts, chat sync, builds/previews): contract (Art. 6(1)(b)).
  • Security, fraud prevention, debugging: legitimate interests (Art. 6(1)(f)); you may object.
  • Product analytics (non-essential): legitimate interests and/or consent where required.
  • Marketing communications: consent (Art. 6(1)(a)).
  • Compliance/record-keeping: legal obligation (Art. 6(1)(c)).
  • No model training on your data. We use third-party LLMs (currently Anthropic and OpenAI) for inference only. We do not use your prompts/outputs to train our or third-party models. Providers may retain limited logs for safety/abuse review under their policies.

3. Sharing

We do not sell personal data. We share only with: (i) service providers (hosting, auth, analytics, support, LLM inference: Anthropic & OpenAI), (ii) legal authorities when required, (iii) business transfers, and (iv) at your direction/consent (e.g., collaboration).

4. International Transfers

Data may be processed outside your country. For transfers from the EEA/UK we rely on Standard Contractual Clauses (SCCs) and additional safeguards appropriate to each provider.

5. Security & Breach Notice

We use appropriate technical/organizational measures: encryption in transit/at rest, access controls, audit logging, isolation, and regular security reviews. No method is 100% secure.

If a breach is likely to risk your rights and freedoms, we will notify the authority within 72 hours and inform affected users when required.

6. Retention

  • Account data: while your account is active + up to 12 months.
  • Chat history: by default 24 months for context/sync; you can delete per chat or all chats.
  • Logs/telemetry: 30 days (aggregated stats may be retained without identifiers).
  • Backups: rolling up to 35 days.

We periodically review retention and delete or anonymize data no longer needed.

7. Your Rights

Depending on your location, you can request access, correction, deletion, portability, restriction/objection, and withdraw consent at any time. Send requests to hello@paperline.ai. We respond within 1 month. You may lodge a complaint with your data protection authority.

California (CPRA). We do not sell/share personal information for cross‑context behavioral advertising. We honor Global Privacy Control (GPC) signals. Where applicable, a "Do Not Sell/Share" mechanism is available on our website.

8. Children

Not for children under 13 (or 16 in the EEA/UK unless parental consent applies). We delete children's data if we learn we collected it.

9. Changes & Contact

We may update this Policy. For material changes we'll notify you in‑app or by email and update the date above.

Contact us: hello@paperline.ai