Privacy Policy

DontCode Privacy Policy — a product by StormLabs (스톰랩스)

Transparent data practices
GDPR Compliant

Our Privacy Principles

Minimal Collection

We only collect what is needed to power your app-building experience — no hidden data harvesting.

Your Projects, Your Data

The applications and databases you build on DontCode belong to you. We do not claim ownership of your content.

User Control

You can access, export, or delete your account and project data at any time through your dashboard.

Secure by Default

All data is encrypted in transit and at rest. Authentication is handled through industry-standard protocols.

1. Information We Collect

What We Collect

  • Account information (email, name, profile) when you sign up via email, Google, or Kakao OAuth
  • Project data — the apps, databases, workflows, and assets you create on our platform
  • AI chat interactions — prompts and conversations with our AI agents used to build and refine your apps
  • Team and collaboration data — roles, invitations, and permissions you configure
  • Usage analytics — feature usage, page views, and performance metrics to improve the platform
  • Payment information — billing details processed through Stripe, KakaoPay, NaverPay, or Toss

What We Don't Collect

  • We do not store full payment card numbers — all payment processing is handled by our third-party providers
  • We do not use tracking cookies for third-party advertising
  • We do not collect precise geolocation data from your device
  • We do not access the end-user data stored in your deployed applications unless you explicitly grant support access

2. How We Use Information

AI-Powered App Building

Your prompts and project context are sent to our AI agents to generate code, database schemas, workflows, and suggestions for your applications.

Platform Improvement

Aggregated, anonymized usage data helps us improve our AI models, refine the editor experience, and prioritize new features.

Security & Authentication

Account data is used to authenticate sessions, enforce team permissions, and protect your projects from unauthorized access.

3. Data Retention & Deletion

Retention Policy

Your project data (apps, databases, assets) is retained as long as your account is active. If you delete a project, its data is permanently removed within 30 days. If you delete your account, all associated data is purged within 30 days, except where legal obligations require longer retention.

Data Lifecycle:

Account creation → App building & deployment → Account or project deletion → Data purge within 30 days
AI chat logs retained for up to 12 months to improve model quality, then anonymized or deleted.
Security and access logs retained up to 24 months for fraud prevention and compliance.

4. Third-Party Services

Service Providers

DontCode relies on trusted third-party services to deliver the platform. These include:

  • Supabase database hosting, authentication, and realtime services for your projects
  • Vercel application hosting, deployment, and edge network
  • Anthropic (Claude AI) AI code generation and assistant capabilities
  • Stripe, KakaoPay, NaverPay, Toss payment processing
  • Google, Kakao OAuth authentication providers

Note: We do not sell or share your personal data for advertising or marketing purposes. Third-party providers only receive the minimum data necessary to perform their service.

5. Your Rights

Data Rights

  • Access: Request a copy of all personal data we hold about you, including project metadata and account details.
  • Deletion: Delete your account and all associated projects, databases, and assets permanently.
  • Portability: Export your project data and configurations in standard formats.
  • Objection: Opt out of anonymized data being used for AI model improvement.

How to Exercise Rights

Contact Information

DontCode Privacy Team

Email: privacy@dontcode.co

Business Hours: Mon–Fri, 9:00–18:00 (KST)

You can also manage most data settings directly from your DontCode dashboard under Account Settings. For requests we cannot fulfill automatically, email us and we will respond within 10 business days.

6. Security Measures

Encryption

All data in transit is encrypted via HTTPS/TLS. Project databases are encrypted at rest through Supabase.

Authentication & Access

Role-based access control, MFA support, and session management protect your account and team projects.

Infrastructure

Hosted on Vercel and Supabase with SOC 2 compliant infrastructure, automated backups, and real-time monitoring.

Our Team
BlogBilling InfoTerms of usePrivacy
    Dont Code