Privacy notice · Enrollment paused
Only the record needed to deliver one scoped review.
Last updated July 15, 2026. This concise notice describes the current pre-enrollment live configuration.
What the application stores
We store your account identifier, repository URL, workflow path, scope acknowledgements, subscription state, review status, and approved delivery content. The application has no credential field, free-text evidence field, or file upload.
Service providers
Supabase handles authentication and application records. Stripe holds the configured live billing resources and handles signed webhook events. New checkout is disabled while enrollment is paused. PostHog may receive allowlisted operational events such as product surface and subscription status, plus basic request and device metadata added by its SDK. Persistence, session recording, surveys, heatmaps, and automatic capture are disabled in this build. AgentMail provides the published support mailbox and production authentication email delivery.
Analytics boundary
PostHog does not receive your email, repository URL, workflow path, findings, remediation instructions, private artifacts, full name, or credentials from this application.
No AI processing in v1
We do not submit customer artifacts to an AI provider. This product does not send private customer code, logs, evidence, or workflow material to OpenRouter or another routed model provider.
What not to submit
Do not submit tokens, passwords, SSH keys, repository secrets, private code, raw logs, production data, or other credentials. Customer-controlled screen shares or customer-created redacted evidence are handled manually outside this application.
Retention and deletion
Account, intake, review, and subscription-status records are kept while the service is active. Transient review evidence handled outside the application is deleted within 7 days after delivery or service termination, whichever comes first. After a verified deletion request, we delete or de-identify primary application records within 30 days, except limited billing or legal records that must be retained.
Supabase daily backups under the current production plan are retained for up to seven days. A deleted record may remain in an encrypted backup until that backup expires. Backups are used only for disaster recovery; if a backup is restored, verified deletion requests are re-applied. Stripe may retain payment records under its legal and financial obligations.
Control, support, and deletion requests
Email support@agentworkflowreliability.com for access, correction, support, or deletion. Send the request from the account email address; we may require a signed-in confirmation before deleting data. We acknowledge requests within two business days. Cancellation does not itself delete account data, so request deletion separately when wanted.