Privacy Policy

1. Information We Collect

When you sign in with GitHub or Google, we receive your name, email address, and profile picture from your OAuth provider. We do not collect passwords.

We also store data you voluntarily create within the platform: projects, features, issues, notes, secrets, and file attachments.

2. How We Use Your Information

• To authenticate your identity and maintain your session.
• To provide, operate, and improve the Arcanova platform.
• To send transactional emails (e.g., project collaboration invites) when applicable.

3. Data Storage & Security

All data is stored on infrastructure we control. Secrets stored in the vault are encrypted with AES-256-GCM encryption at rest. We use HTTPS for all communications and enforce strict access controls.

4. Third-Party Services

We use the following third-party services:

• GitHub & Google — for OAuth authentication.
• Stripe — for payment processing (if you subscribe to a paid plan).

We do not sell, rent, or share your personal data with any other third parties.

5. Data Retention & Deletion

Your data is retained as long as your account is active. You may request deletion of your account and all associated data by contacting us. Upon deletion, all personal data and project content will be permanently removed.

6. Cookies

We use essential cookies only — specifically a session cookie for authentication. We do not use tracking cookies or third-party analytics.

7. Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated revision date.

8. Contact

If you have questions about this policy, contact us at support@arcanova.online.