Privacy Policy

1. What we collect

Self-hosted Sprintra (local SQLite). Zero. Nothing leaves your machine. The CLI doesn't phone home and there is no telemetry.

Sprintra Cloud (api.sprintra.io). Only what you explicitly hand us:

• Account record (email, hashed password, or your OAuth identity from Google or GitHub) via Better Auth.
• Project data you or your AI agent create — features, stories, decisions, notes — the things Sprintra exists to store.
• Session digests your AI agent writes when a session ends.
• Optional product analytics via Plausible (privacy-respecting; no cookies, no cross-site tracking).

2. How Memory Layer works

User prompts and session digests are scoped per-user — your teammates can't read them. Cloud digests rotate after 30 days unless you pin them. Raw Claude Code transcripts stay on your machine and never sync. Three opt-out flags in ~/.sprintra/config.json disable any of these captures: capture_user_prompts, capture_session_digests, capture_transcript_index.

3. What we don't do

• We don't sell your data.
• We don't run ads.
• We don't train models on your project data.
• We don't load third-party trackers into the dashboard.

4. Storage

Cloud data is stored in PostgreSQL on Supabase (US region) and served from Fly.io. Self-hosted data lives on your filesystem under ~/.sprintra/.

5. Contact

Questions about privacy? Email privacy@sprintra.io.