Privacy Policy
Last updated 2026-07-08.
What we collect
- Account: when you sign in with Google we store your email address, display name, and a stable account identifier. Your handle is public and namespaces everything you publish.
- Published content: widgets you publish (code, tests, examples, metadata) are public by default and distributed under the MIT License. Private widgets are visible only to you.
- Usage analytics: aggregate daily counts only - signups, installs (split authenticated/anonymous), per-widget install tallies, and a count of distinct daily active users. We never record which user installed which widget. Identifiers used for daily-active deduplication are deleted within 24 hours; one-way install-dedup hashes are deleted within 48 hours and cannot be reversed into an IP address.
- Logs: standard request logs (IP, path, status, timing) retained by our hosting provider for operations and abuse prevention.
- Billing: paid-tier checkout is processed by Stripe; we never see or store card details.
What we don't do
- We do not sell personal data.
- We do not join install counts with user identities.
- We do not track you across other sites.
AI training
Publicly published widgets may be included in AI training datasets, as described in the Terms of Service. Do not publish code you don't want used that way.
Deletion and contact
Deleting a widget removes it from the registry and cloud storage (backups age out on schedule). You can permanently delete your account and everything it published - widgets, blueprints, proposals, notifications, and reviews you left - with one authenticated API call:
curl -X DELETE "https://api.cartograph.tools/v1/auth/account?confirm=delete-my-account" \
-H "Authorization: Bearer <your token>"
An account page with a delete button is coming; until then, for help with deletion or any other question about your data, use the report form or open an issue on GitHub.