Privacy Policy

By using Replicas, you consent to the data practices described in this policy. If you do not agree with this policy, please discontinue use of the Service.

Personal Information

We collect information you provide directly to us, including:

• Account information (name, email address, password)
• Payment information (processed securely through third-party payment processors)
• Organization information (team name, member details)

Usage Information

• Workspace creation, configuration, and usage metrics
• Credit consumption and billing history
• Log data (IP addresses, browser type, access times, pages viewed)

Workspace Data

Workspace configuration information we store in Supabase:

• Repository URLs and names for workspace templates
• Workspace configuration settings and instance types
• Workspace usage metrics and credit consumption

Important: Your source code, files, and workspace contents remain isolated within sandboxes (ephemeral virtual machines on Daytona). We do not access, scan, or store the code or data within your workspaces. All workspace data is deleted when the workspace is destroyed.

Integration Metadata

For integrations with GitHub, Linear, and Slack, we store only metadata necessary for operation:

• GitHub: pull request numbers, issue numbers, and repository URLs (not PR/issue contents)
• Linear: session identifiers and interaction metadata (not issue contents)
• Slack: workspace IDs and channel references (not message contents)

Encrypted Credentials

Credentials required for Replicas to function are stored encrypted in Supabase Vault:

• GitHub App credentials (used only within workspaces for code access)
• AI coding agent credentials (e.g., AWS Bedrock, Claude API keys)
• Third-party service credentials (Linear, Slack, etc.)

Critical: Credentials are never accessed or viewed by Replicas staff. They are injected into workspaces and destroyed when the workspace is destroyed. No credentials are persisted outside of active workspace sessions.

• Provide, maintain, and improve the Service
• Process transactions and manage your subscription
• Create and manage your workspaces
• Send administrative information, updates, and security alerts
• Respond to your requests and provide customer support
• Monitor and analyze usage patterns to improve performance
• Detect, prevent, and address technical issues or fraudulent activity
• Comply with legal obligations

We do not sell your data. We may share information in these circumstances:

• Service Providers: Third-party vendors who perform services on our behalf (payment processing, infrastructure hosting)
• Legal Requirements: When required by law or to protect our rights, property, or safety
• Business Transfers: In connection with any merger, sale of company assets, or acquisition
• With Consent: When you explicitly authorize us to share information

We implement industry-standard security measures to protect your information:

• Isolated workspace sandboxes with dedicated security groups
• Encrypted data transmission using TLS/SSL
• Secure authentication and access controls
• Regular security audits and monitoring
• Restricted employee access to personal data

Workspace Data (Zero Data Retention)

All workspace data, code, files, environment variables, and credentials are permanently deleted when a workspace is destroyed. We maintain no backups, snapshots, or archives of workspace contents.

Account and Organization Data

When you delete your account:

• Your workspaces and all associated data are permanently deleted
• Organization and user information is removed from active systems
• Integration metadata (GitHub repos, Linear sessions, etc.) is deleted
• Encrypted credentials are permanently deleted
• Some data may be retained for legal, tax, or accounting purposes
• Aggregated, anonymized usage metrics may be retained for analytics

If you have questions or concerns about this Privacy Policy or our data practices, please contact us through our website or support channels.

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the “Last Updated” date at the top of this policy.