AeroCoding
Privacy Policy

Privacy Policy

AeroCoding ("we", "our", or "Aerocoding") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

Last updated: 01/01/2026

We operate in compliance with the Brazilian General Data Protection Law (LGPD - Law No. 13.709/2018) and other applicable data protection regulations.

Data Controller

AeroCoding is the data controller for personal data collected through our platform. This means we determine the purposes and means of processing your personal data.

01

Data We Collect

We collect different types of information depending on how you interact with our platform:

Authentication Data

  • Email address
  • Password (stored with secure hashing)
  • GitHub profile data (when you authenticate via GitHub OAuth)

Profile Data

  • Display name
  • Avatar image
  • Language preference

Project Data

  • Database schemas and diagrams
  • Project configurations
  • Generated code and version history

Organization Data

  • Organization name
  • Member associations and roles
  • Team settings and permissions

Payment Data

  • Stripe Customer ID
  • Subscription status and plan tier
  • Invoice history (processed by Stripe)

We do not store credit card numbers or payment details directly. All payments are securely processed by Stripe.

Usage and Analytics Data

  • Pages visited and feature interactions
  • Device and browser information
  • IP address (anonymized)
  • Credit usage and generation activity
02

How We Use Your Data

We use your information for the following purposes:

01To provide, maintain, and improve our services
02To process transactions and manage your subscription
03To send transactional emails (account confirmation, password reset)
04To provide customer support
05To analyze usage patterns and improve our product
06To detect and prevent fraud or abuse
07To comply with legal obligations
03

Legal Basis for Processing

Under LGPD, we process your personal data based on:

Contract PerformanceProcessing data necessary to provide our services to you
ConsentFor optional cookies and marketing communications
Legitimate InterestsTo improve our services, prevent fraud, and ensure security
Legal ObligationsTo comply with applicable laws and regulations
04

Third-Party Services

We use trusted third-party service providers to operate our platform:

Supabase
Authentication and database
All user and project data
Stripe
Payment processing
Email, payment information
PostHog
Product analytics
Usage events, device information
Resend
Transactional emails
Email addresses
Upstash
Rate limiting
IP addresses, request counts
05

Your Rights

Under LGPD, you have the following rights regarding your personal data:

AccessRequest a copy of your personal data
RectificationCorrect inaccurate or incomplete data
DeletionRequest deletion of your personal data
PortabilityReceive your data in a structured format
RevocationWithdraw your consent at any time
OppositionObject to processing in certain circumstances

You can exercise most of these rights directly in your account settings. For additional requests, contact us using the information below.

Data Retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations:

  • Account data: Retained while your account is active
  • Project data: Retained while your account is active, exportable at any time
  • Payment data: Retained as required by tax regulations (typically 5 years)
  • Audit logs: Retained for 1 year for security purposes

When you delete your account, we permanently remove your personal data within 30 days, except where retention is required by law.

Security

We implement appropriate security measures to protect your personal data:

  • Encryption in transit (HTTPS/TLS)
  • Encryption at rest for sensitive data
  • Regular security audits
  • Access controls and authentication
  • Incident response plans

Cookies

We use essential cookies to provide basic functionality:

  • Session cookies for authentication
  • Preference cookies for language and theme settings
  • Analytics cookies to understand usage patterns (with your consent)

You can manage your cookie preferences through your browser settings.

Children's Privacy

Our services are not intended for individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

Contact Us

If you have questions about this Privacy Policy or want to exercise your rights, please contact us:

support@aerocoding.dev