Privacy Policy

Last updated: February 22, 2026

This Privacy Policy describes how we collect, use, process, and disclose your information, including personal data, in conjunction with your access to and use of our headless data transformation service (the "Service").

1. Information We Collect

A. Information You Provide to Us

  • Account Information: When you sign up for an account, we require certain information such as your name, email address, and password.
  • Payment Information: If you subscribe to our paid plans, we collect payment information. Payment processing is handled securely by our third-party payment processor (Stripe). We do not store full credit card numbers on our servers.
  • User Content: We collect the schemas, JSONata transformation rules, project configurations, and any sample data you upload or process through the Service ("User Content").
  • Communications: When you communicate with us for support or other inquiries, we collect the contents of those communications.

B. Information We Automatically Collect

  • Usage Data: We automatically log information about your interactions with the Service, including the API endpoints accessed, execution times, UI interactions (e.g., node dragging, function chaining), and error rates.
  • Device and Connection Information: We collect information about your computer or mobile device, operating system, browser type, IP address, and URLs of referring/exit pages.
  • Cookies and Tracking Technologies: We use cookies and similar technologies to maintain your session, remember preferences, and analyze site traffic.

2. How We Use Your Information

We use the collected information for the following purposes:

  • To Provide and Maintain the Service: Executing your data transformations, rendering the visual IDE, and saving your mappings.
  • To Process Payments: Managing billing, invoices, and API quotas via Stripe.
  • To Improve and Optimize: Analyzing usage patterns to enhance performance, especially our browser-side preview and serverless AWS backend.
  • To Power AI Features: If you utilize our AI Copilot features (e.g., semantic auto-mapping), relevant schema metadata may be processed by our AI partners (e.g., OpenAI) to generate mapping suggestions.
  • To Communicate: Sending administrative messages, technical notices, updates, security alerts, and support responses.
  • To Ensure Security: Monitoring for fraudulent activity, unauthorized API access, or violations of our Terms of Service.

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: We share information with third-party vendors who provide services on our behalf, such as cloud hosting (Amazon Web Services), payment processing (Stripe), AI models (OpenAI), and analytics providers. These providers are contractually obligated to protect your data and only use it for the intended purposes.
  • Legal Requirements: We may disclose your information if required to do so by law, regulation, or legal process, or to protect the rights, property, and safety of us, our users, or the public.
  • Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction.

4. Data Security and Processing

We implement industry-standard technical and organizational measures to protect your data.

  • Sandboxed Execution: Data transformations executed on our AWS Lambda infrastructure run in secure, isolated sandboxes.
  • Data Encryption: Data is encrypted in transit using TLS and at rest within our databases (e.g., DynamoDB/S3).

However, no method of transmission over the Internet or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security.

5. Data Retention

We retain your personal information and User Content for as long as your account is active or as needed to provide you the Services, comply with our legal obligations, resolve disputes, and enforce our agreements. If you delete your account, we will delete or anonymize your data within a reasonable timeframe, subject to legal and operational requirements.

6. Your Privacy Rights

Depending on your location (e.g., under GDPR or CCPA), you may have the right to:

  • Access the personal information we hold about you.
  • Request correction of inaccurate information.
  • Request deletion of your personal information (Right to be Forgotten).
  • Object to or restrict the processing of your data.
  • Request data portability.

To exercise these rights, please contact us using the information provided below.

7. International Data Transfers

Our Service operates globally, and your information may be transferred to, stored, and processed in the United States or other countries where our service providers maintain facilities. By using the Service, you consent to the transfer of information to countries outside your country of residence.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through a prominent notice on our Service prior to the change becoming effective.

9. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: privacy@example.com

Privacy Policy | Insta JSON schema Transformer