Privacy

The short version

Your imported data files, project files, analysis variables, cards, workspaces, annotations, local Python runtime, generated scripts, and exported figures are stored on your Mac unless you choose to move or share them.

Autoplot does not sell personal information, does not use your data for advertising, and does not use Google Analytics. The current website code does not add third-party analytics.

Who controls the data

Autoplot is operated from Barcelona while the legal entity is being formed. Until the entity details are finalized, use [email protected] for privacy requests, account requests, and data deletion requests.

If this policy changes because the legal entity, vendors, or product behavior changes, we will update this page before relying on the new practice.

Website and waitlist

If you join the waitlist, we collect your email address, the signup source, and the time of signup. We use that to send launch and product-access messages, prevent duplicate signups, and respond to support requests.

The website is hosted on Cloudflare Pages. If Turnstile bot protection is enabled on the signup form, Cloudflare receives the information needed to verify the challenge. Cloudflare may also process normal hosting security logs, such as IP address, user agent, request time, and requested URL.

App accounts

The app can create an anonymous hosted-AI account through Supabase. If you choose to protect that account, sign in, or recover a purchase, Supabase processes your email address, password-authentication state, session identifiers, and auth tokens.

Supabase auth tokens are stored locally in Application Support on your Mac so the app can restore your session. Signing out clears the local session state used by Autoplot.

Hosted assistant

The assistant is optional and requires a hosted account session. Production assistant requests are sent through Supabase Edge Functions to a server-selected AI provider. The current backend uses QWen 3.6 35B on deepinfra.com behind that gateway.

When you use Chat mode, Autoplot sends your prompt and chat history. When you use Execute mode, Autoplot also sends a workspace manifest so the assistant can understand the current project. That manifest may include file names, column names, variable names, row counts, variable sources, derived formulas, card and figure settings, result summaries, annotations, selected tab, and the selected working-folder path.

Autoplot does not intentionally upload imported raw dataset values, full project files, exported figures, saved scripts, API keys, passwords, or payment details as part of the normal hosted-AI request. If you type or paste raw data, secrets, or other sensitive information into the assistant prompt, that text is sent as part of the request.

Assistant metering

To enforce hosted-AI credits and prevent duplicate billing, the backend stores account identifiers, billing period details, entitlement tier, credit budget and spend, request identifiers, provider usage metadata, and related RevenueCat sync metadata.

The billing ledger is designed not to store prompts, transcripts, generated code, generated responses, project data, or user datasets.

Subscriptions

Subscriptions and purchase status are handled with RevenueCat and related payment providers. Autoplot uses RevenueCat entitlement evidence to determine Plus or Pro access, recover purchases, and refresh billing status.

Autoplot does not store full card numbers or bank details. Billing emails, product identifiers, entitlement status, subscription period metadata, and support-recovery information may be processed so the app can provide paid access and help with account recovery.

Why we use data

We process waitlist and support data to communicate with you and answer requests. We process account, authentication, subscription, and hosted-AI usage data to provide the app, protect purchases, enforce credits, prevent abuse, and keep the service secure.

For users in the EU, UK, and similar jurisdictions, the usual legal bases are contract where processing is needed to provide the product, legitimate interests for security, abuse prevention, support, and product operations, consent where you choose optional communications, and legal obligation where records must be kept for tax, accounting, or compliance.

Sharing and transfers

We share personal data only with service providers that help run Autoplot: Cloudflare for hosting, bot protection, and security; Supabase for auth, database, and Edge Functions; RevenueCat and payment providers for subscription management; QWen 3.6 35B on deepinfra.com through the hosted AI gateway; and email or support providers when you contact us.

Those providers may process data in countries other than yours, including the United States. Where privacy law requires transfer safeguards, we rely on the provider's contractual and legal safeguards rather than selling or broadly disclosing your data.

Retention

Local project data stays on your Mac until you delete it. Waitlist records are kept until they are no longer needed for launch communications or you ask us to delete them. Account, subscription, and usage records are kept while your account is active and for a reasonable period afterward for support, fraud prevention, accounting, and legal compliance.

Support emails are kept only as long as needed to handle the request and maintain a useful support history.

Your rights

Depending on where you live, you may have rights to access, correct, delete, export, restrict, or object to processing of your personal data, and to withdraw consent for optional communications. California and other US state privacy laws may also give you rights to know, delete, correct, limit certain sensitive-data uses, opt out of sale or sharing, and not be discriminated against for using your rights.

Autoplot does not sell personal information and does not share personal information for cross-context behavioral advertising. To make a request, email [email protected]. We may need enough information to verify that the request is yours.

Children and sensitive data

Autoplot is built for scientific and professional use. It is not directed to children under 13, and we do not knowingly collect children's personal information.

Please do not put patient data, secrets, credentials, export-controlled information, or other sensitive data into assistant prompts unless you have confirmed that your use is lawful and appropriate for a hosted AI service.

Security and contact

We use local storage boundaries, authenticated backend requests, provider-side access controls, and limited diagnostic logging to reduce unnecessary exposure. No system is perfect, but the product is designed so normal scientific datasets do not need to become website uploads.

Questions, deletion requests, and privacy requests: [email protected].