Loading...
GlyphMap Surge: Letting people in by waves due to high demand.
GlyphMap
Privacy Policy

Privacy built around local enforcement.

GlyphMap is built for governed AI coding workflows, with hosted account systems for access, receipts, billing, and operational state.

What this policy covers

This policy explains how GlyphMap collects, uses, shares, protects, and deletes information when you use the website, dashboard, local runtime, APIs, support channels, and related services.
GlyphMap is built for local-first AI coding enforcement. Hosted systems exist for account access, billing, project metadata, decisions, responses, receipts, context summaries, and operational state.
Third-party services linked from GlyphMap may have their own privacy terms. Their policies control how they handle information you provide to them.

Personal information

For this policy, personal information means information that identifies, relates to, describes, can reasonably be linked with, or could reasonably identify a person or account.
GlyphMap treats account identity, login records, support messages, billing references, security logs, and device or usage signals as personal information when they can reasonably be linked to an account.
Aggregated, de-identified, or anonymized information that cannot reasonably identify a person or account is handled as non-personal information.

Information we collect

Limited account identity and login information such as name, login identifier, organization, login state, role, plan selection, and protected authentication records.
Passwords are handled through encrypted and cryptographically protected credential storage. GlyphMap does not store plaintext passwords.
Billing and checkout information handled by payment processor. GlyphMap does not store full payment card numbers.
Product activity such as sign-in events, project metadata, decision records, enforcement receipts, response selections, support requests, and operational logs needed to run the service.
Technical information such as browser, device, approximate location from network data, diagnostics, rate limit signals, and security events.

What we do not intentionally collect

GlyphMap does not intentionally collect sensitive personal information such as government identifiers, health information, financial account numbers, or payment card numbers as hosted account data.
raw repository source code stays in the local workspace unless a user intentionally provides it through another workflow.
The local runtime may inspect files, paths, policy rules, prompts, responses, receipts, summaries, dependencies, and enforcement decisions to provide local project control.
Hosted systems may receive account records, project metadata, decision records, context summaries, response records, receipt records, and operational telemetry needed to run GlyphMap.

Information from other sources

GlyphMap may receive payment status, billing references, fraud-prevention signals, or subscription metadata from payment processor or other service providers.
GlyphMap may receive information from workspace administrators, account owners, invited users, support requests, and systems you connect or authorize.
We may receive security, abuse, diagnostics, or availability information from service providers that help run the service.

How we use information

To provide authentication, subscription access, dashboard features, project controls, support, abuse prevention, and product reliability.
To maintain enforcement history, receipts, and account state so teams can review autonomous coding activity.
To analyze aggregate usage and improve site performance, onboarding, pricing, and product experience.
To comply with legal obligations and enforce account, billing, and security requirements.

Sharing

We share information with service providers that help operate GlyphMap, including payment processing, account access, email, reliability, and support systems.
We may disclose information when required by law, to protect rights and safety, or as part of a merger, acquisition, financing, or sale of assets.
We do not sell personal information or raw repository source code.

Your choices and privacy rights

You may request access, correction, export, restriction, objection, or deletion of personal information, subject to security, legal, billing, backup, and operational limits.
Workspace owners and administrators can manage users, roles, project access, policy configuration, and account deletion according to their plan and permissions.
You can reduce analytics and cookie collection through browser settings, device settings, privacy tools, and legally required opt-out mechanisms where available.

Retention and deletion

When an account deletion request is confirmed, GlyphMap schedules account data for automatic deletion within 7 days, subject to security, legal, billing, backup integrity, and fraud-prevention requirements.
Lite receipt history is retained for 30 days. Pro receipt history is retained for 90 days. Enterprise retention is governed by the account agreement or dashboard settings.
We retain account, billing, security, and limited operational records only for as long as needed to provide GlyphMap, meet legal obligations, resolve disputes, prevent abuse, and maintain audit history.
If deletion is legally or technically delayed, we limit use of retained information to the purpose that required retention and remove it when that purpose ends.

Security

We use administrative, technical, and organizational safeguards designed to protect account and service data.
No internet service can guarantee perfect security, so teams should use strong passwords, scoped access, and least-privilege project controls.
You are responsible for securing your devices, repositories, local runtime, API keys, project keys, third-party models, agents, and account credentials.

Cookies and similar technologies

GlyphMap may use cookies, local storage, analytics events, security tokens, and similar technologies to keep you signed in, operate the service, measure reliability, remember choices, prevent fraud, and understand product usage.
Some cookies or tokens are necessary for authentication, security, checkout, routing, and dashboard functionality. Blocking them may prevent parts of the service from working.
Analytics and measurement tools may be disabled or limited through browser controls and any opt-out controls we provide where required.

Children

GlyphMap is not directed to children under 13, and children under 13 may not create accounts or use the service.
If we learn that a child provided personal information without appropriate authorization, we will delete it as soon as reasonably practical.

International processing

GlyphMap may process and store information in the United States or other locations where we or our service providers operate.
By using the service from outside the United States, you understand that information may be processed in jurisdictions with different data protection laws than your location.
Where required, we use appropriate safeguards for international transfers and service-provider processing.

Questions and policy changes

We may update this policy as GlyphMap changes. The latest version will be posted on this page.
If a change materially affects how we handle personal information, we will post notice at least 7 days before it takes effect where practical or required.
Questions about privacy or data handling should be submitted through the GlyphMap support page.