Privacy Policy

1. Encryption & Zero-Knowledge Architecture

Your workspace data (project nodes, notes, tasks, media, and AI chat conversations) is encrypted in your browser using a passphrase that only you know. We use AES-256-GCM with PBKDF2 key derivation (600,000 iterations). Your passphrase is never transmitted to or stored on our servers.

We cannot access, view, or recover your encrypted data under any circumstances. If you lose your passphrase, your data cannot be recovered — not by you, and not by us. This is by design.

Team workspaces use a separate team encryption key. Each member's personal vault key encrypts the team key through key wrapping, so the team passphrase only needs to be entered once per member.

2. What We Collect

Account information

When you sign in with Google, we receive your name and email address. This is used for authentication and to send transactional emails (receipts, discount codes, verification).

Payment data

Payments are handled entirely by Stripe. We never see or store your card number. Stripe receives your email and payment method. See Stripe's Privacy Policy.

Encrypted workspace data

Your workspace content is stored in Firebase, but it's encrypted before it leaves your browser. We store the ciphertext — we cannot read it.

Analytics (marketing pages only)

On our marketing pages (homepage, pricing, contact, etc.), we collect:

• Page visited (e.g. /pricing)
• Device type (mobile/tablet/desktop — from viewport width only)
• Referral source (e.g. google.com)
• Page load speed
• Scroll depth and time on page
• Button clicks and navigation patterns

We do not collect IP addresses, user agents, names, or emails through analytics. No cookies, no localStorage, no sessionStorage, no fingerprinting. Nothing is written to your device.

Note The app itself stores local preferences (theme, sidebar width, timer settings) in your browser's localStorage for your convenience. These are standard UI settings that never leave your device and contain no personal information. This is separate from analytics, which writes nothing.

3. AI Features

Tectonian offers optional AI-powered features (content generation, chat, node trees, note writing) built on Anthropic's Claude API.

Opt-in only

AI features never run automatically. Data is sent to Anthropic only when you explicitly click an AI button, type a prompt, or send a chat message. You can disable all AI features in Settings → AI Settings → Enable AI Features — this hides all AI buttons, panels, and commands, and prevents any data from being sent.

What gets sent

• Your typed prompt or question
• Titles of nodes in your current workspace (up to 50, for context)
• The description of the node you're editing (if applicable)
• In chat mode: your conversation history with the AI

Your email, passphrase, encryption keys, payment info, and other workspaces are never sent.

How Anthropic handles it

Under Anthropic's commercial API terms, data sent through the API is not used for model training. It may be retained for up to 30 days for safety monitoring, then deleted. Your requests go through our server, so your IP address is not shared with Anthropic. See Anthropic's Privacy Policy.

4. Analytics & Do Not Track

We run our own self-hosted analytics. No third-party analytics services (no Google Analytics, no Meta Pixel, nothing from other companies).

• No cookies zero cookies, ever
• No storage nothing written to your device by analytics
• No fingerprinting device type from viewport width only
• No cross-site we cannot follow you elsewhere
• Self-hosted all data stays in our own Firebase project

We respect Do Not Track and Global Privacy Control signals. If your browser sends either, our analytics script does not run at all — zero data is collected.

5. Third-Party Services

We use a small number of services to run Tectonian. Here is exactly what each one receives:

• Google Firebase — authentication (email, name from Google Sign-In), encrypted database storage, file storage. Servers in the United States.
• Stripe — payment processing. Receives your email and payment method. We never see your card number.
• Anthropic — AI features (opt-in only). Receives prompts and workspace context when you use AI. Does not use your data for training.
• Cloudflare — CDN, DDoS protection, DNS. Processes web requests to serve our site.
• Resend — transactional emails (receipts, verification links, discount codes). Receives your email address.

We do not sell, rent, or share your personal information with advertisers or data brokers. We have no advertising on our platform.

6. Your Rights & Controls

• Export your data — use the export feature in the app to download your workspace data
• Delete your account — contact us at hello@tectonian.com and we will delete all your data
• Disable AI — toggle off in Settings, immediately and completely
• Block analytics — enable Do Not Track or Global Privacy Control in your browser
• Access your data — request a copy of the personal information we hold about you by contacting us

If you are in the EU, UK, or any jurisdiction with data protection laws, you have the right to access, correct, delete, or port your personal data. Contact us and we will comply.

7. Children

Tectonian is not intended for children under 18. We do not knowingly collect data from minors. If we learn that a user is under 18, we will delete their account and data.

8. Security

Beyond encryption, we use HTTPS everywhere, Firebase Security Rules to restrict database access, and server-side validation on all API endpoints. That said, no system is 100% secure — but with zero-knowledge encryption, even a breach would only expose ciphertext that is unreadable without your passphrase.

9. Changes to This Policy

If we make significant changes, we will update the date at the top and may notify you by email or in-app. We encourage you to review this page periodically.

10. Contact

Questions about this policy? Reach us at hello@tectonian.com or through our contact page.

Tectonian (operated by Liminal Webs LLC)
2108 N ST STE N
Sacramento, CA 95816
United States