Privacy

This is a placeholder privacy policy for Weaver’s design-partner phase. Before the cloud execution lane ships and we onboard customers beyond design partners, this page will be replaced with a full policy reviewed by counsel.

Data we collect

• Account information. Name, email, and OAuth identifiers (GitHub or Google) for the human accounts that sign in.
• Workspace content. Node prose, comments, chat transcripts, and run history that you create inside the workspace. Stored in Postgres and object storage in our AWS account.
• Integration tokens. GitHub App installation tokens; OAuth tokens for any integrations you connect. Encrypted at rest and only decrypted at usage points.
• Telemetry. Product analytics via PostHog and error monitoring via Sentry (when enabled), alongside web vitals on the marketing site. PostHog is hosted in the US and uses a browser analytics identifier stored on weaver.dev and sent to PostHog. We do not use it for advertising and do not sell your data.
• Design-partner waitlist. If you join the design-partner waitlist, the name, email, and company you submit. The waitlist form is hosted on Google Forms, and submissions are stored in Google Workspace.

Data we don’t collect

• We do not collect cursor movement, keystroke timing, or session replays.
• We do not sell your data, and we do not share it with third parties for their own purposes. The processors we use (e.g. PostHog, Sentry, and Google for design-partner applications) act on our behalf, under contract.
• We do not train models on your workspace content.

Where data lives

AWS S3 and RDS in eu-north-1. Data does not leave this region except in transit for OAuth callbacks (GitHub, Google, Linear), product analytics (PostHog), and design-partner applications (Google Forms / Workspace), which operate outside it.

Contact

For questions about this policy or a specific data request, email harry@triverge.dev.