🦮CairnBack to home

Privacy Policy

Last updated: January 28, 2025

1. Introduction

Cairn ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard information when you use the Cairn platform ("the Service").

2. Information We Collect

Account Information

When you create an account, we collect information provided through our authentication provider (Clerk), which may include your name, email address, and profile picture.

Project Data

We store the markdown files, project definitions, and project data you create through the Service. This data is stored with per-user isolation in our cloud infrastructure (Supabase) and is not shared with other users.

Usage Data

We may collect anonymized usage data such as feature usage patterns, device type, and session duration to improve the Service. This data does not personally identify you.

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service
  • Authenticate your identity and manage your account
  • Sync your project data across devices in real-time
  • Send you important service-related notifications
  • Analyze usage patterns to improve the user experience
  • Respond to your support requests and inquiries

4. Data Storage and Security

Your data is stored using Supabase, which provides enterprise-grade security including encryption at rest and in transit. We implement row-level security (RLS) policies to ensure strict per-user data isolation.

Your project files are stored as markdown files in isolated storage paths keyed to your user ID. No other user can access your data through the Service.

5. Data Sharing

We do not sell, rent, or share your personal information with third parties for marketing purposes. We may share data only in the following circumstances:

  • Service Providers: We use Clerk for authentication and Supabase for data storage. These providers have access to data necessary to perform their services.
  • Legal Requirements: We may disclose information if required by law, regulation, or legal process.
  • Safety: We may share information to protect the rights, property, or safety of Cairn, our users, or the public.

6. AI Agent Data

Cairn does not process your data through AI models. AI agents (such as Claude Code, Cursor, or Windsurf) interact with your files through your local filesystem or through the Service's file storage. Cairn provides the coordination layer but does not send your content to AI providers. Any AI agent access is initiated by you on your own devices.

7. Data Portability

Your project data is stored as standard markdown files with YAML frontmatter. You can export your data at any time by downloading your files through the Service. Your data is also git-committable, meaning you can maintain a local copy through standard version control workflows.

8. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data and project files within 30 days, except where we are required to retain certain information for legal or legitimate business purposes.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access and receive a copy of your personal data
  • Correct inaccurate personal data
  • Request deletion of your personal data
  • Object to or restrict processing of your personal data
  • Data portability (export your data in a standard format)

To exercise these rights, contact us at privacy@cairn.dev.

10. Cookies

We use essential cookies required for authentication and session management. We do not use advertising or tracking cookies. Our analytics, if any, use anonymized, cookieless methods.

11. Children's Privacy

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children. If we learn we have collected data from a child under 13, we will take steps to delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on the Service or sending you an email. Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

13. Contact

If you have projections or concerns about this Privacy Policy or our data practices, please contact us at privacy@cairn.dev.