Privacy Policy

Last updated: April 2026

1. What We Collect

We collect your email address and a securely hashed password when you register. Payment information is handled entirely by Stripe and is never stored on our servers. We receive subscription status events from Stripe via webhooks.

2. How We Use Your Data

Your email and subscription status are used solely to authenticate you and issue a signed JWT token to the desktop application. We do not sell or share your data with third parties, except as required to process payments (Stripe).

3. Data Retention

Account data is retained while your account is active. You may request deletion of your account and associated data by contacting support@floatcrafter.io.

4. Security

Passwords are hashed using argon2id with a high memory cost before storage. All communication is encrypted via HTTPS. JWT tokens are signed with an ECDSA private key that is never exposed.

5. Cookies

We use a single HttpOnly session cookie to keep you logged in to the web dashboard. No tracking or advertising cookies are used.

6. Contact

For privacy questions or data deletion requests, contact support@floatcrafter.io.