Privacy Policy

1. What We Collect

We collect only what is necessary to provide Doppelscript:

• Account information: your email address and a hashed password when you register
• Writing samples: text you upload to build a voice profile
• Voice profiles: the style metadata derived from your samples
• Generation history: the prompts you submit and the outputs Doppelscript returns
• Operational call logs: for every AI generation we record the prompt text sent to the model, the response text returned, token counts, latency, and cost. These logs are used for cost monitoring, debugging, and service reliability. They are stored linked to your account while your account is active.
• Billing information: handled entirely by Stripe; we store only a Stripe customer ID, not your card number

We do not collect browsing history, device fingerprints, or advertising identifiers.

2. How We Store Your Data

Account data, voice profiles, and generation history are stored in a PostgreSQL database hosted on Neon. Writing sample files are stored in Cloudflare R2 object storage. Both services are located in the United States.

Passwords are never stored in plain text. We store a SHA-256 hash of your session token in the database; your actual token lives only in an httpOnly cookie on your device.

3. How We Use Your Data

Your data is used to:

• Authenticate you and maintain your session
• Generate content that matches your voice
• Process subscription payments through Stripe
• Improve reliability and debug errors

We do not sell your data. We do not use it for advertising.

4. AI Processing and Anthropic

Content generation is powered by the Anthropic Claude API. When you request a generation, your prompt and relevant voice profile data are sent to Anthropic. Anthropic's API terms contractually prohibit training on API request data, so your writing is not used to train AI models.

Anthropic's privacy policy applies to data processed through their API. You can review it at anthropic.com/privacy.

5. Cookies

We use a single session cookie named sid. It is httpOnly (not accessible to JavaScript), Secure (sent only over HTTPS), and SameSite=Lax. It expires after seven days of inactivity.

We also use PostHog for product analytics. PostHog may set cookies to track usage patterns across sessions. We do not use advertising cookies or third-party ad-network cookies.

6. Third-Party Services

• Stripe: payment processing. Stripe's privacy policy governs data you provide during checkout.
• Anthropic: AI generation. See Section 4.
• Neon: database hosting.
• Cloudflare R2: file storage.
• PostHog: product analytics. We use PostHog to understand how our product is used. PostHog may set cookies to track usage patterns. See posthog.com/privacy.
• Sentry: error monitoring. When an error occurs in the application, Sentry receives error data including stack traces, request context, and session identifiers to help us diagnose and fix issues. See sentry.io/privacy.

No other third-party services receive your personal data.

7. Data Retention

We retain your data for as long as your account is active. If you delete your account from Settings, your account record, voice profiles, writing samples, and generation history are permanently deleted from our systems within 30 days.

Operational call logs (prompt text, response text, token counts, and cost records) are retained after account deletion with your account association removed. These anonymized records are used for aggregate cost analysis and service diagnostics and cannot be linked back to you.

8. Your Rights

You can access and delete your data at any time from the Settings page. If you have a request that Settings does not cover, contact us at hello@doppelscript.com and we will respond within 30 days.

9. Changes to This Policy

When we update this policy, we will update the date at the top of this page. We will notify you by email if the changes are material.

10. Contact

Questions about this policy? Email us at hello@doppelscript.com.