Legal

Privacy Policy

Last Updated: January 2025

01 | Introduction

Replicas (“we”, “our”, or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using Replicas, you consent to the data practices described in this policy. If you do not agree with this policy, please discontinue use of the Service.

02 | Information We Collect

Personal Information

We collect information you provide directly to us, including:

  • Account information (name, email address, password)
  • Payment information (processed securely through third-party payment processors)
  • Organization information (team name, member details)
  • SSH public keys (we store only public keys for workspace access, never private keys)

Usage Information

We automatically collect certain information about your use of the Service:

  • Workspace creation, configuration, and usage metrics
  • Credit consumption and billing history
  • Log data (IP addresses, browser type, access times, pages viewed)
  • Device information and operating system details
  • Performance and error logs from workspaces

Workspace Data

Workspace configuration information we store:

  • Repository URLs and names for workspace templates
  • Workspace configuration settings and instance types
  • Performance and error logs from workspace infrastructure

Important: Your source code, files, environment variables, and workspace contents remain isolated within your VM instances. We do not access, scan, or store the code or data within your workspaces.

03 | How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process transactions and manage your subscription
  • Create and manage your workspaces
  • Send administrative information, updates, and security alerts
  • Respond to your requests and provide customer support
  • Monitor and analyze usage patterns to improve performance
  • Detect, prevent, and address technical issues or fraudulent activity
  • Comply with legal obligations

04 | Information Sharing

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: Third-party vendors who perform services on our behalf (payment processing, infrastructure hosting, analytics)
  • Legal Requirements: When required by law or to protect our rights, property, or safety
  • Business Transfers: In connection with any merger, sale of company assets, or acquisition
  • With Consent: When you explicitly authorize us to share information

05 | Data Security

We implement industry-standard security measures to protect your information:

  • Isolated workspace VMs with dedicated security groups
  • Encrypted data transmission using TLS/SSL
  • Secure authentication and access controls
  • Regular security audits and monitoring
  • Restricted employee access to personal data

However, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

06 | Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy. When you delete your account:

  • Your workspaces are permanently deleted
  • Personal information is removed from active systems
  • Some data may be retained for legal, tax, or accounting purposes
  • Aggregated, anonymized data may be retained for analytics

07 | Your Rights and Choices

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal information
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal information
  • Data Portability: Receive your data in a portable format
  • Opt-Out: Unsubscribe from marketing communications

To exercise these rights, please contact us through your account settings or support channels.

08 | Third-Party Services

Our Service integrates with third-party services including:

  • AWS EC2 for infrastructure
  • Supabase for authentication and database
  • Payment processors for billing
  • Analytics providers

These third parties have their own privacy policies. We encourage you to review them. We are not responsible for their data practices.

09 | International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using the Service, you consent to such transfers.

10 | Children’s Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will delete it promptly.

11 | Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the “Last Updated” date.

Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

12 | Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us through our website or support channels.