Legal

Privacy Policy

Last updated: June 3, 2026

1. Introduction

Wright AI ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using Wright AI, you agree to the collection and use of information as described in this policy.

2. Information We Collect

Account information: When you register, we collect your name, email address, and authentication credentials.

Payment information: Billing details are processed and stored by our payment provider (Paddle). We do not store your full card number or payment credentials on our servers.

Code context: When generating documentation, we transmit function signatures and a surrounding context window to our backend. We do not store your source code beyond what is required to fulfill the request.

Usage data: We collect anonymized telemetry including feature usage, error logs, and performance metrics to improve the Service.

Cookies: We use cookies and similar tracking technologies to maintain sessions and remember preferences. You can control cookies through your browser settings.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and improve the Service
  • Process transactions and send billing-related communications
  • Send product updates, security alerts, and support messages
  • Analyze usage patterns to improve features and fix bugs
  • Comply with legal obligations

We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. Data Minimization and Code Privacy

Wright AI is designed with code privacy in mind:

  • Only function signatures and a small context window are sent to our backend for doc generation — never your full source files
  • Coverage and structural drift checks run entirely locally on your machine
  • LLM drift results are cached in a local SQLite database; unchanged functions are never re-sent
  • You can use the VS Code extension, CLI, and MCP server with zero data leaving your machine for coverage tracking

5. Data Retention

We retain your account information for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or compliance purposes.

Anonymized usage analytics may be retained indefinitely as they cannot be linked back to any individual.

6. Third-Party Services

We use the following third-party services to operate Wright AI:

  • Supabase — database and authentication
  • Paddle — payment processing
  • Anthropic / Google Cloud — AI inference for documentation generation
  • Google Cloud Run — API hosting

Each of these providers has their own privacy policy governing data they receive. We only share the minimum data necessary for each service to function.

7. Security

We implement industry-standard security measures including TLS encryption in transit, encrypted storage at rest, and access controls limiting who can view your data internally. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict certain processing
  • Data portability — receive your data in a machine-readable format

To exercise any of these rights, contact us at the address below. We will respond within 30 days.

9. Children's Privacy

Wright AI is not directed at children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice on the Service. Continued use of the Service after the effective date of any changes constitutes acceptance of the updated policy.

11. Contact

For any privacy-related questions or requests, please contact us at: