Privacy Policy

We collect information you provide directly — such as your name, email address, and payment details when you create an account or subscribe to the BYOK plan. We also collect information automatically, including IP address, browser type, pages visited, and usage patterns via analytics tools.

API keys you add in Settings are stored exclusively in your browser's local storage and are never transmitted to or stored on our servers. We have no access to your API keys.

If you use the Marketplace, we collect information about templates you publish, including metadata, descriptions, and associated files you choose to submit.

We use collected information to: operate and improve the Aamlaa platform; process payments and manage subscriptions; send transactional emails such as receipts and account notices; provide customer support; detect and prevent fraud or abuse; and comply with legal obligations.

We do not sell your personal information to third parties. We do not use your generated code or project content to train AI models. Your builds are yours.

Aamlaa is hosted on Cloudflare's global edge network. Your account data and project metadata are stored in Cloudflare D1 (SQLite at the edge) and Cloudflare R2 object storage. All data is encrypted in transit (TLS 1.3) and at rest.

We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law.

Generated project files stored on our servers are retained for 90 days of inactivity, after which they may be purged. You can export your projects at any time via the Export ZIP feature.

Aamlaa uses the following third-party processors:

Clerk (clerk.com) — handles user authentication, session management, and identity. Clerk may collect email addresses and device identifiers. Their privacy policy is available at clerk.com/privacy.

Stripe (stripe.com) — handles payment processing for the BYOK subscription. We do not store your card details; Stripe manages all payment data under PCI-DSS compliance. Their policy is at stripe.com/privacy.

Cloudflare (cloudflare.com) — provides CDN, edge compute, DNS, R2 storage, and D1 database services. Cloudflare may log request metadata for security purposes. Their policy is at cloudflare.com/privacypolicy.

AI Providers — when you generate code, your prompt is sent to the AI provider whose model you selected (e.g., Anthropic, OpenAI, Google, Mistral). These providers process your prompts under their own privacy policies. We recommend reviewing them. Your API keys are sent directly from your browser to their APIs — Aamlaa's servers do not proxy or log your prompts.

We use strictly necessary cookies to maintain your session and authentication state (managed by Clerk). We use first-party analytics (Cloudflare Web Analytics) which is cookieless and privacy-preserving by default.

We do not use third-party advertising cookies or cross-site tracking. You may disable cookies in your browser settings, but this may affect your ability to log in.

Depending on your location, you may have rights under GDPR, CCPA, or other applicable privacy laws, including: the right to access your personal data; the right to correct inaccurate data; the right to delete your data (right to be forgotten); the right to data portability; and the right to object to processing.

To exercise any of these rights, email us at privacy@aamlaa.com with the subject line "Privacy Request." We will respond within 30 days.

If you are located in the European Economic Area, you have the right to lodge a complaint with your local supervisory authority.

Aamlaa is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact privacy@aamlaa.com and we will delete it promptly.

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on our website at least 14 days before the change takes effect. Continued use of Aamlaa after the effective date constitutes acceptance of the updated policy.

For privacy-related questions, requests, or concerns, contact us at:

privacy@aamlaa.com

We aim to respond to all privacy requests within 30 business days.