Privacy Policy

Account information. Your name and email address when you sign up. If you sign in with Google, we receive your name, email, and profile picture from your Google account — nothing else.

Telemetry you send us. Foglamp is an observability product: your applications send us traces, spans, and metadata via the SDK, which can include LLM prompts, completions, tool calls, token counts, and costs. You control what your instrumentation sends; treat this data as yours — we process it only to provide the service.

Billing information. Payments are processed by Stripe. We never see or store your full card details — we keep only your subscription status and billing history.

Usage data. Basic product analytics (pages visited, features used) to understand how Foglamp is used and improve it, plus standard server logs (IP address, browser type) for security and debugging.

• To provide, maintain, and improve the service.
• To authenticate you and secure your account.
• To send transactional email: sign-in links, team invitations, alert notifications, and quota warnings.
• To bill you for paid plans.
• To respond to support requests.

• We don't sell your personal data or your telemetry data.
• We don't use your telemetry data (prompts, completions, traces) to train AI models.
• We don't send you marketing email without your consent.

We share data only with the service providers we need to run Foglamp, and only what each one needs:

• Cloud hosting providers — run our servers and databases where your data is stored.
• Stripe — payment processing.
• Resend — transactional email delivery.
• PostHog — product analytics.
• Google — only if you choose to sign in with Google.

We may also disclose data if required by law, or as part of a merger or acquisition (in which case this policy continues to apply to data collected before the change).

Telemetry data is retained according to your plan's retention period, after which it is automatically deleted. Account information is kept while your account is active.

When you delete your account or workspace, we delete the associated data within 30 days, except where we're legally required to keep it (e.g. billing records).

Data is encrypted in transit (TLS) and at rest. Access to production data is limited to the people who need it to operate the service. Any provider API keys you store for evals are encrypted with AES-256-GCM before they touch the database. No system is perfectly secure, but if we learn of a breach affecting your data we will notify you without undue delay.

We use cookies only to keep you signed in and to remember preferences like your theme. We don't use third-party advertising cookies.

You can access and update your account information in Settings. You can ask us to export or delete your personal data at any time by emailing support@foglamp.dev. Depending on where you live (e.g. the EU/EEA under GDPR or California under CCPA), you may have additional rights to access, correct, delete, or port your data — email us and we'll honor them.

Foglamp is not directed at children under 16, and we don't knowingly collect their data.

If we make material changes, we'll update the effective date above and notify you by email or in the app before the changes take effect.

Questions about privacy? Email support@foglamp.dev.