We only use strictly necessary cookies for authentication and payment processing — no tracking or marketing. Privacy Policy

Legal

Privacy Policy

Last updated: February 7, 2026

1. Introduction

CrashLoom ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

Account Information

  • Email address
  • Name
  • Workspace details
  • Billing information (processed securely through third-party payment processors)

Technical Information

  • Crash reports and stack traces from connected monitoring tools
  • Application metadata (names, dependencies, configurations)
  • Pull request activity
  • API usage and logs

Usage Data

  • Features used
  • LLM budget usage
  • Platform interactions

3. What We DON'T Collect

  • Database credentials or sensitive secrets
  • User data from your applications
  • Production environment access beyond PR creation

4. How We Use Your Information

We use collected information to:

  • Provide and improve the CrashLoom Service
  • Analyze crash patterns and generate fix suggestions
  • Create pull requests on your behalf
  • Process billing and payments
  • Send service updates and notifications
  • Comply with legal obligations
  • Process data through third-party AI providers for crash analysis and fix generation, accessed via their public commercial APIs

5. Data Security

We implement industry-standard security measures to protect your data:

  • End-to-end encryption for data in transit (TLS/SSL)
  • Encryption at rest for all stored data
  • LLM provider API keys are encrypted using Google Cloud KMS; all other data is encrypted at rest via Google Cloud managed disk encryption
  • Periodic security reviews and internal testing
  • Minimum privilege access controls
  • Secure API authentication (OAuth 2.0)

6. Data Retention

We retain your data only as long as necessary to provide the Service:

  • Account information: retained while your account is active
  • Crash reports: retained while your account is active
  • Billing records: managed by Stripe, subject to their retention policies
  • Crash-solution pairs: retained indefinitely for resolution matching

7. Third-Party Services

We integrate with third-party services that have their own privacy policies:

  • Third-party AI providers (for crash analysis and fix generation — you choose the provider from your agent configuration)
  • GitHub (for PR creation)
  • Sentry, Firebase Crashlytics, GitHub Issues (crash monitoring)
  • Stripe (payment processing)
  • Cloud infrastructure providers (Google Cloud)

Your source code is never stored by CrashLoom. Code is accessed temporarily during analysis and discarded after processing.

8. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data
  • Withdraw consent
  • Object to data processing

To exercise these rights, contact us at contact@crashloom.com

9. Cookies and Tracking

We use essential cookies for authentication and preferences. We do not use third-party advertising or tracking cookies.

10. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses.

11. Children's Privacy

CrashLoom is not intended for users under 18. We do not knowingly collect data from children.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or service notification.

13. Contact Us

For privacy-related questions or concerns, contact us at contact@crashloom.com