Legal
Privacy Policy
Last updated: July 3, 2026
What we collect
We collect the minimum necessary to run the service:
- Account data — name, email address, and hashed password if you create an account
- Activity images — screenshots you upload for roasting, stored temporarily during processing
- Roast results — the generated roast image and text, stored if you have an account
- Usage data — how many roasts you've done, download events, IP address for rate limiting
- Session data — a session token stored in a cookie to keep you signed in
What we don't do
- We don't sell your data
- We don't use your images to train AI models
- We don't share your personal data with third parties except as needed to operate the service (see below)
- We don't run ads
- We don't track you across other sites
Third-party processors
We use the following services to operate. Each processes data only as needed for their function:
- Neon — PostgreSQL database hosting (account data, roast records)
- Cloudflare R2 — image storage (uploaded screenshots, roast images)
- Ollama / xAI Grok — AI processing (activity text extraction, roast generation)
- Resend — transactional email (account verification, password reset)
- Netlify — hosting and serverless functions
How long we keep it
- Uploaded images — original screenshots are stored in R2 and may be deleted after a reasonable retention period
- Roast results — kept while your account is active
- Account data — kept until you delete your account
- Guest session data — kept for a short period for rate limiting purposes, then deleted
Your rights
You can:
- Delete your account at any time from the account page — this removes your personal data and roast history
- Request a copy of your data by emailing us
- Request deletion of specific data by emailing us
Cookies
We use a single session cookie to keep you signed in. We don't use tracking cookies, analytics cookies, or advertising cookies.
Security
We use industry-standard practices: HTTPS everywhere, hashed passwords, short-lived session tokens, and access controls on storage. No system is perfectly secure — if you discover a vulnerability, please contact us.
Contact
Privacy questions: hello@roastmyactivity.com