Legal draft

Privacy Policy

How Konduit collects, uses, stores, and protects account and stream operations data.

Draft — requires legal review before launch. This page is ready for attorney review and final approval.

Updated May 2026

Data we collect

Konduit collects account email, authentication state, subscription status, billing identifiers, connected platform metadata, OAuth tokens, app diagnostics, and settings needed to operate the product. We do not sell personal data.

Service providers

Supabase provides authentication and subscription-adjacent account storage. Stripe processes payments and billing portal sessions. The Konduit auth-server runs on Railway and coordinates trusted account actions.

OAuth and sensitive keys

OAuth tokens and sensitive account material are stored through the encrypted-at-rest sensitive-key architecture. The app allowlist controls which credential names can enter secure storage.

Analytics posture

The launch site includes Vercel Speed Insights for aggregate performance signals. Sentry coverage is source-ready but inert unless Bo provisions the marketing-site DSN in Vercel.

Contact

Privacy requests can be sent to hello@konduit.gg. We may need to verify account ownership before acting on account-specific requests.