Privacy Policy

Last updated: June 6, 2026

What we collect

  • Your email, name, and avatar — provided by Google when you sign in with OAuth. We don't store your Google password.
  • Dashboards you create — the URL you pasted, the template used, and the generated content (stored as JSON).
  • If you subscribe to Pro — your subscription and payment records (plan, status, amount, and the email/customer id from our payment processor). We never see or store your full card details.
  • A hashed version of your IP — used for rate limiting and abuse prevention. We don't store the raw IP.
  • Cookies — a session cookie (strictly necessary for login) and, if you accept the banner, analytics cookies.

When you paste a URL, we send that URL to third-party services to build your dashboard — ScreenshotOne (to capture the page), Google PageSpeed, Logo.dev, and the GitHub API (to enrich brand details). The URL is a public web address; we don't send them anything else about you.

Why we collect it

  • Authentication and providing the service to you.
  • Preventing fraud and abuse (rate limits, sanity checks).
  • Understanding how the product is used so we can improve it — only if you accept analytics cookies.

Subprocessors

We use a small set of trusted vendors to operate DemoDash. Each has access only to what they need.

VendorPurposeJurisdiction
VercelHosting and edge deliveryUnited States
NeonPostgres databaseAWS ap-southeast-1 (Singapore)
GoogleOAuth sign-in; PageSpeed/site-speed lookupUnited States
Dodo PaymentsPayment processing for Pro subscriptionsUnited States (merchant of record)
ScreenshotOneCaptures a screenshot/scroll-video of the URL you pasteEuropean Union
Logo.devBrand logo lookup for the pasted domainUnited States
GitHubPublic repo/star lookup when the site links to oneUnited States
PostHogProduct analytics (consent-gated)United States / EU
SentryError tracking (consent-gated)United States
BrevoTransactional email (welcome, Pro receipt, expiry reminders)European Union (France)

Cookies

  • Session cookie— strictly necessary. Set by NextAuth so you stay logged in. No opt-out (without it, login can't work).
  • Analytics cookies— set by PostHog and Vercel Analytics only after you click "Accept" on the cookie banner. You can reject and the app works the same.

How long we keep your data

  • Free demos expire 48 hours after creation and are removed by a daily cleanup job shortly after they expire. Pro demos persist until you delete them.
  • Your account persists until you delete it. When you do, we hard delete the user row, every demo you created (including share-links), your subscription and payment records, and any rate-limit records keyed to you.

Your rights

  • Access — download a JSON dump of everything we hold for you at /api/account/export while signed in.
  • Deletion — hard delete your account and everything we hold by calling /api/account/delete, or use the Delete my account button on your settings page.
  • Anything else (rectification, portability, objection, complaint to a supervisory authority) — email us at the address below.

Contact

For anything privacy-related: ahmadyarkhan.2@gmail.com