What we collect
- Your email, name, and avatar — provided by Google when you sign in with OAuth. We don't store your Google password.
- Dashboards you create — the URL you pasted, the template used, and the generated content (stored as JSON).
- A hashed version of your IP — used for rate limiting and abuse prevention. We don't store the raw IP.
- Cookies — a session cookie (strictly necessary for login) and, if you accept the banner, analytics cookies.
Why we collect it
- Authentication and providing the service to you.
- Preventing fraud and abuse (rate limits, sanity checks).
- Understanding how the product is used so we can improve it — only if you accept analytics cookies.
Subprocessors
We use a small set of trusted vendors to operate DemoDash. Each has access only to what they need.
| Vendor | Purpose | Jurisdiction |
|---|
| Vercel | Hosting and edge delivery | United States |
| Neon | Postgres database | AWS ap-southeast-1 (Singapore) |
| Google | OAuth sign-in | United States |
| PostHog | Product analytics (consent-gated) | United States / EU |
| Sentry | Error tracking (consent-gated) | United States |
| Resend | Transactional emailWired in D14, not yet active — listed here so this policy stays accurate once it goes live. | United States |
Cookies
- Session cookie— strictly necessary. Set by NextAuth so you stay logged in. No opt-out (without it, login can't work).
- Analytics cookies— set by PostHog and Vercel Analytics only after you click "Accept" on the cookie banner. You can reject and the app works the same.
How long we keep your data
- Free demos auto-delete 24 hours after creation. Pro demos persist until you delete them.
- Your account persists until you delete it. When you do, we hard delete the user row, every demo you created (including share-links), and any rate-limit records keyed to you.
Your rights
- Access — download a JSON dump of everything we hold for you at
/api/account/export while signed in. - Deletion — hard delete your account and everything we hold by calling
/api/account/delete. The settings page in-app will surface a button for this. - Anything else (rectification, portability, objection, complaint to a supervisory authority) — email us at the address below.