← Back to Home

Privacy Policy

Last updated: January 18, 2025

1. Introduction

Token Boss ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Information We Collect

Account Information: When you create an account, we collect your name, email address, and authentication credentials. If you sign in with Google, we receive your basic profile information from Google.

Usage Data: We collect information about how you interact with our service, including the projects you create, gameplans, and patches.

API Credentials: You may provide API keys for third-party services (such as GitHub and Cursor). These credentials are encrypted and stored securely using Infisical, a third-party secret management service.

Technical Data: We automatically collect certain information when you visit our site, including IP address, browser type, device information, and cookies.

3. How We Use Your Information

  • To provide, maintain, and improve our services
  • To process your transactions and manage your account
  • To communicate with you about updates, security alerts, and support
  • To execute automated tasks on your behalf using the API credentials you provide
  • To monitor and analyze usage patterns to improve user experience
  • To detect, prevent, and address technical issues and security threats

4. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: We use third-party services (Infisical, Trigger.dev, Supabase) to operate our platform. These providers have access to your information only to perform services on our behalf.
  • Third-Party Integrations: When you connect external services (GitHub, Cursor), your API credentials are used to interact with those services on your behalf.
  • Legal Requirements: We may disclose your information if required by law or in response to valid legal requests.

5. Data Security

We implement appropriate technical and organizational security measures to protect your information. API credentials are encrypted and stored using industry-standard secret management practices. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as your account is active or as needed to provide services. You may request deletion of your account and associated data at any time by contacting us.

7. Your Rights

Depending on your location, you may have the right to:

  • Access, correct, or delete your personal information
  • Object to or restrict processing of your data
  • Data portability
  • Withdraw consent where processing is based on consent

8. Cookies

We use cookies and similar technologies to maintain your session, remember your preferences, and analyze site traffic. You can control cookies through your browser settings.

9. Third-Party Links

Our service may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

10. Children's Privacy

Our service is not intended for individuals under the age of 13. We do not knowingly collect personal information from children under 13.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

12. Contact Us

If you have questions about this Privacy Policy, please contact us at: privacy@tokenboss.dev