Privacy Policy

Last updated: April 20, 2026

Mistflow ("we", "us", "our") is a service operated by Ridgepath Technologies (OPC) Private Limited, a company incorporated in India with its registered office in Jaipur, India. This page explains what we collect, how we use it, and what we don't do, across the mistflow.ai website, the Mistflow MCP server, and the Mistflow dashboard.

Data controller / data fiduciary: Ridgepath Technologies (OPC) Private Limited.
Grievance Officer (India DPDPA) / Privacy contact: [email protected].

What We Collect

Account information

Email address and name via our authentication provider (Clerk) when you sign up, plus any profile fields a social sign-in provider returns. If you belong to an organization, we also store your role (admin or member).

Project and build data

Project name, the app description you wrote, the plan generated for you, provenance records (user intent, decisions, tradeoffs, files affected), deployment metadata, and deploy logs.

Source and build artifacts

When you deploy, the Mistflow tool uploads two archives to our storage (Cloudflare R2): a compiled build output (used to serve your live site) and a source snapshot of your project files — everything in your project directory excluding .git/ history, node_modules/, and build-output directories. We keep the source snapshot so we can: (a) re-deploy or roll back a prior version, (b) let you download your source via the dashboard or MCP tool, and (c) let you share your project as a forkable template if you explicitly choose to. If you share as a template, only users with the share link can fork; env var values are never included in the fork.

Plan descriptions processed by Anthropic

The Mistflow MCP server itself does not call any LLM — your conversation with your AI coding editor (Claude Code, Cursor, etc.) stays inside that editor. When you call mist_plan, our backend sends your app description and your answers to discovery questions to Anthropic (Claude API) to generate a technical plan. We use Anthropic's zero-retention commercial API; Anthropic does not train on your data.

Environment variables and secrets

Stored encrypted at rest using a Fernet envelope scheme: each project gets a random data encryption key, wrapped by a master key stored in Azure Key Vault and accessed via managed identity. Never logged, never returned in plaintext to the dashboard, decrypted only at deploy time.

Billing information

Payments are processed by Dodo Payments. We do not receive or store your full card number — we store the customer ID, subscription ID, plan tier, and billing status returned by their webhooks.

Usage and analytics

We use PostHog for product events and uncaught backend exceptions, and Sentry for error tracking. We configure both to scrub personally identifiable information from stack traces and payloads. We also receive Cloudflare's standard edge request logs (IP, user agent, timestamp) for abuse prevention. On the website, you can manage optional analytics cookies via the cookie preferences link.

What We Don't Collect

Your AI editor conversation. Everything you type into Claude Code, Cursor, or Codex stays in that editor and goes directly to its provider. We never proxy, intercept, or see those prompts.
Your git history. The source snapshot we receive on deploy excludes your .git/ directory — we don't see commit history, authorship, branches, or remotes. We also don't clone your GitHub/GitLab repos; the source you give us is only what's in your local project directory at deploy time.
Tokens for your AI editor subscription. We never proxy or meter your editor's token usage.
Training data. We do not train any AI model on your code, prompts, deploy logs, project content, or dashboard activity. Our subprocessors are not permitted to train on your data under the commercial terms we use with them.

Why We Process Your Data (Legal Bases)

Where the GDPR or similar laws apply, we rely on the following legal bases:

Performance of a contract with you — creating and securing your account, generating plans, scaffolding and deploying your apps, providing databases and hosting, processing payments and managing your subscription.
Our legitimate interests — preventing abuse and fraud, debugging and improving the Service through aggregated analytics, keeping our systems secure. You can object to processing based on legitimate interests — see "Your Rights" below.
Consent — optional analytics cookies in the browser, and any marketing email you explicitly opt in to. You can withdraw consent at any time.
Legal obligation — tax, accounting, and law-enforcement requests.

Under India's Digital Personal Data Protection Act 2023, we process personal data on the basis of your consent where required, or the "certain legitimate uses" permitted by Section 7 (for example, providing the Service you requested).

Subprocessors

We rely on the following third parties to operate the Service. The full list is maintained at mistflow.ai/subprocessors.

Clerk — Authentication and user management
Cloudflare — App hosting (Workers, Pages), artifact storage (R2), DNS
Anthropic — LLM API for plan generation (zero-retention)
Neon — Managed Postgres for user apps
Turso — Managed SQLite for user apps
Dodo Payments — Payment processing
Resend — Transactional email
PostHog — Product analytics and exception autocapture
Sentry — Error tracking
Azure (Microsoft) — Backend compute, Key Vault for master encryption key

International Transfers

We are based in India. Most of our infrastructure and our subprocessors operate in the United States and the European Union. Your personal data will therefore be transferred to and processed in those countries. For transfers from the European Economic Area, United Kingdom, or Switzerland, we and our subprocessors rely on Standard Contractual Clauses and, where applicable, the EU-U.S. Data Privacy Framework. For transfers from India, we operate under the cross-border rules of the DPDPA.

Data Retention

Account data: retained while your account is active; deleted within 30 days of account deletion.
Project data (plans, provenance, schemas, env vars): retained while the project exists; deleted within 30 days of project deletion.
Build artifacts: retained for 90 days after project deletion for rollback and dispute resolution.
Ephemeral (unauthenticated) projects: automatically deleted 24 hours after creation.
Deploy and runtime logs: 90 days.
Authentication and security logs: 180 days.
Analytics events (PostHog): up to 13 months.
Error reports (Sentry): 90 days.
Billing records: retained for as long as required by Indian tax and accounting law (currently 8 years).

Your Rights

Depending on where you live, you may have the right to: access your personal data; correct inaccurate data; delete your data; restrict or object to processing; receive your data in a portable format; withdraw consent where we rely on it; nominate another person to exercise your rights on your behalf (DPDPA); and lodge a complaint with your local data-protection authority.

To exercise any of these rights or to raise a grievance under the DPDPA, email [email protected]. We'll respond within a reasonable timeframe and in any case within the period required by applicable law. You can also delete any project and all its associated data from the dashboard at any time.

Security and Breach Notification

We take reasonable technical and organizational measures to protect your data — TLS in transit, Fernet envelope encryption for secrets at rest, hashed API keys, managed-identity access to the master key, role-based access control on the backend. No system is perfectly secure; you use the Service at your own risk, and our liability for security incidents is limited as described in our Terms of Service.

If we become aware of a breach of personal data that is likely to result in risk to you, we will notify affected users and any relevant data-protection authority (including the Data Protection Board of India under the DPDPA and, where applicable, EU supervisory authorities) without undue delay and, where required by law, within 72 hours of becoming aware of it.

Children

Mistflow is not directed at children. We do not knowingly collect personal information from anyone under 18. If you believe a child under 18 has provided us information, email [email protected] and we will delete it.

Cookies

We use a small number of strictly necessary cookies to run the site and, with your consent, optional analytics cookies to understand how the site is used. You can review and change your choices at any time via the "Cookie preferences" link shown by the cookie banner.

Changes

We may update this policy. Material changes will be announced by email to account holders and posted here with a revised date. Continued use after changes means you accept the updated policy.

Contact

Privacy questions and DPDPA grievances: [email protected]. General questions: [email protected].