Privacy Policy

Last updated: May 10, 2026

1. Who we are

Captawave ("Captawave," "we," "us," or "our") is an AI-powered product intelligence platform that helps founders and small teams understand how customers use their software. This Privacy Policy explains what data we collect, how we use it, and the choices you have.

If you have questions, email us at privacy@captawave.com.

2. What data we collect

Data you give us directly

  • Account information: name, email address, company name, and password when you sign up
  • Billing information: processed by Stripe — we never store your card number
  • Settings and preferences you configure inside the dashboard
  • Support messages you send us

Behavioral signals from your customers

When you install the Captawave SDK in your product, it collects behavioral events from your end users — things like page views, clicks, scroll depth, and error events. This data is associated with your company account and is used to generate insights for you. Your end users' data is never sold or shared with other Captawave customers.

Anonymized cross-customer patterns

We also maintain an anonymized pattern library. When behavioral signals enter our system, a stripped copy — with all identifying information removed — is used to identify common patterns across our customer base. This helps us generate better recommendations for everyone. No company name, user name, email, or IP address is ever included in this anonymized dataset.

Automatically collected data

  • Browser type, operating system, and device type when you use our dashboard
  • IP address and general location (country/region)
  • Pages visited within our dashboard and how long you spent on them
  • Error logs collected by Sentry for debugging purposes

3. How we use your data

  • To operate and improve the Captawave platform
  • To generate AI-powered insights, recommendations, and review drafts for your account
  • To detect churn risk and surface alerts in your dashboard
  • To send you transactional emails (account setup, billing receipts, review approval requests)
  • To respond to support requests
  • To detect fraud and maintain the security of our platform
  • To comply with legal obligations

We do not sell your data. We do not use your data to train general-purpose AI models without your explicit consent.

4. AI and data processing

Captawave uses Anthropic's Claude API to generate insights, recommendations, and review drafts. When we send data to Anthropic for processing, we send aggregated behavioral summaries — not raw individual events or personal information. We have a data processing agreement in place with Anthropic.

AI-generated outputs (review drafts, recommendations) are always presented to you for review before any action is taken. Nothing is published automatically without your approval.

5. Data sharing and third parties

We share data with the following categories of service providers who help us operate:

  • Supabase — database hosting (PostgreSQL)
  • Vercel — application hosting
  • Anthropic — AI processing for insights and review generation
  • Stripe — payment processing
  • Sentry — error monitoring
  • Inngest — background job processing

We do not share your data with advertisers, data brokers, or other Captawave customers. We may disclose data if required by law or to protect the rights and safety of Captawave and its users.

6. Data retention

  • Raw behavioral signals: retained for 30 days, then aggregated and archived
  • Aggregated signal patterns: retained for 12 months
  • Account data: retained for the life of your account
  • Audit logs: retained indefinitely (append-only, cannot be modified)
  • Billing records: retained for 7 years as required by financial regulations

7. Your rights and controls

You can, at any time:

  • Access all data Captawave holds for your account from the Settings → Data page
  • Export your full data as JSON or CSV
  • Delete your account and all associated data permanently — the delete option is as easy to find as the upgrade option
  • Correct inaccurate account information at any time in Settings
  • Opt out of non-essential communications in your notification settings

If you are in the European Economic Area, you have additional rights under GDPR, including the right to data portability and the right to lodge a complaint with your local supervisory authority. Email privacy@captawave.com to exercise any of these rights.

8. Cookies

We use only the cookies necessary to operate the platform — specifically, a session cookie to keep you logged in. We do not use third-party advertising cookies or tracking pixels on our dashboard or marketing pages.

9. Security

We use industry-standard security practices including encryption at rest and in transit, row-level security enforced at the database layer (every query is scoped to your company), and regular security audits. No company can ever access another company's data.

If you discover a security vulnerability, please report it to security@captawave.com and we will respond within 48 hours.

10. Children's privacy

Captawave is not directed at children under 16. We do not knowingly collect data from anyone under 16. If you believe we have inadvertently collected data from a minor, contact us immediately at privacy@captawave.com.

11. Changes to this policy

We will notify you by email and by a notice in the dashboard at least 14 days before any material changes to this policy take effect. Continued use of Captawave after the effective date constitutes acceptance of the updated policy.

12. Contact

For any privacy-related questions or requests:

Captawave

privacy@captawave.com