TEMPLATE — pending legal review. This document is reasonable boilerplate for a lawyer to refine; it is not legal advice and is not yet in force.

Privacy Policy

Last updated: June 2026

This Privacy Policy describes how Corvi ("Corvi", "we", "us") processes personal data in connection with the Corvi macOS application and the corvi.sh website (together, the "Service"). Corvi is built local-first: on Personal/local-only usage, your plans and source code stay on your device and are not transmitted to us.

1.Who we are

Corvi is the data controller for personal data processed through the Service. For data-protection questions, contact privacy@corvi.sh. A formal entity name and registered address will be inserted before launch.

2.Data we process

Depending on how you use Corvi, we may process:

  • Account data (Pro/Team): email, authentication identifiers, and billing metadata handled by our payment processor.
  • Synced content (Pro/Team): stored only as end-to-end encrypted ciphertext we cannot read.
  • Diagnostics (opt-in): crash reports and aggregate usage metrics, with identifiers minimised.
  • Workspace & plan content (Personal): processed locally on your device; not transmitted to Corvi.

When you run the planning engine, requests are sent to the model provider you configure, using your own API key, subject to that provider's terms.

3.How we use data

We process data to provide and secure the Service, sync your encrypted content across your devices, process payments, provide support, and improve reliability. We do not sell personal data, and we do not use your source code or plans to train models.

4.Legal bases (GDPR)

Where the GDPR applies, we rely on: performance of a contract (to provide the Service), legitimate interests (to secure and improve the Service), consent (for optional diagnostics and marketing), and legal obligations (e.g. tax records).

5.Your rights

Subject to applicable law (including the GDPR and CCPA/CPRA), you may have the right to access, correct, delete, port, or restrict processing of your personal data, to object to certain processing, and to withdraw consent. California residents may request disclosure of data categories and opt out of "sharing" as defined by the CPRA. To exercise any right, contact privacy@corvi.sh; we will respond within the timeframes required by law.

6.Retention

We retain account and billing data for as long as your account is active and as required for legal and accounting purposes. Encrypted synced content is retained until you delete it or close your account. Local content is retained on your device under your control.

7.International transfers

Where data is transferred outside your region, we rely on appropriate safeguards such as the EU Standard Contractual Clauses. See our Security page for subprocessor regions.

8.Security

We use TLS in transit, end-to-end encryption for synced content (Pro/Team), encryption at rest for local credentials, and an auditable egress model. No method of transmission or storage is perfectly secure, but we design to minimise what we hold.

9.Changes & contact

We will post material changes to this policy here and update the date above. Questions: privacy@corvi.sh.