Privacy Policy

0spec is operated by a registered individual entrepreneur in the Kyrgyz Republic. This policy describes how we collect, use, and protect your personal information when you use the 0spec website, CLI tool, and related services ("Service").

Account information

When you sign in via Google OAuth we receive your name, email address, and profile picture. We store your email as your account identifier.

Device activations

When you activate a device we record a machine fingerprint (hostname and OS) to enforce license limits. No other hardware identifiers are collected.

Usage data

We collect basic analytics: pages visited, feature usage, and error reports. We do not track you across other websites.

Payment information

Payments are processed by Dodo Payments. We do not store your credit card number or bank details. Dodo Payments may share your transaction status, subscription ID, and email with us for billing purposes.

• Provide and maintain the Service.
• Process subscriptions and manage billing.
• Send transactional emails (receipts, account alerts).
• Improve the Service based on aggregated usage patterns.
• Respond to support requests.

We do not sell your personal information. We do not use your data for advertising.

We share limited data with the following providers:

• Google — OAuth authentication (name, email).
• Dodo Payments — payment processing (email, transaction data).
• Cloudflare — DNS, CDN, and email routing. Cloudflare may process IP addresses and request metadata under their own privacy policy.

When you use 0spec to run AI agents, your prompts and data are sent to the AI providers you configure (e.g., Anthropic, OpenAI). 0spec does not store the content of your agent sessions on our servers.

We retain your account data for as long as your account is active. If you delete your account, we remove your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., billing records).

We use industry-standard measures to protect your data, including encrypted connections (TLS), secure server infrastructure, and limited access controls. However, no method of transmission or storage is 100% secure.

You may:

• Access your personal data by contacting us.
• Correct inaccurate information in your account.
• Delete your account and associated data by emailing us.
• Export your data in a portable format upon request.

We use essential cookies for authentication and session management. We do not use third-party tracking cookies or advertising cookies.

The Service is not intended for anyone under 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal data, please contact us and we will delete it.

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a notice on the website at least 14 days before they take effect.

For privacy-related questions or requests, email [email protected].