Privacy policy
We treat your data the way we want our own data treated: stored deliberately, encrypted at rest, used only for the operation of the service, and never sold.
This page is a working draft. Replace with counsel-approved language before production launch.
What we collect
Account metadata you submit, product telemetry required to operate the service, integration credentials you authorize, and — only if you choose Accept analytics — marketing-site interaction data that may be collected through Amplitude browser analytics when it is configured.
What we do with it
Secure your account, run the integrations you connect, surface state in your dial, and improve reliability. We do not sell personal data. We do not train foundation models on your evidence.
Where it lives
Per-tenant Postgres on lube-managed infrastructure, encrypted at rest with AES-256. Self-hosted deployments are available on the enterprise tier.
Your controls
Export, delete, and audit access at any time from the workspace settings. We respect SAR and DSAR requests and respond within statutory timelines.
Contact
Questions? Email privacy@lube.work. Security disclosures go to security@lube.work.
Before public launch, verify that privacy@lube.work and legal@lube.work are monitored.