PrivacyWhat Duetpad knows about you.
Plain English version: Duetpad is a small tool run by one designer. We collect what we need to keep your projects on the screen, plus a little to keep the product working and getting better. No ads, ever. We never sell your work, and we never read what’s inside your projects to measure you. Product analytics only run if you say yes.
Template — not legal advice. This is a plain-English privacy template written by the founder. Review it (ideally with someone qualified) before relying on it. It aims to describe what Duetpad actually does today, but it is not a substitute for advice on your own obligations.
Who runs Duetpad. Duetpad is operated by [LEGAL ENTITY / TRADING NAME] of [BUSINESS ADDRESS] — the data controller for the information described here. The UK GDPR and Data Protection Act 2018 are the framework we orient to; if you’re in the EU, the EU GDPR gives you the equivalent rights.
What does Duetpad collect?
Here’s the full list — all of it tied to making the product work:
Your sign-in details. Email address, and a one-way scrambled version of your password (we never see the password itself). If you sign in with Google instead, we get the email and a stable identifier from Google.
Your profile. The name, avatar, and short “about” line you put on your settings page. Optional — leave them blank and Duetpad still works.
Your projects and artefacts. Everything you type into the canvas: project names, folder names, personas, jobs, journeys, problem statements, briefs. This is the work itself. We store it so you can come back to it.
Pairing keys. When you pair Duetpad with Claude Code, we generate a long, random key that lets your Claude Code talk to your projects. We store the key so we can tell it’s really you, and nothing else. You can revoke it from your settings page at any time.
Connection records. Light, technical breadcrumbs about your Claude Code connection — when it last connected, whether it’s online — so the canvas can show “paired” or “not paired” correctly.
Semantic-search embeddings. When you save an artefact, Duetpad generates a short numeric fingerprint (an embedding) so Cmd-K search can find it. The fingerprint travels through OpenRouter to reach an OpenAI embedding model and back. We store the fingerprint against your artefact and discard the request transcript.
Product-analytics events — only if you say yes. If you accept the analytics banner, we count which actions you take — “created a project”, “paired Claude Code” — so we can see what’s working. Never the words inside your artefacts. Decline and none of this is collected. This is handled by PostHog.
Error reports. When something breaks, we collect a diagnostic report — what went wrong and roughly where — so we can fix it. We keep your project content out of these. This is handled by Sentry.
When you pair Claude Code, any AI writing runs inside your own Claude Code session — Duetpad never sees the prompt or the model output. The canvas only stores what Claude Code writes back to your project.
What does Duetpad not collect?
We don’t sell or share your work. Your projects and artefacts are never sold, rented, or handed to advertisers.
We don’t read your project content to measure you. The product analytics described above count actions, never the words inside your artefacts. No ad networks, no affiliate links, no cross-site ad tracking.
We don’t collect your browsing history, location, contacts, calendar, or anything else outside Duetpad’s own canvas.
We don’t see your payment card. When you start a paid plan, Stripe handles the card — Duetpad only ever gets a customer reference and your plan status, never the card itself.
What about cookies?
A small set, all functional — none used to track you across the web:
Sign-in cookie. Keeps you signed in between visits. Essential — without it Duetpad forgets who you are on every page load.
Theme cookie. Remembers whether you picked light or dark. Optional, easy to clear.
Sidebar cookie. Remembers whether your sidebar is open or collapsed. Optional.
Analytics-choice cookie. Remembers whether you said yes or no to product analytics, so we don’t ask again on every visit. If you never answer, analytics stay off.
Who else sees your data?
A small, named list of services Duetpad pays to run the product. They process your data on Duetpad’s instructions and they don’t use it for their own purposes.
Supabase hosts the database where your projects live and handles the sign-in machinery. Data sits in EU regions (Frankfurt and Paris).
Vercel runs the website itself — the page you’re reading right now. Vercel sees the standard request information any hosting service does (your address, the page you asked for, a timestamp).
OpenRouter routes the short numeric embedding requests Duetpad generates for Cmd-K search. Your artefact title and summary travel through OpenRouter to reach the embedding model. AI writing happens inside your paired Claude Code session, never through OpenRouter.
Stripe handles payment when you start a paid plan. Stripe sees the bits payment processors need to see (your card, your country); Duetpad only gets a customer reference back.
PostHog records the product-analytics events — but only if you accept the analytics banner. It sees which actions you take, never the words inside your artefacts. Decline and nothing is sent to it.
Sentry catches error reports when something breaks, so we can fix it. It sees the diagnostic detail of a crash, not your project content.
That’s the full list. Each one is paid to run a specific part of the product and only handles your data on Duetpad’s instructions — never for its own purposes.
How long do we keep it?
For as long as your account is open. The moment you delete your account, your projects, artefacts, profile, and pairing keys are removed from the database. Backups roll off on their normal schedule (typically thirty days) and after that the data is gone for good.
Translation cache entries (only relevant on the unpaired path) are keyed to your project — they leave with the project.
What can you do about it?
Quite a lot. Duetpad tries to make the obvious actions one click away rather than a support ticket.
Export everything. Settings → Account → Export your data downloads every project, artefact, and folder you own as a single JSON file. No queue, no email-confirm, no waiting.
Delete everything. Settings → Account → Delete accountwipes your account and all the projects in it. There’s no recovery. We’d rather you keep that power than have to email us for it.
Edit anything wrong. Profile, projects, folders — all editable from inside the app. If something can’t be edited and you think it should be, tell us.
Revoke Claude Code. The pairing key you generated for Claude Code can be revoked from settings. New key, old one stops working.
UK and EU users: under GDPR you also have the right to ask for a copy of the data we hold about you, ask us to correct or delete it, ask us to restrict how we use it, and complain to your local data protection authority. The export and delete buttons cover most of that already; for anything else, email us at davidpallison@me.com.
Is it secure?
Best-effort, not enterprise-grade. Your traffic is encrypted in transit, your password is one-way scrambled, your database access is row-level scoped so one user can’t read another’s projects, and your pairing key is stored as a one-way hash so even we can’t read it back to you. If you’re storing legally sensitive material, please use a tool built for that.
What if this page changes?
If we change the way Duetpad handles your data, we’ll update this page and email you about anything material before it takes effect. Cosmetic edits (clearer wording, fixed typo) won’t trigger an email.
Still got questions?
Duetpad is run by one designer, so the support address goes straight to a human: davidpallison@me.com (this becomes a support@ address on Duetpad’s own domain once that’s set up). The companion document for “what counts as fair use” and “who’s responsible for the output” lives at Terms.