Privacy Policy
Pigi ("we", "us", or "our") is committed to protecting your personal information. This policy explains what data we collect when you use pigi.dev, how we use it, and the rights you have over it.
Information We Collect
We collect only the data necessary to provide the service:
- Account data — your name and email address when you register.
- Billing data — payment is processed by Stripe. We store only your Stripe customer ID and subscription status; we never see raw card details.
- Configuration data — agent definitions, MCP server configs, documents, and project settings you create inside Pigi.
- Usage & log data — HTTP request logs, error logs, and feature usage signals to keep the service reliable.
- Cookies & local storage — a session cookie to keep you logged in and a theme preference stored locally in your browser.
We do not sell or rent your personal data.
How We Use Your Data
- Authenticate you and provide access to your organisation's workspace.
- Process payments and send billing-related emails via Stripe.
- Deliver transactional emails (account invitations, password resets, welcome emails).
- Improve the service through aggregated, anonymised usage analytics.
- Respond to support requests or security reports you submit.
We do not use your configuration data to train AI models.
AI-Assisted Features
When you use the Generate with AI feature, the purpose text you enter and the resource name are sent to the Anthropic API to generate content. Anthropic's data handling is governed by their privacy policy. We do not store your generation prompts beyond what is needed to complete the request.
Data Storage & Security
Your data is stored in isolated per-organisation databases hosted on secure servers within the EU. We use HTTPS/TLS for all data in transit, enforce access controls, and rotate API keys regularly.
While we take reasonable measures to protect your data, no internet service is completely secure. If you discover a security vulnerability, please report it to security@pigi.dev.
Third-Party Services
Stripe — payment processing. stripe.com/privacy
Anthropic — AI generation features. anthropic.com/legal/privacy
Bunny Fonts — font delivery (no tracking cookies). bunny.net/fonts
We do not use Google Analytics, Facebook Pixel, or any third-party advertising trackers.
Data Retention
We retain your account and configuration data for as long as your organisation has an active account. When you delete your organisation, all associated data is permanently removed within 30 days. Billing logs are retained for 7 years to meet legal requirements.
Your Rights (GDPR)
If you are in the European Economic Area, you have the right to:
- Access a copy of the personal data we hold about you.
- Correct inaccurate data via your account settings.
- Erase your account and all associated data.
- Portability — export your configuration data in JSON format via the API.
- Object to or restrict certain processing activities.
- Lodge a complaint with your local supervisory authority.
To exercise any of these rights, email us at privacy@pigi.dev.
Cookies
We use the minimum number of cookies required to operate the service:
- Session cookie — keeps you authenticated. Expires when you log out or close your browser.
- XSRF-TOKEN — prevents cross-site request forgery. Expires with the session.
We do not use any advertising or analytics cookies.
Changes to This Policy
We may update this policy to reflect changes in our practices or legal requirements. When we do, we will update the date at the top of this page and, if the changes are material, notify you by email.