Privacy
Effective July 10, 2026 · applies to the Crinkle app and this website
The short version: Crinkle runs on your computer, and your work stays there. If you sign in, we count how the app is used — never what you build, say, or type. Signed out, Crinkle sends only five anonymous one-time setup milestones — and you can turn even those off.
What stays on your machine
Everything that matters: your projects, generated code and files, chat history with the agents, uploaded documents, site credentials, and API keys. API keys and credentials are stored encrypted, bound to your machine. None of this is uploaded to us — Crinkle has no server that ever sees your work.
Your AI providers
Crinkle sends prompts (which can include your project files) to whichever AI you connect — your OpenAI, Anthropic, or Google API account, your ChatGPT/Claude subscription via their CLIs, or a local model on your own hardware. Those requests go directly from your machine to your chosen provider under their terms and privacy policy; they never pass through our servers. With a local model, prompts never leave your computer at all.
Accounts & sign-in
Sign-in is optional and exists to attribute usage statistics and feedback to an account. We store your email address and authentication tokens (handled by Supabase, our auth and data processor). Signing in enables usage reporting, and this is disclosed at the moment you sign in.
Usage statistics (while signed in)
These are counts and categories only, for example:
- app starts, sign-ins, projects created, messages sent (channel and length bucket only)
- token totals and estimated cost per AI call, and which provider types you have connected (e.g. “OpenAI API”, “local model” — never account details)
- run outcomes (completed, paused, failed) and error categories (e.g. “rate limit”, “network”) with file paths scrubbed
- app version and operating system
Never collected: your prompts, chat text, code, file contents or names, model outputs, API keys, or provider account details. When you're signed out, none of these usage statistics are collected or sent — the app works fully.
Anonymous setup milestones (signed in or out)
So we can tell whether new installs actually reach a working state, Crinkle reports at most five one-time events per installation: app installed, setup wizard finished, an AI connected, first run started, and first project completed. Each is a count with the app version and operating system, tied to a randomly generated ID — never a machine or hardware identifier, and never anything about what you build. Each event is sent once, ever. You can switch this off in Settings → Setup → Account & privacy → “Anonymous setup milestones” — after that, nothing is sent at all.
Feedback
The in-app feedback box sends exactly what you type in it, with an optional reply email. That's the one place actual text leaves your machine — because you wrote it to us and pressed Send. It works signed in or anonymously.
This website
crinkle.dev uses Vercel Web Analytics — cookieless, aggregated page-view counts. Creating an account here uses the same Supabase sign-in as the app.
What we don't do
- No selling or sharing of data with advertisers. Ever.
- No tracking cookies, no fingerprinting.
- No reading your telemetry rows back into the product — they're insert-only from the app.
Deleting your data
Email support@crinkle.dev from your account
address and we'll delete your account and every row attributed to it. Local data is yours to
delete anytime — it lives in %APPDATA%\Crinkle (or %APPDATA%\Relay for installs from before the rename) on your machine.
Changes
If this policy changes materially, we'll update this page and note it in release notes. Questions: support@crinkle.dev.