Legal

Privacy Policy

Last updated: June 2026

1. What we collect

  • Account email and password (handled by Supabase Auth)
  • Project name and the wk_ API keys you create
  • LLM request metadata: userId, feature, model name, token counts, cost, latency, plan name, plan revenue
  • We never collect the prompt content or the LLM's response content. That data never leaves your process.

2. What we don’t collect

  • The actual text of your prompts
  • The actual text of LLM responses
  • Any personal data about your end users beyond the userId string you choose to pass to the SDK

3. How we use it

  • To power your Weckr dashboard
  • To calculate cost and margin per user and per feature
  • We never sell your data to third parties

4. Data storage

All data is stored in Supabase (EU region). Row Level Security policies are enforced at the database layer — you can only access rows belonging to projects you own. The cost recalculation that protects against client-side spoofing also runs in the database via SECURITY DEFINER RPCs.

5. Cookies

Weckr uses only strictly-necessary cookies. When you sign in, Supabase Auth sets a session cookie so you stay logged in as you move between dashboard pages. That is the only cookie we set, and it exists purely to keep your session working.

We do not use analytics, advertising, or third-party tracking cookies, so there is no consent banner to click — under GDPR and ePrivacy rules, strictly-necessary cookies do not require consent. Payment runs on Stripe’s hosted checkout, so any Stripe cookies are set on Stripe’s own domain, not ours.

6. Deletion

Delete your account at any time from dashboard settings. All associated rows are removed within 30 days.

7. Contact

Questions? hello@useweckr.com.