Legal
Privacy Policy
Last updated: June 2026
1. What we collect
- Account email and password (handled by Supabase Auth)
- Project name and the
wk_API keys you create - LLM request metadata:
userId,feature, model name, token counts, cost, latency, plan name, plan revenue - We never collect the prompt content or the LLM's response content. That data never leaves your process.
2. What we don’t collect
- The actual text of your prompts
- The actual text of LLM responses
- Any personal data about your end users beyond the
userIdstring you choose to pass to the SDK
3. How we use it
- To power your Weckr dashboard
- To calculate cost and margin per user and per feature
- We never sell your data to third parties
4. Data storage
All data is stored in Supabase (EU region). Row Level Security policies are enforced at the database layer — you can only access rows belonging to projects you own. The cost recalculation that protects against client-side spoofing also runs in the database via SECURITY DEFINER RPCs.
5. Cookies
Weckr uses only strictly-necessary cookies. When you sign in, Supabase Auth sets a session cookie so you stay logged in as you move between dashboard pages. That is the only cookie we set, and it exists purely to keep your session working.
We do not use analytics, advertising, or third-party tracking cookies, so there is no consent banner to click — under GDPR and ePrivacy rules, strictly-necessary cookies do not require consent. Payment runs on Stripe’s hosted checkout, so any Stripe cookies are set on Stripe’s own domain, not ours.
6. Deletion
Delete your account at any time from dashboard settings. All associated rows are removed within 30 days.
7. Contact
Questions? hello@useweckr.com.