The short version
Sweep Collector is local-first. The website needs the bare minimum to run accounts and bill you; the desktop app does everything else on your machine and sends nothing back. We don't run third-party analytics, we don't sell anything, and the only third parties involved are the ones the product can't exist without (Stripe for payments, Cloudflare for hosting, Sentry for crash reports).
What we collect on the server
Account
- Email address.
- Password, stored as a salted hash, not as plaintext.
- Email verification status and timestamps for sign-up and last login.
- A reset token (short-lived, hashed) if you request a password reset.
Billing
- Stripe customer ID and subscription ID, the current subscription status and quantity (number of personas), and the renewal date.
- We do not store card numbers, CVCs, or full billing addresses. Stripe handles payment data directly.
Licenses and device activation
- One row per active persona, plus a device fingerprint that ties the desktop app to the license that activated it. The fingerprint is a salted hash so it can't be reversed back to anything identifying.
Operational logs
- Worker request logs (path, status, duration) for a short window so we can debug outages. IP addresses appear in these logs and are not retained beyond Cloudflare's default retention window.
- Crash reports from the desktop app via Sentry: stack traces and basic environment info, with credentials, emails, and any free-text user input scrubbed before send.
What stays on your machine
- Site credentials. Encrypted with your OS keychain via Electron's safeStorage and stored as opaque blobs in the local SQLite database. They cannot be decrypted off your machine.
- Cookies and browser storage for each site you log into, kept in a per-site Chrome profile directory under your user data folder.
- Balance history, run logs, schedules. Local SQLite only. The server never sees them.
- Activity logs. The desktop app writes a rolling main-process log to your user data folder so you can read it if something misbehaves.
Third-party services we rely on
We don't run Google Analytics, Mixpanel, Segment, or any other tracker on the marketing site or in the desktop app.
Email
We send transactional email only: verification links, password resets, billing receipts (those come from Stripe), and the occasional service notice (e.g. "we're deprecating support for X site"). No marketing newsletters.
Cookies on this website
Only what's needed to keep you signed in: a session cookie issued by our auth layer. No advertising, analytics, or cross-site tracking cookies.
How long we keep things
- Active account data is retained for as long as your account exists.
- When you delete your account from /account, we cancel your Stripe subscription, delete your auth and license rows, and the desktop app loses activation on its next check. Stripe retains its own records for the period required by US tax and payment regulations; that's outside our control.
- Worker request logs roll off automatically. Sentry events are retained for the default Sentry retention window and then dropped.
Your rights
You can: view and edit your account data from /account, cancel billing at any time through the Stripe Customer Portal, and delete your account in full from the Danger Zone of your account page. If you'd like a copy of what we have on you, or a deletion confirmation in writing, email nick@kyter.com.
Children
Sweep Collector is not intended for anyone under 18. We don't knowingly collect data from minors. If you believe a child has signed up, let us know and we'll delete the account.
Changes to this policy
If we change anything material we'll bump the effective date at the top and, for significant changes, send an email to active accounts ahead of the change.
Contact
Kyter LLC · nick@kyter.com
