Midrender

This Privacy Policy describes how Haven Technologies, Inc., a Delaware corporation ("Midrender", "we", "us"), collects, uses, shares, and protects personal information when you use our websites, applications, APIs, and related services (collectively, the "Services").

This policy is part of our Terms of Use. Capitalized terms not defined here have the meaning given in the Terms.

1. Scope

This policy applies to individuals who use the Services, visit our marketing sites, or otherwise interact with us. It does not apply to third-party products or websites we link to, which are governed by their own privacy notices.

2. Information We Collect

2.1 Information you provide

Account information — name, email, password or magic-link token, profile image.
Authentication identifiers — Google account id, OAuth access and refresh tokens when you sign in with Google.
Billing information — plan, subscription status, billing contact. Credit-card and bank details are collected and stored by our payment processor (Stripe, through Autumn) — we don't store card numbers.
Projects and Content — project files, DSL source, chat messages and prompts, uploaded assets (images, audio, video, fonts), rendered outputs, and the full edit history of your projects.
Helper and MCP — contents of files in directories you choose to expose via the Midrender helper, and metadata about MCP sessions you create.
Support communications — messages, screenshots, and attachments you send to our support team.

2.2 Information we collect automatically

Usage data — features used, events (e.g. sign-in, project created, AI turn completed, render finished), timestamps, referring URL, pages viewed, performance metrics, errors and crash data.
Device and technical data — IP address, browser type and version, operating system, device identifiers, language, time zone, and approximate location derived from IP.
Cookies and similar technologies — see Section 7.
Session replay and canvas capture — through PostHog, we record sessions of your use of the editor, including user-interface interactions and a low-frame-rate capture of the editor canvas. See Section 7.

2.3 Information from third parties

Identity providers — when you sign in with Google, we receive the profile fields Google shares with us (name, email, avatar, Google ID).
Payment processors — subscription, invoice, and payment-status information.
AI and analytics providers — logs, error reports, and usage counters from providers that help us operate the Services.

2.4 AI interactions

When you use AI features, we process your prompts, chat messages, project DSL, uploaded assets, and any files surfaced through the helper or MCP as Inputs. We record the resulting Outputs, tool calls, token counts, latency, error details, and model metadata. This data is stored in our database and sent to third-party AI providers and tracing providers to generate responses and to operate and improve the Services (see Sections 3 and 5).

3. How We Use Information

We use personal information to:

(a) provide, operate, secure, and maintain the Services, including authentication, project storage, rendering, and AI features;

(b) process payments, administer subscriptions, and meter usage (for example, AI Spend);

(c) communicate with you — transactional emails (magic links, billing receipts, security alerts), product updates, and responses to support requests;

(d) understand how the Services are used, troubleshoot issues, detect and prevent abuse and fraud, and debug errors;

(e) develop and improve our products, AI features, and machine-learning models, including training, fine-tuning, evaluating, and benchmarking models on Your Content and usage data, consistent with the license you grant in the Terms. Where we offer a "do-not-train" preference on certain paid plans, we honor it going forward;

(f) create de-identified and aggregated data and use it for any legitimate business purpose, including research, analytics, benchmarking, and model development;

(g) comply with law, legal process, and our legal obligations, and to enforce our Terms and other agreements;

(h) with your consent, for purposes described at the time of collection.

Legal bases (for users in the EEA/UK/Switzerland): we process personal data under contract (to provide the Services), legitimate interests (to operate, secure, and improve the Services and our business, including model development, after balancing against your rights), legal obligation, and consent where required.

4. How We Share Information

We do not sell personal information for money. We share personal information in the following circumstances:

4.1 Service providers (sub-processors)

We share personal information with vendors that help us run the Services under contractual confidentiality and data-protection obligations. Current providers include:

Provider	Purpose	Data types
Vercel (USA)	Web application hosting, CDN, request logs	All data in transit; request logs
Render (USA)	Hosting for API and WebSocket services	All data in transit to those services; request logs
PlanetScale (USA)	Primary database (PostgreSQL)	All stored account and project data
Cloudflare R2 (USA / global)	Storage of uploaded assets	Uploaded files and metadata
Google LLC (USA)	Sign-in with Google (OAuth)	Identity profile fields
Resend (USA)	Transactional email delivery (magic links)	Email address, email contents
Anthropic (USA)	AI model provider for Claude	Prompts, chat history, project DSL, uploaded content as needed to generate responses
Langfuse (USA)	LLM tracing and observability	Prompts, Outputs, tool calls, token counts, user id
PostHog (EU)	Product analytics, session replay, feature flags	Usage events, device data, identifiers (user id, email, name), session recordings, canvas captures
Autumn + Stripe (USA)	Subscription billing, usage metering, payment processing	Billing contact, payment status, usage metrics; payment-card data held by Stripe only

We will update this list as providers change. Ask us for the current list at any time (hello@haven.run).

4.2 Third-party AI providers — training

We configure our integrations with third-party AI providers so that, where the provider offers it, your Inputs and Outputs are not used by that provider to train its own models. This setting depends on the provider's current terms and we can't guarantee third-party behavior.

4.3 Other sharing

Corporate transactions — in connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, personal information may be transferred to the successor.
Legal and safety — we may disclose information if we reasonably believe disclosure is required to comply with a law, legal process, or government request; to enforce our Terms; to protect the rights, property, or safety of Midrender, our users, or others; or to detect or prevent fraud or abuse.
With your direction — when you authorize an integration, invite a collaborator, or use a feature that publishes content externally.
Aggregated / de-identified data — we may share aggregated or de-identified data that cannot reasonably be used to identify you.

5. AI Model Training

As set out in our Terms, we may use Your Content and usage data to develop, train, fine-tune, evaluate, benchmark, and improve our and our affiliates' AI models, products, and services.

On paid plans we may offer a "do-not-train" setting in your account. When turned on, we will not use new Inputs or Outputs from your account to train models going forward. Data already used for training remains in the resulting models.
De-identified and aggregated data may be used for any purpose, including model development, without the opt-out.
Third-party AI providers — where a provider you interact with offers its own opt-out or no-training term, we configure our integrations to take advantage of it.

6. Retention

We retain personal information for as long as your account is active and as needed to provide the Services, and afterward:

Account and project data — until you delete the project or close your account, plus a reasonable wind-down period (typically up to 90 days) for backups and operational needs;
Chat transcripts and AI traces — for the life of your account, unless you delete them sooner;
Billing records — as required by tax, accounting, and audit laws (typically 7 years);
Security, fraud, and legal records — as needed to investigate incidents, enforce our Terms, or comply with law;
De-identified / aggregated data and model artifacts — indefinitely.

To request deletion of your account, see Section 8.

7. Cookies, Local Storage, and Session Replay

We and our service providers use cookies, local storage, and similar technologies to:

keep you signed in (authentication and session cookies set by NextAuth);
remember preferences;
measure and improve the Services (analytics cookies set by PostHog);
record sessions of your use of the editor for product analytics, debugging, and support (PostHog Session Replay — this captures UI interactions and a low-frame-rate copy of the editor canvas; input masking is configured at product level);
detect and prevent abuse.

You can block or delete cookies through your browser settings. Blocking essential cookies may prevent parts of the Services from working.

Do Not Track / Global Privacy Control. We honor Global Privacy Control ("GPC") signals as valid opt-out-of-sale/-sharing requests where required by law. We do not otherwise respond to generic Do Not Track browser signals.

8. Your Choices and Rights

Depending on where you live, you may have the following rights:

Access — request a copy of the personal information we hold about you;
Correction — ask us to fix inaccurate information;
Deletion — ask us to delete your account and associated personal information, subject to exceptions (for example, for records we must keep);
Portability — receive certain information in a portable format;
Objection / restriction — object to or ask us to restrict certain processing;
Opt-out of sale/sharing and targeted advertising — we do not sell personal information for money and do not use personal information for cross-context behavioral advertising;
Withdraw consent — where processing is based on consent;
Non-discrimination — exercising these rights will not result in differential treatment of you as a user of the Services.

To exercise a right, email hello@haven.run. We may need to verify your identity. You may use an authorized agent where permitted by law. We'll respond within the time required by applicable law.

If you believe we haven't resolved a concern, you can lodge a complaint with your local data-protection authority.

9. U.S. State Privacy Rights

If you are a resident of California, Colorado, Connecticut, Delaware, Montana, New Jersey, New Hampshire, Oregon, Texas, Utah, Virginia, or another U.S. state with a comprehensive privacy law, you have the rights listed in Section 8, subject to exceptions in those laws.

Categories of personal information we collect, for what purpose, and who we share with are described in Sections 2–4. In the past 12 months, we have collected and shared these categories for the business purposes described.
We do not "sell" personal information as that term is commonly understood, and we do not "share" personal information for cross-context behavioral advertising.
Sensitive personal information. We do not use or disclose sensitive personal information (as defined by the CPRA) for purposes that require the right to limit.
Financial incentives. We do not offer financial incentives in exchange for personal information.
Authorized agent / verification. California residents may designate an authorized agent and we will verify requests as required by law.

10. International Transfers

Midrender is based in the United States. When you use the Services, your personal information may be transferred to, stored in, and processed in the United States and in other countries where our service providers operate. Those countries may have data-protection laws that differ from your jurisdiction's. Where required, we rely on Standard Contractual Clauses or other lawful transfer mechanisms. Contact us for details of our transfer mechanisms.

11. Security

We use administrative, technical, and physical safeguards designed to protect personal information, including encryption in transit, hashed credentials and tokens, scoped access controls, and audit logging. No system is perfectly secure, and we cannot guarantee absolute security. You are responsible for keeping your account credentials, API keys, helper tokens, and MCP tokens confidential. Notify us immediately at hello@haven.run if you suspect unauthorized access.

12. Children

The Services are not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child under 13 has given us personal information, contact us and we'll delete it. Users between 13 and the age of majority in their jurisdiction must have parent/guardian consent, and in any event the Services require users to be at least 16 under our Terms.

13. Automated Decision-Making

We do not use your personal information for automated decision-making that has legal or similarly significant effects on you. AI Outputs are generated algorithmically but are not used to make such decisions about you.

14. Third-Party Links and Integrations

The Services may link to or integrate with third-party products (e.g. Google, MCP clients, external AI tools). Their privacy practices are their own. Review their notices.

15. Changes to This Policy

We may update this policy. If changes are material, we'll give notice by email or in-product before they take effect. The "Last updated" date at the top reflects the latest revision.

16. Contact

Questions, complaints, or requests:

Email: hello@haven.run
Data protection lead: Konstantin Hohr