Privacy Policy
Last updated: June 20, 2026
This Privacy Policy explains what data Theme Weaving ("we", "us") collects when you use our Service and how we use it.
Data we collect
- Account data: email address and authentication identifiers.
- Tenant data: the tenant names, design tokens, and API keys you create.
- Billing data: handled by our payment processor; we store only plan, status, and a customer reference.
- Operational data: logs, IP addresses, and basic request metadata used to run and secure the Service.
How we use it
- Operate the Service, serve your CSS, and enforce your plan limits.
- Communicate about account, billing, and security events.
- Detect, prevent, and respond to abuse and security incidents.
Subprocessors
We use Lovable Cloud for application hosting and database, Stripe for payments, and Google for optional sign-in. The list of subprocessors is maintained on our Trust Center.
Data retention
We retain your account and tenant data while your account is active. You may delete tenants at any time. Account deletion requests remove your personal data within 30 days, except where retention is required by law.
Security
Data is encrypted in transit (HTTPS/TLS) and at rest. Access to production data is restricted and audited. Row-level security isolates tenant data per account.
Your rights
Depending on your jurisdiction, you may have rights to access, correct, export, or delete your personal data. Contact us through the Trust Center to exercise them.
Cookies
We use strictly necessary cookies for authentication. We do not run third-party advertising or cross-site tracking.
Changes
We will post updates to this policy on this page and update the date above. By continuing to use the Service after changes, you accept the updated policy.