WeaveBETA
← Back

Privacy Policy

Last updated: March 7, 2026

What We Collect

When you use Weave, we store:

  • Your account info (email, name) for authentication
  • Plans, code reviews, and threaded discussions you create through your AI agent
  • Usage metadata (timestamps, project names)

We use Supabase (hosted on AWS) as our database provider. Supabase is SOC 2 Type II compliant.

What We Don't Do

  • We never train AI models on your code, plans, or discussions
  • We never share your code or project data with third parties
  • We never access your repositories directly — your agent pushes plans and diffs to Weave, we don't pull from your repo

Encryption

  • All data is encrypted in transit (TLS/SSL) and at rest (AES-256 via Supabase/AWS)
  • Our application is hosted on Vercel with HTTPS enforced

Data Retention & Deletion

  • You can delete any project, plan, or code review at any time from the dashboard
  • When you delete data, it is permanently removed from our database
  • If you want to delete your entire account and all associated data, reach out to us on GitHub

AI Features

Weave's AI reply features use your plan/code context to generate responses within your threads. This context is sent to the AI provider (Anthropic via OpenRouter) for processing. Neither Anthropic nor OpenRouter store your data for training per their respective API data policies. No data is shared with any other provider.

Cookies & Analytics

We use essential cookies for authentication only. We use Vercel Analytics for anonymous usage metrics. No personal data or code content is tracked.

Hosting & Infrastructure

  • Application — Vercel (HTTPS, edge network)
  • Database — Supabase (AWS, SOC 2 Type II)
  • Authentication — Supabase Auth (GitHub OAuth)

Your Rights

You have the right to access, correct, export, or delete your personal data. To exercise any of these rights, reach out to us on GitHub.