We at darting.dev ("darting.dev", "we", or "us") are committed to respecting your privacy and keeping secure any information you share with us. This privacy policy ("Privacy Policy") explains how we collect, use, disclose, and process your personal data when you use the darting.dev website, application, APIs, and related tools — including the site at darting.dev and the application at app.darting.dev — that let you run autonomous coding agents in isolated cloud sandboxes (collectively, the "Service"). It also tells you how you can access and update your personal information and describes the data protection rights that may be available under your country's or state's laws. By accessing or using the Service, you acknowledge you have been informed of and consent to our practices with regard to your personal information and data.
1. Personal data we collect
We collect the following categories of personal data:
A. Personal data you provide to us directly
Account information. When you sign up we collect identifiers such as your name, email address, and profile picture. If you sign in with Google or GitHub, we receive this information from that provider.
Repository and connected-service credentials. To work on your code, the Service connects to your source-control provider (such as GitHub). We store the OAuth tokens or personal access tokens you grant so agents can clone, commit, push, and open pull requests on your behalf. You can revoke these at any time from the Service or from the provider.
Inputs and outputs. The Service lets you submit content — chat messages, prompts, plans, files, and the contents of repositories you connect ("Inputs") — and generates responses such as messages, code, plans, documents, screenshots, and video recordings of your application under test ("Outputs"). If you include personal data in your Inputs, we will collect it and it may be reproduced in Outputs.
Payment information. If you purchase a paid plan, our payment processor collects your payment details. We do not store full card numbers ourselves.
Communications and feedback. If you contact us or submit feedback through the Service, we collect your contact information and the contents of your messages, and may store the surrounding exchange as part of that feedback.
B. Personal data we receive from your use of the Service
Device and log information. Your device or browser automatically sends us information such as device type, browser, operating system, IP address, error logs, and how you interact with the Service.
Usage data. We collect information about your use of the Service, such as dates and times of access, features used, model and token usage, and sandbox runtime, which we use to operate the Service and to meter and bill usage-based plans.
Cookies and similar technologies. We use cookies and similar technologies to keep you signed in, remember preferences, and understand how the Service is used.
C. Information we do not collect
We do not knowingly collect sensitive or special-category personal information, such as genetic data, biometric data, health information, or religious information, and the Service is not designed to store it. We do not knowingly collect information from children under the age of 18. If we learn that a user is under 18, we will investigate and, if appropriate, delete the personal data and/or the account.
2. How we use personal data
We use personal data to:
- Provide and maintain the Service, including running agents in sandboxes, executing your instructions against repositories you connect, and generating Outputs.
- Create, manage, and administer your account, including facilitating payments and responding to inquiries.
- Improve and develop the Service and conduct research, including debugging and repairing issues and training, fine-tuning, and evaluating the AI models and systems that power the Service.
- Communicate with you, including sending updates and information about the Service.
- Prevent, detect, and investigate fraud, abuse, security incidents, and violations of our Terms of Service.
- Comply with legal obligations and protect the rights, safety, privacy, and property of users, darting.dev, or third parties.
We may use your Inputs and Outputs — including code, prompts, and repository contents — to train, fine-tune, and evaluate the AI models and systems that power the Service. The third-party model providers we use process your content through APIs under terms that prohibit those providers from training their own models on it.
We may aggregate or de-identify personal data so that it no longer identifies you and use that information for the purposes described above. We will not attempt to re-identify de-identified data except as required by law.
3. How we share personal data
We may disclose personal data in the following circumstances:
Service providers. We share personal data with vendors who support the Service, only as necessary for them to perform services on our behalf. These include cloud hosting and infrastructure providers (such as AWS), sandbox infrastructure providers (such as E2B, which runs the isolated cloud machines your agents work in), AI model providers (such as Anthropic and OpenAI, which process your Inputs to generate Outputs), payment processors (Stripe), and analytics and communications providers.
Source-control providers at your direction. When agents commit, push branches, or open pull requests, your code and commit metadata are transmitted to the repository host you connected (such as GitHub). That activity is governed by your agreement with that provider.
Team members. If you join or create a team, other members of that team can see your projects, threads, and related activity within that team's workspace.
Business transfers. In the event of a merger, acquisition, restructuring, bankruptcy, or other corporate transaction, personal data may be disclosed to counterparties and advisers as part of due diligence or transferred as part of the transaction.
Legal compliance and protection of rights. We may disclose personal data to government authorities or other third parties if we believe doing so is necessary to comply with applicable law or legal process, respond to lawful requests, protect the safety, rights, or property of any person, prevent fraud or abuse, or protect darting.dev against legal liability.
With your consent. We may disclose personal data when you give us permission to do so.
We do not sell personal data, and we do not share personal data for cross-context behavioral advertising.
4. Retention
We retain personal data only for as long as necessary to operate the Service and to support legitimate business needs such as legal compliance, safety, dispute resolution, and enforcement of our agreements. Sandboxes are ephemeral: your repository is cloned into a sandbox for the duration of a thread's work and the durable record of code changes lives in your own git remote, not on our infrastructure. Chat transcripts, knowledge entries, and usage records are retained while your account is active. When personal data is no longer needed, we will delete, de-identify, or anonymize it in compliance with applicable law.
5. Security
We implement commercially reasonable technical and organizational measures designed to protect personal data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction — including isolating each thread's work in its own sandbox and encrypting data in transit. However, no method of transmission or storage is completely secure, so please use caution when deciding what information to share with the Service.
6. Your rights and choices
Depending on where you live, you may have rights to access, delete, correct, or transfer your personal data; to object to or restrict how we process it; or to withdraw consent where processing is based on consent. You may also have the right to lodge a complaint with your local data protection authority.
To exercise any of these rights, contact us at hello@darting.dev. We may request information to verify your identity before processing your request, and we will not discriminate against you for exercising any privacy rights available under applicable law.
We process personal data on servers located in the United States. Where information is transferred out of the European Economic Area or the UK, we rely on legally valid transfer mechanisms and apply the protections described in this policy regardless of where data is processed.
7. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will publish an updated version and effective date on this page, unless another type of notice is legally required. Your continued use of the Service after any change constitutes your acceptance of the change.
8. Contacting us
If you have any questions about this Privacy Policy, contact us at hello@darting.dev.