Privacy Policy

The short version

We collect the minimum needed to run the service. We don't sell your data. We don't track you across the web. We don't show ads.

What we collect

Account information: Your email address, used for signup, verification, and account notifications. That's it — no name, no phone number, no address.

Workspace data: Tasks, schedules, audit logs, and API key metadata you create through the service. This is your data — we store it to provide the service.

API usage: Request counts and timestamps for rate limiting and abuse prevention. We don't log request bodies beyond what's stored as task data.

What we don't collect

• No analytics or tracking scripts on gctrl.ai
• No third-party cookies
• No browser fingerprinting
• No IP address logging beyond standard Cloudflare infrastructure
• No selling, renting, or sharing of your data with third parties

How we use your data

• Email — to verify your account and send service notifications (not marketing)
• Workspace data — to provide the task queue, scheduling, and audit trail
• API usage metrics — to enforce rate limits and detect abuse

Where your data lives

Ground Ctrl runs on Cloudflare Workers. Your workspace data is stored in Cloudflare Durable Objects (one isolated SQLite database per workspace). Global account data (email, API keys) is stored in Cloudflare D1. All data is encrypted at rest and in transit.

Data retention

Tasks and schedules are retained as long as your account is active. Audit logs are retained based on your plan — currently 30 days on the free preview. You can check your current limits via the GET /api/quota endpoint.

When you delete your account, we delete all associated data within 30 days.

Your rights

• Export — you can export your data via the API at any time
• Delete — you can delete your account and all associated data
• Access — you can view all data we have about you through the API and dashboard

Third parties

Cloudflare: Our infrastructure provider. They process requests and store data on our behalf. See Cloudflare's privacy policy.

We don't use any other third-party services that process your data.

Changes

If we change this policy, we'll notify you via email. We won't retroactively reduce your privacy protections without consent.

Contact

Privacy questions? Email john@gctrl.ai.