Privacy Policy

Last updated: March 2026

1. Introduction

Gaja AI Private Limited ("we", "us") operates SuperBased. This policy describes how we collect, use, and protect your information.

2. Data We Collect

Account data: Email address and name (via Clerk authentication).

Subscription data: Plan type, payment status (via Paddle). We do not store credit card details.

Device data: Machine ID hash, platform, app version (for license management).

Usage telemetry (opt-in): Feature usage events (capture count, AI queries). No screenshots, no file contents, no PII.

Error reports (opt-in): Crash type, sanitized stack traces. User paths are anonymized.

3. Data We Do NOT Collect

We never collect or transmit: screenshots, screen content, clipboard data, file system contents, API keys, typed text, or browsing history. All screenshots stay on your device.

4. AI Processing

AI analysis uses your own API keys (BYOK). Screenshots are sent directly from your device to the AI provider (OpenAI, Anthropic, or Google). We never proxy or store this data.

5. Data Storage & Security

Account and subscription data is stored in a PostgreSQL database on AWS (ap-south-1) with encryption at rest. API keys are encrypted using OS-level encryption (Windows DPAPI, macOS Keychain).

6. Data Retention

Account data: retained while account is active. Usage telemetry: aggregated after 90 days, deleted after 180 days. Error reports: deleted after 90 days.

7. Your Rights (GDPR)

You can request export or deletion of your data by emailing privacy@superbased.app. We will respond within 30 days.

8. Contact

Gaja AI Private Limited — privacy@superbased.app