Privacy Policy

Overview

This Privacy Policy explains how Pixl Studio handles information for Grantlet, including the public website at pixlstudio.dev/grantlet and the Grantlet desktop app and local broker.

Grantlet is designed to keep long-lived credentials in local trusted storage and out of model-visible prompts, shell arguments, logs, and ordinary website traffic.

Information we collect

• Website data. Hosting and security providers may process routine technical data such as IP address, user agent, request URL, referrer, timestamps, and basic diagnostics.
• Support communications. If you email us, we receive the contact information, message content, and any files or diagnostic details you choose to send.
• Local app data. Grantlet policies, approvals, provider configuration, audit records, and credentials are handled locally by the app, broker, Keychain-backed storage, and approved provider operations.
• Provider operation data. When you approve a provider operation, Grantlet sends the minimum request data needed to complete that operation to the relevant provider, such as Cloudflare, GitHub, AWS, GCP, or SSH endpoints.

How we use information

We use information to operate the website and app, respond to support requests, prevent abuse, diagnose reliability issues, protect security, comply with legal obligations, and improve Grantlet.

How we share information

We do not sell personal information. We may share information with service providers that help host, secure, and operate Grantlet, with third-party providers when you approve an operation, when required by law, or as part of a business transfer.

Credential handling

Grantlet is built to avoid delivering long-lived provider secrets to model context. Some approved operations may create scoped credentials or temporary local deliveries. Those deliveries are intended to be purpose-specific, permission-restricted, and short-lived.

Retention and deletion

Website and support records are kept only as long as reasonably needed for the purposes above. Local app data is controlled from your device and may be removed by deleting the relevant local Grantlet configuration, approvals, audit records, and Keychain items.

Security

We use reasonable technical and organizational safeguards, but no method of transmission, processing, or storage is perfectly secure. You are responsible for protecting your devices, provider accounts, project policies, and local access controls.

Children

Grantlet is a developer tool and is not directed to children under 13. We do not knowingly collect personal information from children under 13.

Your choices

You can contact us to request access, correction, deletion, or other assistance with information you have provided to us. Some requests may be limited by security, legal, or operational requirements.

Contact

Questions about this Privacy Policy can be sent to hello@pixlstudio.dev.

Changes

We may update this Privacy Policy from time to time. The latest version will be posted on this page with the updated date above.