ProductIntegrationsPricingFeedback

Privacy Policy

Effective date: July 7, 2026

Ceraph is operated by Ike Studios LLC. This policy describes how Ike Studios LLC handles your data.

1. Information We Collect

When you use Ceraph, we collect information necessary to provide the service:

  • Account information (name and email) from the provider you sign in with — GitHub, Google, or an email magic link
  • Your subscription tier, checked against your authentication token to unlock Pro features
  • Identifiers for any optional chat connector you link (Slack, Discord, or Google Chat user IDs) for message delivery
  • Payment information (processed by Stripe — we never see or store card numbers)

2. How We Use Your Information

We use collected information to:

  • Authenticate you and verify your subscription tier to unlock Pro features
  • Manage your subscription and billing

Agentic flow testing itself runs locally: the package drives your app on your own device or simulator and delivers the results to your coding agent. Those runs never send your source code, your app, or your test data to us.

3. Data Storage and Security

Ceraph runs locally. Your source code, your app, and your test data never leave your machine — the package builds, runs, and drives your app on your own device or simulator, and our servers never receive them. The only data our servers hold is your account information, your subscription and billing status, and the authentication token that links them.

Test-user credentials, when you enable test-user provisioning, are created through your own configured auth provider (for example Supabase, Clerk, Auth0, Firebase, or Cognito) using a secret you supply. Those credentials are stored only on your machine, under ~/.ceraph/ (readable only by your user account), and are never sent to or stored on our servers.

Screenshots captured during test runs are downloaded by the Ceraph MCP to your project's local .ceraph/ directory and never leave your machine. They are surfaced to your coding agent through the MCP.

Chat platform tokens are encrypted at rest using AES-256-GCM when encryption keys are configured.

4. Third-Party Services

We use the following third-party services to operate Ceraph:

  • GitHub, Google — OAuth sign-in
  • Stripe — payment processing and subscription management
  • Supabase — database hosting
  • Resend — transactional and magic-link email delivery
  • Slack, Discord, Google Chat — optional chat notification delivery

5. Data Retention

We retain your account information and your subscription and billing records for as long as your account is active, and delete them when you delete your account from Settings or by contacting us.

Ceraph stores no source code, app bundles, screenshots, or test data on its servers. Those live only on your machine — under your project's .ceraph/ directory and ~/.ceraph/ — and are yours to keep or delete.

6. Your Rights

You can:

  • Review your connected accounts and subscription in Settings
  • Delete your account from Settings or by contacting us
  • Request a copy of your stored data by emailing us
  • Opt out of non-essential communications at any time

7. Contact

For privacy-related questions, contact us at privacy@ceraph.dev.