Cookie preferences
Manage your cookie settings in the dashboard. Essential cookies are always active.
Privacy Policy
Data controller
FunctionFly™ LLC (d/b/a FunctionFly™), a Wyoming limited liability company with principal operations in Fort Worth, Texas, United States.
These disclosures supplement our Terms of Service.
Sensitive data
Do not submit PCI data, PHI, or sensitive government-issued identifiers through the Service unless we have explicitly agreed to support that data in writing.
Information we collect
Account & usage data
- Account and profile information (email, name, company)
- Billing and transaction metadata
- Function and execution data
- Agent and API usage
- Device, browser, and network information
Vault & AI data
- Vault data: Encrypted ciphertext only. We never see your passphrase.
- AI interactions: Prompts, messages, and context sent through AI features.
- Support communications: Messages and attachments you send to us.
Legal bases for processing (EEA/UK)
To provide the services you request
To secure and improve the Service
To comply with applicable laws
Where required, withdrawable at any time
Data retention
Active account + 3 years after deletion
Up to 2 years
Varies by type; up to 7 years for financial
3 years
1 year after last interaction
When required by law or legal proceedings
Subprocessor list
Last reviewed: July 7, 2026. We update this list when adding or changing subprocessors.
| Service | Purpose | Data Processed | Location |
|---|---|---|---|
| Stripe | Payment processing | Billing info, transaction metadata | US |
| OpenAI | AI completions & embeddings | Prompts, function metadata | US |
| Anthropic | AI completions (optional) | Prompts (if configured) | US |
| OpenRouter | AI model routing (100+ models) | Prompts, model responses | US |
| Cloudflare | CDN, security, DNS, R2 object storage | IP addresses, request logs, artifacts, backups | Global |
| Vercel | Frontend hosting | IP addresses, analytics | US/EU |
| Resend | Transactional email | Email addresses, message content | US |
| Sentry | Error monitoring | Error logs, stack traces, IP addresses | US |
| Upstash | Redis caching (serverless) | Session data, cache entries | Global |
| Mailchimp | Newsletter & marketing emails | Email addresses, subscriber status | US |
| Mixpanel | Product analytics | User interactions, event properties | US |
| Sanity | CMS for blog & content | Blog posts, author information | US |
| Google Analytics | Website analytics | Page views, session data | US |
| Atlas | Agent execution tracing & observability (optional) | Execution traces, agent prompts, function calls | US |
Your rights
GDPR rights (EU users)
- Right to access your personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
CCPA rights (California users)
- Right to know what personal information is collected
- Right to know if personal information is sold or shared
- Right to opt-out of the sale of personal information
- Right to delete personal information
- Right to non-discrimination for exercising CCPA rights
Security measures
Encryption
- Data in transit: TLS 1.3
- Data at rest: AES-256
- Database encryption: Transparent encryption
Access controls
- Role-based access control (RBAC)
- Multi-factor authentication (MFA)
- Regular access reviews
- Principle of least privilege
Zero-knowledge vault
Secrets you store in the FunctionFly™ Vault are encrypted client-side. We process ciphertext and metadata needed to operate the feature; we do not receive your vault passphrase and cannot decrypt your secrets by design.
Contact us
Privacy inquiries
Legal entity: FunctionFly™ LLC (d/b/a FunctionFly™), Wyoming (operations: Fort Worth, Texas, United States)
Email: privacy@functionfly.com
We typically respond within 2 business days.