Last updated 2026-05-19

Privacy Policy

Prello is operated by Vallgaard. This explains what we collect and how we use it.

What we collect

• Account data — email and auth identity (via Supabase); passwords never stored in plaintext.
• Usage & cost telemetry — runs, token/credit usage, model used, errors — for billing and reliability.
• Project content — prompts, generated code/designs, project metadata — to provide the Service.
• BYOK keys — encrypted at rest (AES-256-GCM), never logged, used only to route to your chosen provider.

We do not sell your personal data.

Sub-processors

Supabase (auth, database, storage), OpenRouter (LLM routing for credit usage), Stripe (payments). BYOK requests go to the provider you configured.

Retention

Retained while your account is active and as needed to provide the Service, comply with law, and resolve disputes. You may request deletion.

Your choices

Export your generated code anytime (you own it), update account details, remove BYOK keys, request account deletion. Some records may be retained where required by law.

Security

Encryption in transit and at rest for secrets, scoped access, least privilege. No system is perfectly secure; safeguard your own keys.

Changes

We may update this policy; material changes are surfaced in-product.

Contact

privacy@prello.dev

© 2026 Vallgaard — Prello. All rights reserved.