Privacy Policy

Introduction

LoopFlowHQ ("we", "our") is a project and ticket management service integrated with GitHub. This Privacy Policy describes what data we collect, how we use it, and where it is stored when you use our website and services (including ChatGPT Actions and MCP integrations).

What we collect

• GitHub account information — When you sign in with GitHub OAuth, we receive and store your GitHub user ID, username, avatar URL, and (when needed) repository access for projects you connect.
• API keys — If you create API keys in our app (e.g. for ChatGPT Actions or MCP), we store hashed representations of those keys to authenticate your requests. We do not store or transmit the raw secret after creation.
• Ticket and message content — Titles, descriptions, and chat messages you create in tickets are stored to provide the service and sync with integrations you use (e.g. ChatGPT, Cursor).

How we use your data

We use the data above solely to operate LoopFlowHQ: to authenticate you, manage your projects and tickets, and power integrations (ChatGPT Custom GPT Actions, MCP for Cursor/Claude, etc.). We do not use your data for advertising or marketing unrelated to the product.

Where your data is stored

Our application is hosted on Vercel. User and ticket data are stored in Supabase (PostgreSQL) in regions used by our Supabase project. Both providers process data in accordance with their respective privacy and data processing terms.

We do not sell your data

We do not sell, rent, or trade your personal data or ticket content to third parties.

Contact

If you have questions about this Privacy Policy or your data, you can reach us via Side Projects Lab.