rDev

Privacy Notice

Last updated: 2026-05-16

This Notice covers personal data the rDev Dashboard (“rDev”) collects and how it’s stored. rDev is a private deployment — only the administrator has direct access to the underlying database and logs.

What we collect

  • Account data: username, email, password hash (argon2id), role, plan, 2FA enrolment + recovery-code hashes.
  • Sessions and messages: the prompts you send, Claude’s responses, tool calls, attached files, and per-session usage stats (tokens, cost).
  • Integrations: OAuth tokens for GitHub / Railway, sealed with column-level encryption. Tailscale credentials for the optional /pc page.
  • Audit log: login attempts, plan changes, permission decisions, admin actions. Metadata is sealed with column-level encryption.
  • Operational data: rate-limit buckets, csrf tokens, session cookies (httpOnly, secure).

What we don’t collect

  • No third-party analytics or trackers. The marketing-light /pricing page is server-rendered with no JavaScript beacons.
  • No advertising identifiers. We don’t fingerprint, share, or sell your activity.

How it’s protected

  • In transit: all connections use TLS. The dashboard sits behind a reverse proxy that terminates HTTPS.
  • At rest: sensitive columns (tool-call inputs / outputs, integration tokens, audit metadata) are sealed with a server-held column-cipher key. Database backups inherit the same cipher.
  • Passwords: argon2id-hashed with high memory cost. Reset tokens are hashed the same way; the plaintext token is only available in the reset email link, never recoverable from the DB.

Who can see it

The deployment’s administrator has full access to the database (it’s their server). They can read your sessions + messages in plaintext if they want to. They can also reset passwords, disable accounts, and approve plan changes. Choose a deployment whose operator you trust.

Other users can never read your sessions, projects, integrations, or settings — multi-user isolation is enforced at the API layer via per-row ownership checks.

Third-party processors

  • Anthropic processes your prompts to generate Claude’s responses and may retain them per their Privacy Policy. We don’t opt your traffic into model training.
  • Resend delivers transactional emails (welcome, password reset, cap warnings). Their Privacy Policy governs what they do with the recipient address + subject.
  • GitHub / Railway are integrations you explicitly connect from Settings. Tokens are stored encrypted and can be revoked from the same panel.

Retention

Active accounts retain data indefinitely. When the administrator disables an account the rows stay for audit but the account can no longer authenticate. Password reset tokens are purged after 7 days. Audit events are kept for the lifetime of the deployment.

Your data, your control

  • Access / export: ask the administrator. They can produce a JSON dump of your account data on request.
  • Correction: update your email + UI preferences from /settings → Account.
  • Deletion: ask the administrator to delete your account. Pre-deletion they can export your data for you.

Changes

Material changes update the “Last updated” date and prompt re-acceptance at next sign-in.