Privacy Policy
Last updated: April 18, 2026
This policy describes how Ironpine Labs LLC ("we", "us") handles data when you use the Canopy binary and related services.
1. Your code stays local
Canopy runs entirely on your machine. Your source code, file paths, queries, tool call inputs/outputs, index contents, symbol tables, and codebase metadata are never transmitted to Ironpine Labs or any third party. All AST parsing, indexing, search, and MCP tool execution happen locally.
2. What we collect
2.1 License heartbeat
Canopy sends a periodic heartbeat to our license server to verify your subscription status. The heartbeat contains only what is needed to check the license: a hashed license identifier (SHA-256 — we never see your key), the Canopy version, and your platform (e.g., "linux-x86_64"). For Team tier licenses, the heartbeat also includes a team identifier and a hashed machine fingerprint so we can enforce seat limits. No raw machine identifiers are ever sent — only irreversible hashes.
No source code, file paths, search queries, or tool call data is ever included. The response
contains only the license status and a cache-until timestamp. You can inspect the exact
payload at any time with canopy config heartbeat show.
Air-Gapped tier binaries have no heartbeat code compiled in. No network calls of any kind occur.
2.2 Purchase and account data
When you purchase or start a trial, we store the following in Cloudflare D1:
- Email address (for license delivery and support)
- License tier and seat count (for feature gating)
- License key hash — SHA-256, not the plaintext key
- Subscription status (for revocation)
- Stripe customer and subscription IDs (for billing support)
2.3 Payment data
All payment processing is handled by Stripe. Card numbers, CVVs, and banking details are entered on Stripe's hosted checkout page. Ironpine Labs never receives or stores raw payment card data. Stripe holds PCI DSS Level 1 compliance.
3. What we do NOT collect
- Source code or file contents
- File paths or directory structure
- Search queries or tool call logs
- Usage analytics or feature telemetry
- IP addresses (beyond what Cloudflare logs transiently for DDoS protection)
- Location data
- Device identifiers (only irreversible hashes are used for seat binding)
4. Local data
Canopy stores configuration and index data locally in the ~/.canopy/ directory.
This includes your license information, cached heartbeat responses, user preferences,
usage statistics, and per-repository search indexes. None of these files are ever
transmitted to Ironpine Labs or any third party. If you contact support, we may ask
you to share canopy stats --json output — this is entirely opt-in.
Delete the ~/.canopy/ directory to remove all Canopy data from your machine.
5. Data retention and deletion
- License records are retained for the duration of the subscription plus 90 days for support and audit purposes.
- Heartbeat logs are retained for 90 days, then automatically purged.
- Local data (
~/.canopy/) is entirely under your control. Delete the directory to remove all Canopy data from your machine.
To request deletion of your account data from our systems, email [email protected] with the email address associated with your license. We will process deletion requests within 30 days.
6. Your rights
Depending on your jurisdiction, you may have the right to:
- Access — request a copy of the data we hold about you
- Correction — request correction of inaccurate data
- Deletion — request deletion of your data
- Portability — request your data in a machine-readable format
- Objection — object to processing of your data
For any of the above, email [email protected].
7. Third-party services
- Stripe — payment processing (privacy policy)
- Cloudflare — DNS, Pages hosting, Workers compute, D1 database (privacy policy)
- Resend — transactional email delivery (privacy policy)
No other third-party services receive your data.
8. Children
Canopy is a developer tool intended for professional use. We do not knowingly collect data from children under 13. If you believe a child has provided us with personal information, contact us and we will delete it.
9. Changes to this policy
We may update this policy from time to time. Material changes will be announced via the Canopy blog and noted in the changelog. The "last updated" date at the top of this page reflects the most recent revision.
10. Contact
For privacy questions or data requests:
[email protected]
Ironpine Labs LLC
Florida, United States