unfck.io← Back to home
Legal

Privacy Policy

Last updated: April 5, 2026

unfck.io (“we”, “us”, “our”) operates the website and service at unfck.io. This Privacy Policy explains how we collect, use, and protect information about you when you use our service. By using unfck.io, you agree to the terms of this policy.

What we collect

We collect information you provide directly when you create an account, run an audit, or contact us:

  • Account information: your name, email address, and password (hashed).
  • Audit data: information about the tools in your stack, their costs, and your usage patterns. This data is used solely to generate your audit and roadmap.
  • Usage data: pages visited, features used, and session duration — collected via standard server logs and analytics.
  • Payment data: billing is handled by Stripe. We do not store full card numbers. We receive only the last four digits and expiry date for display purposes.

How we use your data

We use your information to:

  • Provide and improve the unfck.io service
  • Generate your stack audit and AI roadmap
  • Send transactional emails (account creation, password reset, billing receipts)
  • Send product updates and tips — you can unsubscribe at any time
  • Respond to support requests

We do not use your stack data to train AI models. We do not sell your data to third parties. We do not share your data with advertisers.

Data storage and security

Your data is stored on servers in the European Union. We use industry-standard encryption (TLS in transit, AES-256 at rest). Access to your data is restricted to personnel who need it to operate the service.

We use Supabase for database hosting and Clerk for authentication. Both services maintain their own security certifications and compliance programs.

Your rights (GDPR)

If you are located in the European Economic Area, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and all associated data
  • Object to processing of your data for marketing purposes
  • Request a machine-readable copy of your data (data portability)

To exercise any of these rights, email us at privacy@unfck.io. We respond within 30 days.

Cookies

We use strictly necessary cookies for authentication and session management. We use analytics cookies (privacy-preserving, no cross-site tracking) to understand how people use the product. We do not use advertising cookies.

Third-party services

We use the following third-party services that may process your data:

  • Clerk — authentication and user management
  • Supabase — database and storage
  • Stripe — payment processing
  • Vercel — hosting and infrastructure
  • Anthropic (Claude API) — AI analysis (your audit data is processed to generate your roadmap; Anthropic does not train on API data)

Data retention

We retain your data for as long as your account is active. If you delete your account, we permanently delete all associated data within 30 days. Billing records are retained for 7 years as required by Dutch law.

Changes to this policy

We may update this policy occasionally. We'll notify you by email and update the “last updated” date at the top. Continued use of the service after changes constitutes acceptance.

Contact

Questions about this policy? Email privacy@unfck.io or write to:
unfck.io
Amsterdam, Netherlands