Privacy Policy

Last updated: March 26, 2026

Overview

Agent Maker is a web application that helps developers generate AI instruction files (CLAUDE.md, AGENTS.md, GEMINI.md) for their projects. This policy explains what data we collect, how we store it, and what we do with it.

What We Collect

• Account information — your email address and password (hashed) when you register, or your OAuth profile when signing in with Google or GitHub.
• AI provider API keys — encrypted at rest with AES-256-GCM and stored server-side. Keys are only decrypted during active sessions to make API calls on your behalf. They are never sent to the client.
• Wizard saves — your saved wizard configurations (project name, tech stack, commands, etc.) are stored in our database so you can resume or revisit them.
• Session data — session metadata (timestamps, session identifiers) for authentication purposes.

What We Do Not Collect

• We do not store your source code.
• We do not read or log AI conversation content.
• We do not use analytics trackers, advertising pixels, or third-party tracking scripts.

How We Store Your Data

All data is stored in a Turso (libSQL) database. API keys are encrypted with AES-256-GCM before storage. Passwords are hashed via Better Auth. Sessions use HTTP-only cookies signed with a server-side secret.

Third-Party Services

When you use AI suggestions, your wizard context is sent to Anthropic using your own API key. We encourage you to review Anthropic's privacy policy for details on how they handle data.

Data Retention

Your data is retained while your account is active. If you delete your account, all stored data — including encrypted API keys, wizard saves, and session records — is permanently removed.

Your Rights

You may request a copy of your data or request account deletion at any time by contacting us. You can also delete your API key and wizard saves directly from the application.

Changes

If we update this policy, the changes will be reflected on this page with a new "Last updated" date.