Draft pending legal review. This document is a good-faith summary of how Speedydebug works and is not yet final legal text.

Privacy Policy

Last updated June 23, 2026

This policy explains what Speedydebug — operated by Tetra Media LLC — collects, why, and who we share it with. Speedydebug captures bug reports from inside apps that developers build, so two kinds of data are involved: the developer’s own account data, and the end-user (“tester”) data that flows through a developer’s app.

Our roles

Your account data. For the developer’s own account (your Google profile, your keys), we are the controller.
Tester data. For data captured from a developer’s end users via the SDK, the developer is the controller and we are their processor, acting on their instructions. Developers are responsible for having a lawful basis and providing notice to their testers. A Data Processing Addendum is available on request.

What we collect

Developer account

Google account email and name (to create and identify your account).
API keys and MCP tokens, stored only as one-way hashes plus a short display prefix and last-used timestamp.
Billing details handled by Stripe (we store a Stripe customer/subscription id and plan status, never card numbers).

Bug reports (tester data, on the developer’s behalf)

Descriptions — free text typed by the tester; may contain whatever they write.
Screenshots / recordings — the captured screen, stored as image/video objects; can incidentally include anything on screen.
Context — app route and previous route (route parameters may echo ids), build, device model, OS, orientation, and session duration.
Tester label — an optional name/handle the developer or tester sets.
IP address — logged on submission for rate-limiting and abuse prevention.

How we use it

To operate the Service: authenticate you, store and display bug reports, deliver them to your coding agent over MCP, enforce rate limits and plan limits, process payments, and secure and improve the Service. We do not sell personal data or use tester content for advertising.

Who we share it with (sub-processors)

We use a small set of providers to run the Service:

Supabase — database and authentication.
Cloudflare R2 — screenshot/recording storage.
Google — developer sign-in (OAuth).
Vercel — application hosting (processes request IP/logs).
Stripe — subscription billing.

In addition, when you read a bug through MCP, its content is delivered to the AI coding tool you choose (for example Claude Code or Cursor). That tool is outside our control and is governed by your own agreement with that vendor.

Retention and deletion

We keep data for as long as your account and projects exist. Deleting a project, or deleting your account from Settings, removes the associated bug reports and their stored screenshots from our database and object storage. We are rolling out defined maximum-retention windows for IP logs and old reports; until then we retain operational data only as long as needed to run and secure the Service. [Final retention periods to be confirmed.]

Security

Data is encrypted in transit. Keys and tokens are stored as hashes. Access to stored data is scoped to the owning account. No system is perfectly secure, but we work to protect your data and your testers’.

Your choices

You can access your data in the dashboard, rotate or revoke keys and tokens, and delete projects or your whole account at any time. Testers who wish to exercise rights over their data should contact the developer whose app they used (the controller); we will assist that developer as their processor.

International transfers & children

Our providers may process data in regions outside your own; [storage regions and transfer mechanisms to be confirmed]. Speedydebug is a developer tool and is not directed to children; whether a developer’s app collects data from minors, and how, is the developer’s responsibility as controller.

Changes & contact

We may update this policy; material changes will be posted here with a new date. Questions: hello@yourwebsitefriend.com.