Trace logoTrace
Back to Privacy Overview

Privacy Policy

Last Updated: January 10, 2026

Introduction

This Privacy Policy applies to Trace, a desktop application and related services developed and operated by Foundry01 LLC ("Foundry01," "we," "our," or "us").

Trace enables users to capture workflows and create process documentation. The Services are available in two versions: (1) Paid Version (one-time purchase with local storage), and (2) Subscription Version (cloud-based with team collaboration features).

By using the Services, you agree to this Privacy Policy. If you do not agree, please do not use the Services.

If you do not want your information included as part of our Services, you may contact us at contact@foundry01.com. However, we may retain your information to process your request, comply with legal obligations, or prevent fraud.

How We Collect and Use Information

Information You Provide Directly

Account Information

When you create an account, you provide your email address and password. For team features (Subscription Version), you may also provide organization name and team member email addresses.

License Information (Paid Version)

You receive a license key after purchase and provide device information during activation.

Your Content

When you use the Services to capture workflows, we collect clicks, mouse positions, and the content that appears on your screen during the capturing period. Trace does not perform video recording. The capture period begins when you start it through the recording feature and ends when you turn it off. Data collection only happens during this active capture period, which you control.

Important Notes:

  • Paid Version: All content is stored locally on your device. License activation is required (one-time, binds to device, allows up to 3 device activations). Desktop app operates offline after activation with pings when connected to the internet to ensure device is still active.
  • Subscription Version: Content is stored in secure cloud storage. When you export a tutorial as HTML or Presentation and create a shareable link, that exported file becomes publicly accessible to anyone with the link (similar to YouTube or Google Docs sharing). This is optional—you can export without creating public links.

Information We Automatically Collect

Analytics Information

We may collect analytics data directly or use third-party analytics tools to measure traffic and usage trends. We collect and use this information in aggregate form that cannot reasonably identify any individual user.

Device and System Information

We automatically collect device and operating system information, application version, device identifiers (for license binding in Paid Version), error logs, and recent user actions for error context.

Authentication Information (Subscription Version)

We collect authentication session information and activity logs for security and audit purposes.

Cookies

Our website may use cookies to help you log in faster and enhance navigation. Persistent cookies remain on your device; session cookies are temporary. You can control cookie preferences through your browser settings, but some features may not function properly if cookies are disabled. The desktop application does not use advertising or tracking cookies.

Log Files

Our servers automatically record log file information including IP address, browser type, pages viewed, and how you interact with the Services.

Error Reporting

Both versions include automatic error reporting to help us identify and fix bugs. This error reporting cannot currently be disabled. We plan to add an opt-out mechanism in a future update.

  • Paid Version: Error reports are anonymous and include only an installation ID (random identifier, not linked to your identity), error details, system information, and recent action types for context. Reports are sent to our error monitoring service (Sentry) and our database.
  • Subscription Version: Error reports include your user ID and email to help us provide better support and contact you about critical issues.

Before sending error reports, we automatically remove passwords, API keys, tokens, cookies, and authorization headers.

How We Use Your Information

We use collected information to:

  • Provide, operate, and maintain the Services
  • Store and retrieve your projects, tutorials, and content
  • Enable screen recording and documentation export features
  • Validate licenses and manage device activations (Paid Version)
  • Authenticate users and manage accounts (Subscription Version)
  • Enable team collaboration features (Subscription Version)
  • Identify and fix software bugs and improve stability
  • Respond to support requests
  • Detect and prevent fraud and security incidents
  • Enforce our Terms of Service and comply with legal obligations

We do not use any data for developing, improving, or training artificial intelligence (AI) or machine learning (ML) algorithms. Specifically:

  • We do not train AI/ML models with your content
  • We do not transfer your data to third-party AI tools
  • We do not share your content with third parties for AI training
  • We only process data as necessary to provide the core functionality of our application

Data Ownership

You retain complete ownership of all content you create using Trace. By using the Services, you grant us a limited license to store, process, and transmit your content solely to provide the Services. This license terminates when you delete your content or account.

Data Storage and Security

Paid Version: Content is stored locally on your device. License validation server stores email, license keys, and device activation records. Your content never leaves your device.

Subscription Version: Content is stored in secure cloud database and storage. Shareable exports (when you create share links) are stored in a public bucket accessible to anyone with the link. Links use cryptographically secure random identifiers. Primary region: United States.

Security: We use industry-standard security measures including encryption in transit and at rest, access controls, and security monitoring. However, we cannot ensure or warrant that information transmitted to or stored on the Services will not be accessed, disclosed, altered, or destroyed by breach of our physical, administrative, or technical safeguards.

You are responsible for:

  • Maintaining the security of your device
  • Using strong, unique passwords
  • Not sharing your credentials
  • Controlling access to your account

How We Share Your Information

We Do Not Sell Your Data. Foundry01 does not sell, rent, trade, or lease your personal information or content to third parties.

Service Providers

We share data with service providers only as necessary to provide the Services (cloud infrastructure, error monitoring, payment processing). These providers are contractually required to protect your data.

Third-Party Services We Use:

  • Supabase: Cloud database, authentication, and file storage
  • Sentry: Error monitoring and crash reporting
  • Stripe: Payment processing (we do not store payment card details)

Team Sharing (Subscription Version)

When you join an organization or share projects, your content may be shared with organization members according to permissions you set. Organization administrators can view member activity and manage permissions.

Public Sharing (Subscription Version)

When you create a shareable export link, the exported file is accessible to anyone with the link without authentication. You can delete links anytime to revoke access.

Legal Requirements

We may disclose information if required by law or to comply with legal obligations, enforce our Terms of Service, protect rights and safety, or detect and prevent fraud.

Business Transfers

In the event of a merger, acquisition, or sale of assets, user data may be transferred. We will notify you and provide an opportunity to delete your account before transfer.

Data Retention and Deletion

Active Use: Content is retained while you use the Services. Error logs are retained for 90 days.

Paid Version: License activation records are retained indefinitely for anti-piracy purposes. You may request account deletion at contact@foundry01.com

Subscription Version: Content is deleted within 30 days of account deletion request. Contact contact@foundry01.com to request account deletion.

We may retain certain data longer where required by legal obligations, regulatory requirements, or to prevent fraud.

Your Choices

Deleting Data: You may delete content through the application or request account deletion by contacting contact@foundry01.com

Communications: You can stop receiving promotional emails by clicking the "unsubscribe" link.

Children's Privacy

The Services are intended solely for users who are at least eighteen (18) years of age. We do not knowingly collect information from individuals under the age of 18. If you become aware that an individual under the age of 18 has provided us with personal information, please contact us immediately at contact@foundry01.com, and we will take steps to delete such information.

International Data Transfers

Subscription Version: Data is stored in the United States. If you access the Services from outside the United States, your data will be transferred to and processed in the United States. For users in the EEA, UK, or Switzerland, data transfers comply with applicable data protection laws.

Your Privacy Rights

GDPR Rights (EEA, UK, Switzerland Users)

You have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your personal data
  • Restriction: Request limitation of processing
  • Data portability: Receive your data in machine-readable format
  • Object: Object to processing based on legitimate interests
  • Withdraw consent: Withdraw consent at any time
  • Lodge a complaint: File a complaint with your supervisory authority

CCPA Rights (California Users)

You have the right to:

  • Know: Request disclosure of information collected
  • Delete: Request deletion of personal information
  • Opt-out of sale: We do not sell personal information
  • Non-discrimination: We will not discriminate for exercising rights

Exercising Your Rights

Email us at contact@foundry01.com to exercise any rights. Specify which right(s) you wish to exercise and provide information to verify your identity. We will respond within 30 days.

Legal Basis for Processing (GDPR)

We process personal data under the following legal bases:

  • Contractual necessity: To provide the Services you requested
  • Legitimate interests: Error reporting, security, service improvement
  • Consent: Where you have provided explicit consent
  • Legal obligations: To comply with applicable laws

Sensitive Data

Trace has not been designed or certified for compliance with HIPAA, PCI-DSS, FERPA, SOC 2, or ISO 27001. You should NOT use Trace to capture or store Protected Health Information, payment card information, Social Security numbers, or other highly sensitive personal data unless expressly agreed in writing.

Your Responsibilities

You are responsible for:

  • Lawful use: Ensuring you have legal authority to record captured content
  • Compliance: Complying with privacy, wiretapping, and recording consent laws
  • Consents: Obtaining necessary consents from individuals captured in recordings
  • Shareable links (Subscription Version): Understanding that share links make content publicly accessible; only sharing content you have the right to share

Warning: Laws vary by jurisdiction. Some require consent from all parties before recording. You are responsible for compliance.

Security Incidents

In the event of a data security incident that compromises personal data, we will investigate, take remediation measures, and notify affected users as required by law. Notification will be provided within 72 hours of becoming aware via email.

To report security vulnerabilities: Email contact@foundry01.com with subject "Security Issue - Trace"

Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, new features, legal requirements, or user feedback. We will update the "Last Updated" date at the top of this policy. For material changes, we will provide email. Continued use after changes constitutes acceptance.

Contact Information

For questions, concerns, or requests regarding this Privacy Policy:

Email: Contact@foundry01.com

Subject Line: "Privacy Inquiry - Trace"

Developer: Foundry01 LLC

Product: Trace

For GDPR-related inquiries:

Email: Contact@foundry01.com

Subject Line: "GDPR Request - Trace"

Response Time: We aim to respond within 5 business days for general questions and under 30 days for rights requests (GDPR/CCPA).

Governing Law

This Privacy Policy is governed by the laws of the State of Indiana, United States. For international users, this does not affect your statutory rights under applicable local data protection laws.

Effective Date: January 10, 2026

Trace logoTrace
HomePricingDownloadPrivacy Policy
© 2026 Foundry01 LLC