doable.do

Privacy Policy

Last updated: April 6, 2026

1. What we collect

When you create a Doable account, we collect your email address and name. When you deploy, we store project metadata (name, runtime, deployment status) and usage metrics (bandwidth, build times). We do not access or store the contents of your source code beyond what is needed to build and deploy your project.

2. How we use your data

We use your data to:

  • Provide and operate the Doable service
  • Manage your account and billing
  • Enforce plan limits and usage quotas
  • Send transactional emails (deployment status, billing receipts)
  • Improve the service based on aggregate usage patterns

We do not sell your data to third parties. We do not use your data for advertising.

3. Data storage and security

Your data is stored on servers located in the United States and Europe. Environment variables are encrypted at rest using AES-256-GCM. API tokens are stored as SHA-256 hashes. All traffic to our services is encrypted via TLS.

4. Third-party services (subprocessors)

The full list of vendors we share data with is at doable.do/subprocessors, with what data each receives and a link to their DPA. Highlights:

  • Stripe for payment processing. Stripe handles your payment details directly. We never see your full card number.
  • Vultr for cloud infrastructure (Doable Cloud).
  • Resend for transactional email.
  • Firebase for sign-in and session tokens.
  • Sentry for error tracking.
  • Namecheap for domain registration (via affiliate link only — you transact directly with Namecheap, who is the registrar of record. Doable earns a referral commission at no extra cost to you).

We notify customers at least 14 days before adding a new subprocessor that touches personal data.

4a. Data retention

  • Account & project data: for the lifetime of your account, then 30 days soft-delete, then permanent purge.
  • Deployment build logs: 30 days.
  • Sentry error events: 30 days.
  • Traefik HTTP access logs: 7 days.
  • Postgres backups: 14 days on the production server, 30 days off-host.
  • WAL segments (point-in-time recovery): 7 days.
  • Audit log of administrator actions: 12 months.
  • Anonymous preview deploys (/try): 8 hours, then deleted automatically.
  • Email-delivery metadata (Resend): 7 days.

5. Bring Your Own Server

When you use the BYO server mode, the Doable agent runs on your infrastructure. The agent communicates outbound to our control plane to receive deployment tasks and report status. We do not have SSH or direct access to your server. The agent only manages containers and routing configuration that you have explicitly deployed through Doable.

6. Source code and artifacts

When you deploy, your source code is uploaded to our object storage, built into a container image, and then deleted from the build environment. Built artifacts are retained to enable redeployments and rollbacks. You can delete a project and all associated artifacts at any time.

6a. Doable Brain (memory addon)

If you attach a Doable Brain to a project, the following additional handling applies:

  • What we store. Indexed text from sources you attach (your GitHub repos, your deploy logs, your env-variable names — never values, your project metadata, any documents you upload), embedding vectors derived from that text, and durable memories you (or your AI agent) explicitly write.
  • Where it lives. A per-Brain pgvector schema inside the Doable Postgres. Each Brain is row-scoped to your account; we do not cross-pollinate data between Brains.
  • BYO API keys. If you supply an OpenAI or Anthropic key (BYOK), we encrypt it at rest with AES-256-GCM keyed on the platform KMS master and use it only to embed your content / generate answers on your behalf.
  • No model training. Brain content (embeddings, indexed text, memories) is not used to train models — neither ours nor any third party's. Embedding calls to OpenAI use the API tier, which is excluded from OpenAI training by default.
  • Audit log. Every read and write is logged with actor + timestamp. Retention: 90 days (Pro), 180 days (BYO), custom (Enterprise).
  • Cancellation. Canceling the Brain subscription puts it in read-only mode; data stays so you can search + export. Deleting the Brain (or the parent project) hard-deletes all chunks, memories, and audit rows within 14 days.
  • Export. You can export every chunk, memory, and audit row as JSON from the dashboard at any time.

7. Cookies

We use a session cookie to keep you logged into the dashboard. We do not use tracking cookies or third-party analytics cookies.

8. Your rights

If you’re in the EU, UK, EEA, Switzerland, California, or any other jurisdiction with comparable rules, you have the right to:

  • Access the personal data we hold about you. Self-serve at Profile → Export your data (returns a JSON file).
  • Rectify inaccurate data. Edit your profile or email privacy [at] doable.do.
  • Delete your account and all data. Self-serve at Profile → Delete account; 30-day recovery window.
  • Port your data. Same self-serve export above.
  • Object to processing, or restrict it. Email us.
  • Lodge a complaint with your local data protection authority.

For business-customer DPAs and counter-signed copies, see doable.do/dpa.

9. Changes

We may update this policy from time to time. We will notify you of material changes via email or a notice on the dashboard.

10. Contact

Questions about this policy? Email us at hello [at] doable.do.