AcePaste Cleaner Pro

Privacy Policy

Last updated: May 2026 · ThinkWell Labs LLC

The short version

Text you paste into the cleaner never leaves your browser. All cleaning runs locally on your device. We do not transmit, store, log, or have access to the content you paste. We do not use tracking cookies, analytics, advertising, fingerprinting, or session-replay tools.

1. What we don't collect

The text you paste into the tool — at any time, in any form, anywhere. The cleaner runs entirely client-side. The text never crosses the network.

2. What we do collect (only if you create a Pro account)

To run the optional Pro account system we collect the minimum necessary:

• Email address — used to identify your account and deliver receipts.
• Hashed password — stored as a one-way bcrypt hash by Supabase Auth. We cannot read it.
• Subscription status — which plan you're on and whether it's active. Stored against your user ID.
• Stripe customer + subscription IDs — opaque identifiers Stripe gives us so the webhook can update your plan.

We do not collect: name, address, phone, IP, device fingerprint, location, browsing history, or analytics. Cookies are not used at all on the marketing pages; on the sign-in page, Cloudflare Turnstile may set a short-lived technical cookie strictly for bot detection (no personal information, no tracking).

3. Service providers we use

• Supabase (US-hosted) — manages account authentication and the subscriptions table. Receives: your email, hashed password, subscription state.
• Stripe (US-hosted) — processes payments. Receives: payment-card information you enter on Stripe's checkout page (we never see card data) and your email. Stripe sends us a webhook with your customer/subscription IDs and plan.
• Cloudflare Turnstile — invisible bot detection on the sign-in/sign-up forms. Does not track across sites; does not identify you.
• GitHub Pages and/or Cloudflare Pages — static hosting for the website itself. No analytics, no cookies set by the host.

We do not use Google Analytics, Facebook Pixel, Hotjar, Mixpanel, ad networks, or any other analytics or advertising provider.

4. Browser storage

The website itself sets nothing persistent. The optional sign-in flow uses sessionStorage (a per-tab in-memory store cleared on close) to remember your active session. The browser extension uses chrome.storage.local on your device only.

5. Your privacy rights

Depending on where you live, you have the right to:

• Access the personal data we hold about you (an email address and subscription state, in our case).
• Have it deleted.
• Object to or restrict our processing of it.
• Withdraw consent.
• Receive a portable copy.

EU/UK/Swiss residents (GDPR) and California residents (CCPA/CPRA) have additional rights described on our EU privacy page and California privacy page. To exercise any right, email support@acepaste.xyz; we'll respond within 30 days.

6. Children's privacy

The Service is not directed to children under 13 (under 16 in the EU). We do not knowingly collect personal information from children. If we learn we have collected such information, we will delete it.

7. International data transfers

Account data is stored with Supabase in the United States. Payment data is processed by Stripe in the United States. By creating an account, you consent to these transfers.

8. Data retention

Account data is kept for as long as your account exists. Email us to delete it. Webhook idempotency records and CSP violation reports auto-purge after 7 and 30 days respectively. Restore-purchase attempt logs auto-purge after 30 days.

9. Changes to this policy

If we add tracking, analytics, or new third-party processors, we will update this page and update the "Last updated" date.

10. Contact

ThinkWell Labs LLC
Privacy contact: support@acepaste.xyz
General contact: b@twl.today

11. Compliance

This Privacy Policy is designed to comply with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act / California Privacy Rights Act (CCPA/CPRA), and the Children's Online Privacy Protection Act (COPPA).