Privacy Policy

Last Updated: January 1, 2026

1. Introduction

GoodGist Inc. ("GoodGist", "we", "our", or "us"), operating as Avery.dev ("Avery"), respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered software development platform and related services (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Service.

2. Information We Collect

2.1 Information You Provide

We collect information that you provide directly to us, including:

  • Account Information: Name, email address, username, password, and profile information
  • Payment Information: Credit card details, billing address, and payment history (processed securely through third-party payment processors)
  • Communications: Messages, feedback, and support requests you send to us
  • User Content: Code, applications, project files, prompts, and other content you upload or create through the Service

2.2 Information We Collect Automatically

When you access or use the Service, we automatically collect certain information, including:

  • Usage Information: Features used, pages viewed, time spent on pages, links clicked, and other actions taken within the Service
  • Device Information: IP address, browser type and version, operating system, device identifiers, and hardware information
  • Log Data: Server logs, error reports, API calls, and system activity
  • Cookies and Tracking Technologies: Information collected through cookies, web beacons, and similar technologies (see Section 8 for details)
  • Location Information: General geographic location based on your IP address

2.3 Information from Third Parties

We may receive information about you from third-party services you connect to Avery, including:

  • Authentication Providers: If you sign in using Google, GitHub, or other OAuth providers
  • Code Repositories: Information from connected GitHub, GitLab, or Bitbucket accounts
  • Cloud Providers: Deployment and hosting information from connected AWS, GCP, or Azure accounts
  • Payment Processors: Transaction confirmation and payment status from Stripe or other payment providers

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process your transactions and manage your subscriptions
  • Analyze, debug, and enhance your code using AI technology
  • Generate code, suggest improvements, and identify security vulnerabilities
  • Deploy and host your applications on production infrastructure
  • Send you technical notices, updates, security alerts, and support messages
  • Respond to your comments, questions, and customer service requests
  • Monitor and analyze usage patterns and trends to improve user experience
  • Detect, prevent, and address technical issues, fraud, and security threats
  • Develop and improve our AI models and algorithms (in accordance with Section 4)
  • Comply with legal obligations and enforce our Terms of Service
  • Send you marketing communications (with your consent where required)

4. AI Training and Model Improvement

4.1 Use of Data for AI Training

We may use aggregated, anonymized usage data and public code to train and improve our AI models. This helps us enhance code generation quality, debugging accuracy, and overall Service performance.

4.2 Private Code Protection

Private repositories, proprietary code, and sensitive business logic are not used to train our AI models or shared with third parties. We implement strict access controls and encryption to protect your private code.

4.3 Opt-Out

Enterprise customers can opt out of having their usage patterns included in model training by contacting us at legal@avery.dev.

5. How We Share Your Information

We may share your information in the following circumstances:

5.1 Service Providers

We share information with third-party vendors who perform services on our behalf, including hosting, payment processing, analytics, customer support, and email delivery. These providers are contractually obligated to protect your information and use it only for the purposes we specify.

5.2 Cloud Infrastructure Partners

Your deployed applications are hosted on cloud infrastructure providers (e.g., AWS, Google Cloud, Microsoft Azure). These providers have their own privacy policies and security measures.

5.3 Business Transfers

If GoodGist Inc. is involved in a merger, acquisition, asset sale, or bankruptcy, your information may be transferred as part of that transaction. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

5.4 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of GoodGist Inc., our users, or the public.

5.5 With Your Consent

We may share information with third parties when you give us explicit consent to do so.

5.6 Aggregated Data

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you.

6. Data Security

We implement industry-standard security measures to protect your information from unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit using TLS/SSL protocols
  • Encryption of sensitive data at rest
  • Regular security audits and penetration testing
  • Access controls and authentication mechanisms
  • Employee training on data protection and privacy
  • Incident response procedures

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. When you delete your account, we will delete or anonymize your personal information within 90 days, except where we are required to retain it for legal, regulatory, or security purposes. Backup copies may persist for up to an additional 90 days.

You may request deletion of your data at any time by contacting us at legal@avery.dev. Note that we may retain certain information as required by law or for legitimate business purposes.

8. Cookies and Tracking Technologies

8.1 What Are Cookies

Cookies are small text files stored on your device that help us improve your experience on the Service. We use both session cookies (which expire when you close your browser) and persistent cookies (which remain until deleted).

8.2 Types of Cookies We Use

  • Essential Cookies: Necessary for the Service to function properly
  • Analytics Cookies: Help us understand how users interact with the Service
  • Preference Cookies: Remember your settings and preferences
  • Marketing Cookies: Track your activity to deliver targeted advertisements (with your consent)

8.3 Managing Cookies

Most web browsers allow you to control cookies through their settings. However, disabling cookies may affect your ability to use certain features of the Service.

9. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (subject to legal exceptions)
  • Portability: Request a copy of your data in a structured, machine-readable format
  • Restriction: Request restriction of processing in certain circumstances
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent for processing where consent is the legal basis
  • Opt-Out of Marketing: Unsubscribe from marketing communications at any time

To exercise these rights, please contact us at legal@avery.dev. We will respond to your request within 30 days. You may also have the right to lodge a complaint with a data protection authority in your jurisdiction.

10. European Users (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

10.1 Legal Basis for Processing

We process your personal information based on the following legal grounds:

  • Contract Performance: To provide the Service and fulfill our obligations under our Terms of Service
  • Legitimate Interests: To improve our Service, prevent fraud, and ensure security
  • Consent: For marketing communications and certain optional features
  • Legal Obligations: To comply with applicable laws and regulations

10.2 International Data Transfers

Your information may be transferred to and processed in the United States and other countries where we or our service providers operate. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.

10.3 Data Protection Officer

You can contact our Data Protection Officer at legal@avery.dev for questions about our privacy practices or to exercise your GDPR rights.

11. California Users (CCPA/CPRA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: You can request information about the personal information we collect, use, and disclose
  • Right to Delete: You can request deletion of your personal information
  • Right to Opt-Out: You can opt out of the sale or sharing of your personal information
  • Right to Correct: You can request correction of inaccurate personal information
  • Right to Limit Use: You can limit the use of sensitive personal information
  • Non-Discrimination: We will not discriminate against you for exercising your privacy rights

Note: We do not sell your personal information to third parties. We may share certain information with service providers as described in Section 5.

To exercise your CCPA/CPRA rights, please contact us at legal@avery.dev or call us toll-free at 1-800-XXX-XXXX. You may also authorize an agent to submit a request on your behalf.

12. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at legal@avery.dev. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information.

13. Third-Party Websites and Services

The Service may contain links to third-party websites, applications, and services that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access through the Service.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated Privacy Policy on our website and updating the "Last Updated" date. For significant changes, we may also send you an email notification.

Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of the updated Privacy Policy.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

GoodGist Inc.

Attn: Privacy Team

1825 S. Grant St, Ste 200

San Mateo, CA 94402

United States

Email: legal@avery.dev

AveryPowered by Avery