Privacy Policy
Last updated: February 2026
What we collect
When you use ChartPane, our server logs minimal request metadata to help us understand usage patterns and improve the service:
- Chart type requested (e.g., bar, line, pie)
- Chart title
- Number of datasets and data points
- Timestamp of the request
If OAuth authentication is enabled: your Google profile information (email address and display name) is used to identify your session.
What we don't collect
- Chart data values are not stored. The actual numbers, labels, and datasets in your charts are processed in-memory to render the chart and are not persisted to any database.
- We do not use cookies for tracking or analytics.
- We do not use third-party analytics services.
Where data is stored
- Request logs are stored in Cloudflare D1 (a serverless SQL database running on Cloudflare's global network).
- OAuth tokens (when authentication is enabled) are stored in Cloudflare Workers KV and scoped to your session.
All data is processed and stored on Cloudflare's infrastructure. No data is transferred to other third-party services beyond what is described in this policy.
Third-party services
- Cloudflare — infrastructure provider (Workers, D1, KV, Pages). See Cloudflare's privacy policy.
- Google OAuth (optional) — used only when authentication is enabled. See Google's privacy policy.
Data retention
- Request logs are retained for usage analytics. They contain only metadata (chart type, title, dataset count), not your actual data.
- OAuth tokens are scoped to your session and expire when the session ends.
Chart rendering
Charts are rendered entirely client-side in your browser using Chart.js. Your chart data is sent from your AI assistant to ChartPane's server only for validation, then passed directly to the browser for rendering. The data values are not stored on the server.
Contact
If you have questions about this privacy policy or your data, contact us at support@chartpane.com.