wirekitty
Privacy Policy

Privacy Policy

Last updated: March 1, 2026

This policy explains how Wirekitty handles information across wirekitty.dev (marketing site/docs), app.wirekitty.dev (the editor), and mcp.wirekitty.dev (hosted MCP server).

1. Scope and Roles

This policy applies to Wirekitty-operated services at wirekitty.dev, app.wirekitty.dev, and mcp.wirekitty.dev. For those services, Wirekitty acts as a data controller for its own operations. Third-party MCP clients, AI platforms, browser vendors, and other services you use with Wirekitty act under their own privacy policies.

2. Information We Collect

We collect different data depending on which Wirekitty surface you use:

  • Website and docs (wirekitty.dev): contact form fields (name, email, message), cookie preferences, theme preference, and optional analytics events if you allow analytics.
  • Editor app (app.wirekitty.dev): local-first canvas data saved in your browser (IndexedDB database CanvasDatabase) plus local settings/preferences (for example theme accent color, onboarding completion, sidebar width, recently used elements/icons, and optional analytics preference).
  • Issue reports from the app: optional follow-up email, issue description fields, browser/user-agent, page URL, screenshot, and canvas identifiers included in the report payload.
  • Hosted MCP server (mcp.wirekitty.dev): MCP tool inputs, wireframe/session identifiers, webhook approval/rejection payloads, temporary wireframe JSON served for previews, and operational request data such as endpoint usage and IP-based anti-abuse signals.
  • Optional analytics/telemetry: PostHog events for website usage, app reliability, and hosted MCP operations. In the web app and website, this is subject to your analytics consent choices. On the hosted MCP server, analytics is server-side operational telemetry.

3. How We Use Information

We use data to:

  • Provide the editor, website, docs, and hosted MCP workflow.
  • Create/share wireframe preview links and process approval callbacks.
  • Respond to contact requests and issue reports.
  • Maintain security, prevent abuse, and troubleshoot service problems.
  • Measure and improve product quality and reliability.

4. Legal Bases (GDPR/UK GDPR)

Where GDPR or UK GDPR applies, we rely on these legal bases:

  • Performance of a contract: delivering requested services (editor functionality, MCP wireframe generation/approval flow, and support responses).
  • Consent: optional analytics cookies/identifiers and related analytics tracking on wirekitty.dev and app.wirekitty.dev.
  • Legitimate interests: service security, anti-abuse, reliability, and product improvement.
  • Legal obligations: compliance with applicable laws and lawful requests.

5. Sharing and Processors

We do not sell personal information. We share information only where needed to run the service, including with:

  • Netlify for hosting and form processing.
  • PostHog for optional website/app analytics and MCP operational telemetry.
  • Third-party services you choose to use with Wirekitty (for example MCP clients, AI platforms, and callback endpoints) under their own terms and policies.
  • Authorities or counterparties where required by law or to protect rights/safety.

In hosted MCP runs, any schema payload included in analytics telemetry is stripped of readable text before leaving the server (string values are scrambled/redacted for tracking), while operational metadata is retained for reliability and abuse prevention.

6. Data Retention

Key retention windows and behavior:

  • Editor canvas data: stored in your browser IndexedDB until you delete it (or clear browser storage).
  • Hosted MCP sessions: in-memory session wait window defaults to about 10 minutes.
  • Hosted MCP wireframe JSON payloads: temporary storage with cleanup after about 1 hour.
  • Contact and issue forms: retained by hosting/form providers and Wirekitty only as needed for support, operations, and legal obligations.
  • Analytics/operational events: retained according to provider retention settings.

7. International Transfers

Information may be processed in countries other than your own, including by our providers. Where required, we rely on contractual and other legally recognized safeguards for cross-border transfers.

8. Your Privacy Rights

Depending on your jurisdiction, you may have rights to request access, correction, deletion, portability, or restriction/objection for certain processing.

For EEA/UK users, this includes rights under GDPR/UK GDPR and the right to lodge a complaint with your supervisory authority.

For certain U.S. state residents (for example California and other states with consumer privacy laws), this may include rights to know, access, delete, and correct personal information, and to opt out of sale/sharing for targeted advertising. Wirekitty does not sell personal information.

9. Cookies and Local Storage

Wirekitty uses local storage, IndexedDB, and optional analytics cookies/identifiers as described in our Cookie Policy . You can control these through the cookie banner, app settings, and browser tools.

10. Security

We use reasonable technical and organizational measures designed to protect data. No system is completely secure.

11. Children

Wirekitty is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

12. Changes to This Policy

We may update this policy. If we do, we will update the "Last updated" date.

13. Contact

For privacy questions or rights requests, use the contact form on wirekitty.dev.