This Privacy Policy explains how Tinkerkeep ("Tinkerkeep," "we," "us," or "our") collects, uses, shares, and protects information when you use our website, platform, and services (collectively, the "Service"). Tinkerkeep is a company incorporated in North Carolina, United States.
Tinkerkeep operates a marketplace where independent builders publish small, single-purpose AI tools that you can discover, activate, configure, and run. When you activate a tool, the platform may connect to third-party services on your behalf (for example, Google) so the tool can do its job. This policy covers the data the platform handles. It does not govern how third-party services you connect handle your data under their own privacy policies.
By using the Service, you agree to this Privacy Policy. If you do not agree, please do not use the Service.
Tinkerkeep is the data controller for the personal information described here. For privacy questions or to exercise your rights, contact us at info@tinkerkeep.com.
We collect only what we need to operate the Service.
Account information. When you sign up, our authentication provider collects your name and email address and creates an account for you. We use this to identify you, secure your account, and communicate with you.
Information from connected services (Google and others). When you activate a tool that connects to a third-party service such as Google, you grant that connection through the provider's standard consent flow (OAuth). Depending on which tools you activate and which permissions you approve, we may access data from services such as Gmail, Google Calendar, or Google Drive in order to run the tool you activated. We store the access credentials for each connection in encrypted form and use the connected data only to perform the function you requested. See "How we handle Google user data" below.
Tool configuration. Settings and inputs you provide to configure the tools you activate.
Usage and diagnostic data. Logs and metrics about how the Service runs — for example, when a tool executes, whether it succeeded, performance and error data, and resource usage. We use this to operate, secure, debug, and improve the Service.
Billing information. If you subscribe to a paid plan or buy credits, our payment processor collects and processes your payment details. We do not store full payment card numbers ourselves; we receive limited billing metadata (such as plan, status, and the last four digits of a card) from the processor.
Fraud-prevention signal. To prevent abuse of free trials and fraudulent activity, we collect a device signal (a "device fingerprint") when you sign up. We use this strictly for security and abuse prevention, not for advertising or marketing.
Onboarding and optional inputs. If you complete our optional onboarding questionnaire, we collect your responses to suggest relevant tools and to inform our product roadmap. Aggregated insights are anonymized by default.
Referral information. If you join through a referral link, we record the referral so we can attribute it correctly. A referral connects the referring and referred accounts for attribution purposes only.
We use the information we collect to:
Tinkerkeep's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Specifically:
You can review and revoke Tinkerkeep's access to your Google account at any time at Google Account permissions.
We do not sell your personal information. We share information only with the service providers ("sub-processors") that help us run the Service, and only as needed for them to perform their function. Our current sub-processors are:
| Sub-processor | Purpose | Data involved |
|---|---|---|
| Clerk | User authentication and account management | Name, email, account/session data |
| OAuth connections and APIs for tools you activate | Google account data you authorize | |
| Cloudflare | Hosting, storage, content delivery, and platform infrastructure | All Service data is processed on this infrastructure |
| Stripe | Payment processing and builder payouts | Billing and payment data |
| Postmark | Transactional email (e.g., account and billing notices) | Email address, message content |
We may also disclose information if required by law, to enforce our terms, to protect the rights, safety, and security of users or the public, or in connection with a corporate transaction such as a merger or acquisition.
As we add capabilities (such as additional AI inference providers), we will update this sub-processor list before those providers process your data.
We use strictly necessary cookies to keep you signed in and to keep the Service secure. We use the device-fingerprint signal described above for fraud prevention. We do not use third-party advertising or marketing trackers. Where required by law, we will obtain consent before using any non-essential cookies or tracking technologies.
We keep personal information for as long as your account is active or as needed to provide the Service, and afterward only as required to comply with our legal obligations, resolve disputes, and enforce our agreements. When you delete your account, we delete or anonymize your personal information within a reasonable period, except where retention is required by law (for example, transaction records for tax and accounting). Connection credentials are deleted when you remove a connection or delete your account.
We protect your information using industry-standard measures, including encryption in transit and encryption of stored connection credentials, access controls, and audit logging of administrative access. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.
Depending on where you live, you may have rights to access, correct, delete, or export your personal information, to object to or restrict certain processing, and to withdraw consent. To exercise any of these rights, contact us at info@tinkerkeep.com. We will respond as required by applicable law. You also have the right to lodge a complaint with your local data protection authority.
We are based in the United States and process data there. If you access the Service from outside the United States, your information will be transferred to and processed in the United States and other countries where we or our sub-processors operate, which may have different data protection laws than your country.
The Service is not directed to children under 13 (or the minimum age required in your jurisdiction), and we do not knowingly collect personal information from them. If you believe a child has provided us personal information, contact us at info@tinkerkeep.com and we will delete it.
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate, notify you. Your continued use of the Service after an update means you accept the revised policy.
If you have questions about this Privacy Policy or our data practices, contact us at:
Tinkerkeep
North Carolina, United States
info@tinkerkeep.com