PRIVACYX

Terminal X is a tool. We collect the minimum data needed to run that tool: who you are (so you can log in), what you ask it to do (so it can do it), and what you paid (so we can bill you).

• We do not sell your data to anyone.
• We do not use your prompts or outputs to train any AI model.
• You can export everything we have on you, anytime, from Settings → Data & Privacy.
• You can delete your account permanently, anytime, same place.

"Terminal X", "we", "us", or "our" refers to the operator of terminalxapp.com. If you have questions about this policy, email support@terminalxapp.com.

Account data — your email, name, and avatar image as provided through your sign-in provider (Clerk handles authentication). If you sign in with Google, your basic Google profile.

Usage data — the commands (prompts) you type into Terminal X, the AI-generated outputs returned to you, the sessions you create, the AI Teams you configure, and the memories Terminal X extracts from your conversations (which you can disable or wipe in Settings).

Billing data — your subscription tier, credit balance, and payment status. Card details are processed and stored by Stripe — we never see your full card number.

Connection tokens — if you connect a third-party service via the Connections page (Vercel, GitHub, Stripe, Gmail, Shopify), we store the OAuth access token (and refresh token where applicable) so Terminal X can act on your behalf in that service. You can disconnect at any time, which deletes the token.

Technical data — IP address, browser type, timestamps of requests (standard server logs, retained ~30 days).

• To run the commands you send (we route them to AI providers, return the results, and store them so you can revisit your sessions).
• To bill your subscription accurately and deduct credits for each AI call.
• To extract and store conversational memories (only if you have memory enabled in Settings — you can turn it off).
• To improve Terminal X's routing and reliability — using aggregated, non-personal analytics (e.g. "image tasks succeed 97% of the time").
• To send transactional emails (billing confirmations, gift code deliveries, security notices). We do not send marketing email.

Terminal X is a multi-provider product. To run your commands, we send the necessary parts of your request to:

• AI providers — Anthropic (Claude), OpenAI (GPT), Google (Gemini), Perplexity, xAI (Grok), DeepSeek, Mistral, Black Forest Labs (Flux), ElevenLabs, Runway, Ideogram, Recraft, Stability AI, Cohere, Groq, Alibaba (Qwen), and others as you select them. Each provider receives only the prompt and conversation context needed to fulfill that specific task.
• Clerk — handles authentication. Stores your account credentials.
• Supabase — hosts our database. Stores everything described in Section 2.
• Stripe — processes payments and stores your billing details.
• Resend — sends transactional email (gift codes, receipts).
• Vercel — hosts the Terminal X frontend.
• Connected services — when you use a connector (e.g. Vercel for deploys), we send the relevant data to that service to perform the action.

We have contracts with each of these providers requiring them to handle your data per applicable law (GDPR, CCPA where relevant) and to not use it for their own purposes beyond providing the service to us. Provider-specific data handling is governed by each provider's own privacy policy.

We do not allow any provider to train their AI models on your data. All API calls are made through endpoints and account settings that opt out of training. If a provider's defaults change, we update our configuration to maintain this commitment.

Terminal X uses:

• Session cookies from Clerk to keep you logged in.
• LocalStorage for UI preferences (routing mode, last-active session, attached referral codes).
• No third-party tracking cookies. No Facebook Pixel, no Google Analytics tracking IDs.

You have the right to:

• Access — see what we have on you. Download a full JSON export anytime at Settings → Data & Privacy.
• Correct — update your email, name, custom instructions in Settings.
• Delete — wipe individual memories, entire sessions, or your full account in Settings → Data & Privacy. Account deletion is immediate and irreversible.
• Object — turn off memory extraction in Settings → Memory.
• Port — the JSON export is in a standard format you can import elsewhere.

For any other privacy request, email support@terminalxapp.com. We respond within 30 days.

We keep your account data as long as your account is active. When you delete your account, we delete all your data within 30 days, except where we are legally required to retain it (e.g. billing records for tax purposes, typically 7 years).

Server logs are auto-deleted after 30 days.

We use industry-standard practices to protect your data — TLS everywhere, encrypted-at-rest databases via Supabase, scoped API keys, OAuth tokens stored separately from primary user data. No system is perfectly secure, but we treat security as a serious and ongoing responsibility.

If you discover a vulnerability, email support@terminalxapp.com with the subject "Security". We appreciate responsible disclosure.

Terminal X is not directed at children under 13 (or 16 in the EU) and we do not knowingly collect their data. If you believe a child has signed up, email support@terminalxapp.com and we will delete the account.

Terminal X is operated from the United States. By using Terminal X you consent to your data being processed in the US and other countries where our providers operate. For EU residents, we provide GDPR-equivalent rights (Section 6).

We will update this policy as Terminal X evolves. Material changes will be announced in-app and via email. The "Last updated" date at the top reflects the most recent change.

Privacy questions or requests: support@terminalxapp.com.