Wraps Logo

Privacy Policy

Last Updated: January 8, 2026

At Wraps, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our CLI tool, SDK, and services.

Wraps is a product of FlatironKids LLC, a company registered in the State of Colorado, United States.

1. Information We Collect

1.1 Anonymous Telemetry Data (CLI)

When you use the Wraps CLI, we collect anonymous usage data to improve the product. This telemetry is opt-out and can be disabled at any time.

We DO collect:

  • Command names executed (e.g., "init", "deploy", "status")
  • Command success/failure status
  • Command execution duration
  • CLI version number
  • Operating system type (macOS, Linux, Windows)
  • Node.js version
  • Service types used (email, SMS, etc.)
  • Configuration preset selections (starter, production, etc.)
  • Error codes (not error messages)
  • Anonymous UUID (generated locally, not linked to your identity)

We DO NOT collect:

  • AWS account IDs or credentials
  • IAM role ARNs
  • Domain names or email addresses
  • IP addresses
  • File paths or directory structures
  • Email content or templates
  • Environment variables
  • Error messages (only error codes)
  • Command arguments or flag values
  • Any personally identifiable information (PII)

1.2 Dashboard & Website Analytics

When you use the Wraps Dashboard or visit our website, we use PostHog to collect analytics data. This helps us understand how our product is used and improve your experience.

We collect:

  • Email address (for authentication and user identification)
  • Organization name
  • AWS account connections (account IDs are hashed)
  • Pages visited and navigation patterns
  • Feature usage and interactions
  • Browser type, version, and screen size
  • Referral source (how you found us)
  • Country/region (derived from IP, IP is not stored)

Events we track include:

  • Sign-in and sign-up events (authentication method used)
  • Organization creation and team invitations
  • Email template creation and broadcast scheduling
  • Subscription upgrades and plan changes
  • AWS account connections
  • Feature adoption and usage patterns

We DO NOT collect:

  • Email content or template body text
  • Recipient email addresses
  • AWS credentials or secret keys
  • Session recordings or screen captures
  • Keystrokes or form field contents (except authentication)

1.3 Infrastructure Metadata

Your infrastructure runs entirely in your AWS account. We do not have access to:

  • Your AWS resources or data
  • Emails sent through your SES
  • Event data stored in your DynamoDB
  • Any customer data

All email sending, event tracking, and data storage occurs in your AWS account. We never see or store your data.

2. How We Use Your Information

2.1 Telemetry Data

We use anonymous telemetry to:

  • Understand which commands and features are most used
  • Identify and fix bugs and errors
  • Improve CLI performance and user experience
  • Prioritize feature development
  • Monitor service health and reliability

2.2 Account Information

We use account information to:

  • Provide and maintain our services
  • Authenticate users
  • Send important service updates
  • Provide customer support
  • Process payments (if applicable)

3. How We Share Your Information

3.1 Third-Party Services

We use the following third-party services:

  • PostHog (Privacy Policy) - Product analytics across CLI, web dashboard, and marketing website. PostHog is an open-source analytics platform. We use PostHog Cloud hosted in the US. Data collected includes usage patterns, feature interactions, and anonymous telemetry. PostHog processes this data on our behalf and does not use it for their own purposes.
  • Vercel (Privacy Policy) - Website and API hosting
  • AWS (Privacy Policy) - Infrastructure deployment (in your account)
  • Stripe (Privacy Policy) - Payment processing

These services have their own privacy policies and we ensure they meet appropriate privacy and security standards.

3.2 We DO NOT:

  • Sell your data to third parties
  • Share your data for advertising purposes
  • Use your data for purposes unrelated to Wraps

4. Data Retention

  • Telemetry events: Stored for 90 days, then automatically deleted
  • Aggregate statistics: Retained indefinitely (no PII)
  • Account data: Retained while your account is active
  • Server logs: Retained for 7 days

5. Your Rights and Choices

5.1 Opt-Out of Telemetry

You can disable telemetry at any time:

# Disable via CLI command
wraps telemetry disable

# Or set environment variable
export WRAPS_TELEMETRY_DISABLED=1

# Or use universal standard
export DO_NOT_TRACK=1

Telemetry is also automatically disabled in CI/CD environments. See our telemetry documentation for more details.

5.2 Opt-Out of Web Analytics

For the web dashboard and website, you can opt out of PostHog analytics:

  • Browser setting: Enable "Do Not Track" in your browser settings
  • Ad blockers: Most ad blockers will block PostHog tracking
  • PostHog opt-out: Visit PostHog's privacy page to opt out globally

Note: Opting out of analytics does not affect your ability to use Wraps. Core functionality works without analytics enabled.

5.3 Access Your Data

You have the right to request a copy of your personal data. Contact us at privacy@wraps.dev.

5.4 Delete Your Data

You can request deletion of your data at any time by contacting privacy@wraps.dev. Note that:

  • Telemetry data is anonymous and cannot be linked back to you
  • Infrastructure in your AWS account is yours and unaffected by account deletion
  • We may retain certain data for legal or security purposes

6. Children's Privacy

Wraps is not intended for users under the age of 13. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

7. Security

We implement industry-standard security measures:

  • HTTPS encryption: All data transmission is encrypted
  • No stored credentials: We never store your AWS credentials
  • Anonymization: Telemetry data is anonymous by design
  • Access controls: Limited employee access to data
  • Regular audits: Security reviews and updates

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

8. International Data Transfers

Your data may be processed in the United States or other countries where our service providers operate.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on this page
  • Updating the "Last Updated" date
  • Sending an email notification (if you have an account with us)

Continued use of Wraps after changes constitutes acceptance.

10. Open Source

Wraps is open source software. The telemetry implementation is fully transparent and can be reviewed in our GitHub repository. You can verify:

  • What data is collected
  • How it's anonymized
  • Where it's sent
  • How opt-out mechanisms work

11. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us:

This Privacy Policy is part of our commitment to transparency and user privacy. For more information about our telemetry implementation, see our telemetry documentation.