Privacy Policy
Effective: May 28, 2026 · Last updated: May 28, 2026
1. Introduction
Rostra Labs, Inc. ("Rostra Labs," "we," "us," or "our") operates the Frontpage website-building service available at frontpage.host and its subdomains (the "Service"). This Privacy Policy explains what information we collect, why we collect it, how we use and share it, and the choices and rights you have. By using the Service you confirm that you have read and understood this Policy.
This Policy applies to information collected through the Service, including the canvas application at app.frontpage.host, your staging subdomain at <your-slug>.frontpage.host, and any published site hosted by us at a custom domain you connect. It does not cover third-party services we integrate with, which have their own privacy policies that you can find linked in Section 5.
2. Information we collect
We collect information in three ways: directly from you, automatically when you use the Service, and from the third-party services we integrate with on your behalf.
Account information you provide
- Email address used to sign in. We do not collect or store passwords because authentication is performed through magic links sent to your email.
- The slug you choose for your staging subdomain (for example, your-site.frontpage.host).
- The custom domain you connect to your site for publishing, and the corresponding DNS records you configure at your registrar.
- Billing details collected by Stripe when paid plans are offered. We never see your full card number. We receive a token, the last four digits, and the brand of the card so we can match invoices to charges.
Site content you create
- Pages, copy, images, configuration files, and other content the agent writes on your behalf. This content is stored as a Git repository under our GitHub organization, with each customer site on its own branch.
- Assets you upload (images, files) for use on your site. These are stored in our object storage and served from a content-delivery network.
- Design tokens, navigation configuration, and other site-level settings you (or the agent) modify.
Agent prompts and outputs
- The natural-language prompts you send to the agent (for example, "add a pricing section with three tiers"). These are sent to Anthropic for inference and stored in our audit log for billing, debugging, and abuse prevention.
- The agent's responses, the file changes it produced, and the token usage reported by Anthropic for each turn. We store this so we can accurately bill you for the inference cost we pass through and so we can investigate quality issues.
- Optional context you attach to a prompt (uploaded images, pasted snippets, or external URLs you ask the agent to reference).
Usage and technical data
- IP address, user agent, referrer, and timestamps for requests to our application and the staging deployments. Retained for operational, security, and abuse-prevention purposes.
- Server logs (response codes, error stacks, request paths) generated by our hosting provider and our application code.
- Diagnostic information when the application encounters an error, including the URL, the user identifier (if you are signed in), and the error trace.
Visitors of sites you publish
When you publish a site to a custom domain, we host that site on our infrastructure and our edge serves it to your visitors. We log standard request metadata (IP, user agent, path, timestamp) for security, performance, and capacity planning. We do not set tracking cookies on published sites, and we do not run any cross-site analytics on your behalf. If you embed third-party widgets or analytics scripts (for example, a Cal.com embed, a Tally form, or a ConvertKit form), those third parties may collect their own data subject to their own privacy policies.
3. How we use information
We use the information described above to:
- Operate the Service: authenticate you, render your site, run agent edits, deploy your changes, and serve your published pages.
- Process billing and tax: calculate amounts owed based on Anthropic token usage we pass through to you and hosting consumption against your plan; issue invoices; remit any applicable taxes.
- Maintain Service quality: investigate errors, monitor performance, debug agent behavior, and improve the product based on observed friction.
- Prevent abuse: detect and respond to violations of our Terms of Service, including content moderation, takedown of malicious sites, and protection against fraud or platform attack.
- Communicate with you about your account: send transactional email (magic-link sign-in, billing receipts, security alerts), respond to support requests, and notify you of material changes to the Service or our policies.
- Comply with legal obligations and respond to lawful requests from government authorities.
We do not sell your personal information. We do not share it with advertising networks. We do not use your data to train any of our own machine-learning models. Your agent prompts are processed by Anthropic under their commercial terms, which (as of this Policy's effective date) do not use commercial-API prompts for model training.
4. Legal basis for processing (EEA, UK, Switzerland)
If you are in the European Economic Area, the United Kingdom, or Switzerland, we process your personal data under one or more of the following bases:
- Performance of a contract. Processing is necessary to deliver the Service you signed up for (account, hosting, agent inference, billing).
- Legitimate interests. Processing is necessary for our legitimate operational interests (security, abuse prevention, debugging, fraud detection) where those interests are not overridden by your rights and freedoms.
- Compliance with legal obligations. Processing is necessary to comply with tax, accounting, or other applicable laws.
- Consent. Where we ask for explicit consent (for example, to send non-transactional marketing communications), we process on that basis and you can withdraw consent at any time.
5. How we share information
Service providers (subprocessors)
We use the following third-party processors to deliver the Service. Each is contractually obligated to handle your data only on our instructions and to maintain appropriate security measures.
| Processor | Purpose | Location |
|---|---|---|
| Anthropic | AI inference for the agent | United States |
| Vercel | Hosting, edge, build pipeline | United States (global edge) |
| GitHub | Source-code storage for sites | United States |
| Neon | Managed Postgres database | United States |
| Resend | Transactional email delivery | United States |
| Stripe | Payment processing (when paid plans are active) | United States |
| Inngest | Background job orchestration | United States |
We may add, remove, or replace subprocessors over time as the Service evolves. Material changes are reflected in this Policy. You may request the current list at any time by emailing privacy@frontpage.host.
Legal compliance
We may disclose information when required by law, regulation, court order, or government request, or when we believe in good faith that disclosure is necessary to comply with legal process, protect the safety of users or the public, prevent fraud or abuse, or enforce our Terms of Service. We will challenge requests that we believe are improper, and we will notify affected users where we are legally permitted to do so.
Business transfers
If Rostra Labs is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you (by email or a prominent notice in the Service) before your information becomes subject to a different privacy policy.
With your consent
We may share information in other ways at your direction or with your explicit consent (for example, if you authorize an integration that pushes your site to a third-party publishing destination).
6. AI processing
When you send a prompt to the agent, the content of that prompt, along with relevant context from your site (for example, the current page's source code and recent commit history), is transmitted to Anthropic for inference. Anthropic processes the request and returns a response, which we apply to your site as a commit.
We do not control Anthropic's data handling, but we use the commercial Claude API under terms that, as of this Policy's effective date, prohibit Anthropic from using commercial-API inputs and outputs to train their models. Anthropic's current data-handling terms are published at anthropic.com/legal/commercial-terms and their privacy policy at anthropic.com/legal/privacy.
Agent prompts and responses are also stored in our own audit log for the purposes described in Section 3. You should not include personal data of third parties, trade secrets, regulated data (PHI, financial-account credentials, etc.), or other sensitive content in your prompts unless you are comfortable with that content being processed by Anthropic and retained in our logs.
7. International data transfers
Rostra Labs is incorporated in the United States, and our subprocessors are primarily located in the United States. When personal data is transferred outside your country of residence, we rely on appropriate safeguards:
- For transfers from the EEA, UK, or Switzerland to the United States, we rely on the European Commission's Standard Contractual Clauses (or the UK International Data Transfer Addendum) as the legal basis for transfer. Equivalent safeguards are in place with our subprocessors.
- For transfers between any other jurisdictions, we implement the data-transfer mechanisms required by applicable law.
You can request a copy of our Standard Contractual Clauses, or details about the safeguards in place for a specific transfer, by emailing privacy@frontpage.host.
8. Data retention
We retain information for as long as needed to provide the Service and to meet our legal obligations. Specific retention periods by category:
| Category | Retention |
|---|---|
| Account record (email, slug, domain) | Until account deletion |
| Site content (Git repository, assets) | Until account deletion, plus a 30-day grace period for export |
| Agent prompts and outputs (audit log) | 90 days |
| Billing records and invoices | 13 months (regulatory minimum for accounting) |
| Server logs (IP, user agent, paths) | 30 days |
| Session tokens (authentication) | 30 days from last activity |
| Magic-link verification tokens | 1 hour from issuance (single-use) |
| Anonymized aggregate metrics | Indefinite (no longer identifies you) |
Anthropic retains your agent prompts and responses under their own retention schedule, independently of ours.
9. Data security
We implement technical and organizational measures designed to protect personal data against unauthorized access, disclosure, alteration, and destruction. These include:
- Encryption in transit (HTTPS / TLS 1.2 or higher for all communications between you and the Service, and between the Service and our subprocessors).
- Encryption at rest (database, object storage, and backups encrypted by the underlying provider).
- Strict access controls within Rostra Labs: only personnel with a documented operational need can access production data, and access is logged.
- Magic-link authentication only. No passwords are stored, eliminating password-reuse breach risk.
- Session tokens are HTTP-only, Secure, and SameSite=Lax scoped to the frontpage.host domain.
- Per-account site isolation. Customers cannot access another customer's data through the Service.
- Subprocessor selection criteria that include SOC 2, ISO 27001, or equivalent compliance posture.
No security measure is perfect. If we become aware of a breach that affects your personal data, we will notify you and applicable regulators in accordance with applicable law (within 72 hours for GDPR-covered breaches).
10. Your privacy rights
Rights available to all users
- Access and export. Your site content is stored in Git. On request, we will provide the full repository contents. Account metadata is exportable on request.
- Correction. Email privacy@frontpage.host with the correction you need and we will update our records.
- Deletion. Email privacy@frontpage.host. We will delete your account, site, and all associated personal data within 30 days, subject to any audit-log records we are required to retain for billing or legal reasons (no longer than 13 months).
EEA, UK, and Switzerland (GDPR)
If you are in the EEA, UK, or Switzerland, you have the following additional rights under the General Data Protection Regulation (or equivalent law):
- Right of access (Article 15): obtain confirmation that we are processing your data, plus a copy.
- Right to rectification (Article 16): correct inaccurate or incomplete data.
- Right to erasure (Article 17, "right to be forgotten").
- Right to restriction of processing (Article 18).
- Right to data portability (Article 20).
- Right to object (Article 21) to processing based on legitimate interests or direct marketing.
- Right to withdraw consent (Article 7) at any time, where processing is based on consent.
- Right to lodge a complaint with your supervisory authority. A list of EU supervisory authorities is available at edpb.europa.eu. UK residents can complain to the ICO at ico.org.uk.
California (CCPA / CPRA)
If you are a California resident, you have the following additional rights under the California Consumer Privacy Act as amended by the California Privacy Rights Act:
- Right to know what personal information we have collected about you, the sources, purposes, and any third parties we shared it with.
- Right to delete the personal information we hold about you, subject to legal exceptions.
- Right to correct inaccurate personal information.
- Right to limit our use of sensitive personal information.
- Right to opt out of the sale or sharing of personal information. We do not sell or share personal information as those terms are defined under the CCPA.
- Right to non-discrimination for exercising any of these rights.
To exercise California-specific rights, email privacy@frontpage.host. We will verify your identity before fulfilling the request, typically by confirming control of the account email.
11. Cookies and similar technologies
We set a single first-party session cookie (__Secure-authjs.session-token) scoped to .frontpage.host so that your authenticated session is recognized across the canvas application and your staging subdomain. It is HTTP-only, Secure, SameSite=Lax, and is removed when you sign out or when it expires (30 days from last use).
We also set a short-lived CSRF token cookie required by the authentication library for sign-in form submissions, and a temporary verification token cookie during the magic-link flow.
We do not set tracking cookies, advertising cookies, or analytics cookies. We do not load third-party scripts on the canvas application or on staging sites. We do not run a cookie banner because there are no non-strictly-necessary cookies to consent to.
Published sites you build with Frontpage do not have any cookies set by us. If you embed third-party widgets on your published site (for example, a Cal.com scheduler or a ConvertKit form), those widgets may set their own cookies subject to those providers' policies. You are responsible for any cookie-consent disclosures required for content you publish.
12. Children's privacy
Frontpage is not directed to children. We do not knowingly collect personal information from anyone under 16 years of age. If you believe a child under 16 has provided us with personal information, please contact privacy@frontpage.host and we will delete it. Users in jurisdictions with a higher age of digital consent must meet the local requirement.
13. Third-party services and links
The Service may link to or embed third-party services (for example, the Stripe Customer Portal for billing, or embedded widgets you choose to include in your site). This Policy does not apply to those third parties. We encourage you to review their privacy policies before providing them with information.
14. Changes to this Policy
We may update this Policy from time to time. When we do, we will revise the "Last updated" date at the top of the page and, if the change is material, we will notify account holders by email or by a prominent notice in the Service before the change takes effect. Your continued use of the Service after the effective date constitutes acceptance of the updated Policy.
15. Contact us
For questions about this Policy or to exercise any of your rights, contact us at:
Email:
privacy@frontpage.host
Rostra Labs, Inc.
(Mailing address available on request.)
For general support, email support@frontpage.host.