Privacy Policy
Last updated: May 28, 2026
Who we are
Better Design is a service that helps developers and AI coding agents build production quality user interfaces faster, using a catalog of curated design systems, a library of UI principles and review rules, and a generation pipeline that produces a custom design system from a natural language prompt.
This policy covers the Better Design web app at better-design.com and the Better Design MCP server (Model Context Protocol) that AI coding tools connect to. If we add other surfaces later this page will say so.
What we collect
Three categories of personal data, each tied to a clear purpose:
Account data
When you sign up we collect your email address and display name. If you sign in with Google or GitHub we also receive a verified email and a stable provider id from that authorization server. We do not store your password from any provider, only an opaque identifier.
Product data
When you create a project, we store the prompt you write, the design system you select or generate, the components produced for that project, and any follow up messages you send. This is the data the agent needs to keep your project coherent across turns. Anonymous trial projects use an IP derived placeholder user id instead of an account, and they are kept for the duration of the trial only.
Technical and analytics data
We log standard technical fields needed to operate the service: IP address, user agent, request timestamps, error stack traces. We also collect product analytics events (which screen you viewed, which feature you used) that help us decide what to build next. These events are tied to your account id when you are signed in, and to an anonymous id otherwise. We do not collect device sensor data, contacts, microphone, camera, or location beyond country level.
Why we use it
- Operate the service. Authenticate you, generate the design systems you ask for, persist your projects, deliver the components and the install commands the agent returns.
- Bill and meter usage. Track per user credit balances so we can enforce the free quota and the Pro quota fairly across both the web app and MCP clients.
- Keep the service safe. Rate limit abusive traffic, detect fraud, investigate incidents.
- Improve the product. Analyse aggregate usage to decide which features to invest in and where the onboarding drops people.
- Communicate with you. Reply when you write to support, send important account or service notifications.
We do not sell your data, we do not run third party ad networks on the site, and we do not train any AI model on the prompts or generated systems of any individual user. If we ever change any of those positions we will tell you in advance, not after.
Who processes it on our behalf
We use the following third party processors to operate the service. Each one is bound by a data processing agreement, and each one receives only the minimum data they need to do their job:
| Processor | Purpose | Data |
|---|---|---|
| Neon | Primary Postgres database | Account data, product data |
| Upstash | Session and rate limit cache (Redis) | Session tokens, counters |
| Cloudflare Workers | API server (MCP, OAuth, REST) | Request metadata, IP, headers |
| Vercel | Web app hosting and CDN | Request metadata, IP, headers |
| Inngest | Background job queue | Project ids, job metadata |
| PostHog | Product analytics, session replay (opt out available) | Event names, anonymous or account id, page paths |
| Sentry | Error tracking | Stack traces, request metadata, user id |
| Google, GitHub (OAuth) | Optional social sign in | Verified email, provider user id |
Each processor is located in a region appropriate to its service (US or EU). Cross border transfers rely on standard contractual clauses or equivalent safeguards.
How long we keep it
- Account data is kept while your account is active. When you delete your account, we delete it within 30 days, except where retention is required by law (for example, invoicing records).
- Project data is kept while the project exists. You can delete a project at any time, which removes the prompts, messages, generated systems, and component artefacts within 30 days.
- Anonymous trial projects are kept for 30 days after creation, then purged.
- Analytics events are retained for 12 months in aggregate form.
- Error and request logs are retained for 30 days for incident investigation.
Your rights
Whatever law applies to you, we extend the same controls to everyone:
- Access. Ask for a copy of the personal data we hold about you.
- Correction. Update your account name or email from settings, or by writing to us.
- Deletion. Delete your account or individual projects at any time.
- Export. Ask for a machine readable export of your projects.
- Object or withdraw consent. Opt out of analytics or service emails.
To exercise any of these, write to [email protected]. We answer within 30 days, usually much sooner.
MCP clients and AI agents
When you connect Better Design as an MCP server to an AI coding tool (Cursor, Claude Code, ChatGPT Apps, Claude.ai, and so on), the AI client sends the prompt you wrote to our server so the tool can fulfil it. Three things to know:
- We meter the call against your Better Design account when you authenticate (OAuth or API key). Unauthenticated calls fall back to a generous anonymous trial quota tied to the request IP.
- We do not forward your prompt to any third party other than the processors listed above (which are all infrastructure, not AI model providers, with the exception of our own generation pipeline).
- We do not retain the conversation context the AI client holds about you, only the prompts you explicitly submit through the
create-design-systemtool. Read only tools (resolve, get, search) leave no per user trace beyond the analytics event.
Security
Transport is HTTPS everywhere. Passwords are hashed with the better-auth defaults. API keys are stored as SHA-256 hashes, not in plaintext, and you can revoke any key from your account settings. Access tokens issued by our OAuth server have a one hour lifetime, with rotating refresh tokens. We log administrative access and review it. Despite all of this, no system is unbreakable, so we will tell you if we believe your personal data has been compromised.
Children
Better Design is not directed at children under 13 (or 16 where local law sets a higher bar). If you believe a child has created an account, write to us and we will delete it.
Changes to this policy
When we change this policy in a way that materially affects your rights, we will notify you by email or in app at least 14 days before the change takes effect. Minor edits (fixing a typo, adding a processor of the same category) are reflected by updating the date at the top of this page.
Contact
For any privacy question, including data subject requests, write to [email protected]. If you are in the EU and would prefer to escalate, you have the right to complain to your local supervisory authority.