Privacy Notice

Last updated: June 3, 2026.

This privacy notice explains how ChaosProxy handles information for early customers, design partners, and self-serve teams using the launch service.

Information We Process

• Account information such as name, email, organization, role, and authentication identifiers.
• Project configuration such as verified domains, chaos profiles, API key metadata, webhook URLs, and retention settings.
• Run evidence such as screenshots, DOM snapshots, network logs, console logs, tool-call records, failure reasons, scores, and trace artifacts.
• Billing metadata from Stripe, including customer and subscription identifiers. ChaosProxy does not store card numbers.

How We Use Information

We use information to authenticate users, create workspaces, queue and execute chaos runs, generate replay evidence, enforce plan limits, deliver project webhooks, provide support, and improve reliability testing for browser agents.

Infrastructure and Vendors

ChaosProxy is designed to run on Google Cloud infrastructure, including Cloud Run, Cloud SQL, Cloud Storage, Pub/Sub, Secret Manager, Artifact Registry, and Firebase Authentication or Google Identity Platform. Stripe handles payment processing.

Retention

Trace retention follows the active plan: Free for 7 days, Developer for 14 days, Startup for 45 days, and Enterprise by agreement. Cloud Storage has a 90 day lifecycle deletion backstop in the launch Terraform configuration.

Customer Responsibilities

Customers should start with staging or demo domains, use test accounts, and avoid sending unnecessary personal data, payment data, production credentials, secrets, or regulated data through browser-agent test flows.

Contact

For privacy or security questions, use Contact.

We update this notice as the service, infrastructure, and customer onboarding flows evolve.