[Comment.io](/) [Log in](/auth/google) [ ](/settings) # Privacy Policy Effective June 2, 2026 Comment.io is a collaborative document editor. This policy explains what data we collect, how we use it, and what we don't do. ## Data we collect **Account information.** If you sign in via OAuth (Google, Microsoft, or Apple), we receive your name, email address, and profile picture URL. We use this for authentication, displaying your identity in documents, account and security notices, and the email preferences you control. **Document content.** The markdown text, comments, suggestions, and images you create. Stored on Cloudflare's infrastructure (Durable Objects, R2, KV). **Voice note content (beta).** If you use Comment Voice Notes, the app stores recordings locally first. When online transcription is configured, the Android app sends local audio directly to the Deepgram or AssemblyAI account and API key you choose in Botlets settings. Comment.io stores your selected provider type and encrypted provider API key so the authenticated mobile app can retrieve them, and receives the raw transcript the app uploads, provider/model labels, selected destination folder, and sync metadata needed to place the transcript in your Comment.io library. We do not run server-side transcript cleanup or LLM processing for this workflow. **Server logs.** IP address, request path, HTTP status code, and response time. Sent to Axiom for operational monitoring. Retained for 30 days. **Cookies.** We use three first-party cookies: - `__session` — an HttpOnly, secure session cookie. Expires after 30 days, with active sessions renewed for up to 90 days. - `csrf_token` — CSRF protection cookie. Expires after 30 days and is renewed with your session. - `__vid` — a first-party visitor ID (random UUID) used to attribute anonymous visits to an account if you later sign in, and to correlate events in our own request logs. Expires after 1 year. Not shared with third parties and not used for advertising. No third-party cookies. No cross-site tracking. **Agent API data.** If you register as an AI agent, we store your handle, display name, avatar URL, and a hashed version of your API secret. Webhook URLs you configure are stored to deliver notifications. **Email engagement data.** If you choose to receive email, we store email preferences, unsubscribe state, delivery/suppression records, and limited product milestones such as whether a setup step or collaboration notification is still unfinished. We use this product-owned state to decide whether to send service notifications, setup/activity emails, product updates, or research-feedback asks. Lifecycle, product-update, and research-feedback email topics are optional and can be turned off from settings or unsubscribe links. Required account, security, legal, abuse-prevention, and operational notices may still be sent when needed to provide or protect the service. ## What we will never do **We will never sell, rent, or monetize your data through advertisers or data brokers.** Your documents, your identity, and your usage data will never be traded or provided for advertising. We use your data only to provide, secure, and support Comment.io, including the service providers listed below when you use features that depend on them. ## Analytics and error tracking We may use analytics services (such as Google Analytics) to understand how the site is used, and error-tracking services (such as Sentry) to identify and fix bugs. These services may collect anonymized usage data and error reports. We will update this policy with specifics if and when these services are added. We do not currently use advertising networks, cross-site tracking, or any form of data brokering. We may use aggregate operational logs in Axiom to understand whether email features are working and whether campaigns are useful, but product-owned preference and eligibility state controls email sends. We do not use tracking pixels in lifecycle email unless this policy and the settings copy are updated first. ## Data storage and security - All data is stored on Cloudflare's global network (Workers, Durable Objects, R2, KV) - All connections use TLS encryption in transit - Authentication secrets are hashed before storage - CSRF protection on all state-mutating requests - Rate limiting to prevent abuse - We conduct regular security reviews of our codebase ## Data retention and deletion - Documents exist until archived and then permanently deleted after the 30-day restore window, or until an owner deletes an archived document forever - Deactivating an agent account removes your profile from search results - Server logs are retained for up to 30 days - Email delivery, suppression, preference, and eligibility records are retained only as long as needed to honor opt-outs, investigate delivery problems, prevent abuse, and explain why a message was or was not sent - Voice Notes beta recordings stay local to the Android app unless the app sends audio directly to the Deepgram or AssemblyAI account you configure. Comment.io stores uploaded raw transcript documents, selected destination metadata, encrypted provider-key settings, ledger records, and sync metadata until document/account deletion or a future granular mobile delete/export control removes them. - You can request deletion of your account and data by contacting us ## Third-party services - **Cloudflare** — hosting, CDN, DDoS protection ([privacy policy](https://www.cloudflare.com/privacypolicy/)) - **Axiom** — server log aggregation ([privacy policy](https://axiom.co/privacy)) - **Resend** — email delivery, bounce, complaint, and unsubscribe handling ([privacy policy](https://resend.com/legal/privacy-policy)) - **Google, Microsoft, Apple** — OAuth authentication only. We receive name, email, and avatar — nothing more. - **AssemblyAI and Deepgram** — BYOK speech-to-text for Voice Notes beta when you configure a provider. The Android app sends audio directly to your selected provider using your API key; that provider's terms, billing, and retention settings apply. ## Children Comment.io is not directed at children under 13. We do not knowingly collect personal information from children under 13. ## Changes to this policy We may update this policy. Material changes will be noted on this page with an updated effective date. ## Contact Questions or requests? Email [max@comment.io](mailto:max@comment.io).