Privacy Policy

Radial is a keyboard-first issue tracker operated by BrainGrid AI, Inc., 1111B S Governors Ave STE 29316, Dover, DE 19904, USA ("BrainGrid", "we", "us"). This policy describes what we collect when you use Radial, how we use it, and the choices you have.

For your account, usage, and billing data, we decide how the data is processed and act as the data controller. For the content you and your team put into a workspace — issues, projects, comments, and the like — we act as a processor on your behalf: you decide what goes in, and we store and process it to run the service for you. If you use Radial through an organization, that organization controls its workspace content.

Account information. When you sign up, we store your email address and a unique user identifier. If you sign in through BrainGrid (which currently fronts Google sign-in), we also store the name and avatar your provider shares, and authentication is handled by BrainGrid, so we never see or store a password for you. If you sign up with an email and password, the password is handled by our authentication provider and stored only as a secure hash. You can also start in an anonymous session with no email attached until you choose to sign up.

Workspace content. Radial stores the content you and your teammates create: workspaces, teams, issues and their descriptions, projects, comments and reactions, labels, cycles, saved views, favorites, and the activity and notification history they generate. This content is private to your workspace and enforced with database row-level security; it is not public.

Usage and technical data. To operate and secure the service we record technical data such as the IP address a request comes from and request metadata like timing, status, and errors.

Developer credentials. If you create API keys, we store only a SHA-256 hash of each key (never the raw key) plus a masked display version, a name, and a last-used timestamp. If you authorize an app through OAuth or sign in the command-line tool, we store hashed access and refresh tokens scoped to what you approved.

Git connection data. If you connect a Git provider (GitHub, GitLab, or Bitbucket), we store the connection’s installation or OAuth tokens — encrypted with AES-256-GCM — along with repository metadata and the branch, pull-request, and commit details linked to your issues. We collect this only when you connect a provider, and only for the repositories you authorize.

Billing data. If your workspace is on a paid plan, we store Stripe customer and subscription identifiers, your seat count, and subscription status. Card numbers and full payment details go directly to Stripe and are never received or stored by us.

We use the data above to:

• provide and operate the service, including storing and syncing your workspace content;
• authenticate you and secure your account and workspaces;
• process payments and account for seats;
• send transactional email, such as workspace invitations;
• enforce limits and detect and prevent abuse and fraud;
• respond to support requests;
• comply with legal obligations.

We may create aggregated or de-identified statistics that do not identify you (for example, service performance metrics) and use them to operate and improve the service. We do not send marketing email by default, and we do not use your data for advertising.

Radial does not run product analytics, telemetry, or behavioral tracking, and it has no AI features. We do not send your workspace content, issues, comments, or any other data to any large language model or AI provider, for training or for inference. This is a deliberate part of how Radial is built.

We share data only with the service providers that run Radial ("subprocessors") and as required by law. We do not sell personal information, and we do not "share" it for cross-context behavioral advertising as defined under California law.

We may disclose information if required by law, regulation, or valid legal process, or to protect the rights, safety, or property of BrainGrid, our users, or others. If BrainGrid is involved in a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction; this policy would continue to apply to it.

We use only the cookies needed to run the service. We do not use analytics, advertising, or cross-site tracking cookies, which is why you will not see a cookie banner.

• Account records are kept while your account is active and deleted on request after closure.
• Workspace content is kept while your workspace is active or until you or a workspace admin delete it. Deleting a workspace removes its content; deleted comments are hidden and then removed.
• Workspaces that are created and then abandoned with no activity may be cleaned up automatically after 14 days.
• Revoked API keys and tokens are deactivated immediately; their hashed records may be retained for audit purposes.
• You can export your workspace data at any time.

Traffic to the app and API is encrypted in transit with TLS. Workspace data is isolated by tenant and enforced at the database layer with row-level security. API keys are stored only as SHA-256 hashes and shown masked. Git provider tokens and webhook secrets are encrypted at rest with AES-256-GCM. Access to production data is restricted. That said, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

You can request access to, correction of, or deletion of your personal data by emailing support@radial.build. Depending on where you live, you may have additional statutory rights — for example, under the GDPR or the California Consumer Privacy Act — including rights to access, correct, delete, and port your data, to object to certain processing, and to be free from discrimination for exercising them. We will honor valid requests as required by applicable law.

Where we process workspace content on behalf of an organization, that organization is the controller, and we will refer your request to it.

Content in a workspace may include personal data about teammates or third parties — for example, names in comments, or the authors of linked commits. The workspace and its organization are responsible for having a lawful basis to put that content into Radial and for honoring the rights of the people it concerns. If your personal information appears in a workspace and you want it addressed, contact that organization, or email us at support@radial.build and we will route the request appropriately.

Radial is not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child has provided us personal information, contact us and we will delete it.

Radial is operated from the United States, and data is processed and stored in the United States (primarily in the AWS US region). If you use the service from outside the US, you understand that your data is transferred to and processed in the US.

We may update this policy from time to time. The "Last updated" date above reflects the latest revision, and material changes will be announced through the site or the app.

Privacy questions and requests can be sent to support@radial.build or by mail to BrainGrid AI, Inc., 1111B S Governors Ave STE 29316, Dover, DE 19904, USA.