Trust

What Drengr runs on, how long it keeps data, and how to reach us. Last updated: July 4, 2026.

Subprocessors

Companies that process data on Drengr's behalf to deliver the service. Every entry below is a service we actively use in production today, except where noted as inactive.

SubprocessorPurpose
SupabaseAuth, control-plane Postgres (accounts, API keys, org config), Edge Functions runtime
AWSUnderlying infrastructure for Supabase and for ClickHouse Cloud (Singapore region)
VercelHosting for drengr.dev and the analytics dashboard
AnthropicEvent-naming proposals only — receives redacted event shapes (field names/types), never raw payloads or PII
GoogleOAuth sign-in
PolarPayment processing — not yet active. Billing is currently in limited rollout; no charges are processed today

Data Retention

Event data lives in ClickHouse with a 180-day TTL — rows older than 180 days are automatically deleted by the database engine, not by a manual job we have to remember to run.

Deletion / erasure: running drengr uninstall immediately erases that machine's registration and permanently anonymizes its usage telemetry. To delete an account or request erasure of a specific data subject's events, email hey@drengr.dev — see the Privacy Policy for the full DSR process and timelines.

Security Practices

Every release is built by CI from a tagged commit, checksummed, and GPG-signed; the install script refuses an unverified binary. Device interaction (MCP mode, test runs, explore mode) happens locally between the binary and your device — no screen content, UI trees, or device data is sent to us. Full detail, including our vulnerability disclosure policy and safe harbor, is on the Security page.

Certifications

We do not currently hold SOC 2, ISO 27001, or any other third-party security certification. If that changes, this page will be updated to reflect it — we will not claim a certification we don't have.

Data Processing Agreement

A DPA is available on request. Email hey@drengr.dev and we will send one over.