Skip to main content
Patchy
Sign in

Privacy Policy

Patchy LLC

Last Updated: May 23, 2026

Effective Date: June 22, 2026

Note: The previous version of this Privacy Policy (last updated May 12, 2026) remains in effect until June 22, 2026. If you have questions about either version, contact hello@usepatchy.io.

This Privacy Policy describes how Patchy LLC (“Patchy,” “we,” “us,” or “our”) collects, uses, stores, and shares information about you when you use the Patchy web application available at usepatchy.io (the “Service”). By using the Service, you agree to the practices described in this Privacy Policy.

If you do not agree with this Privacy Policy, please do not use the Service.

In plain English: Here's what we collect, how we use it, and what your rights are. We try to keep this short and honest.

1. Information We Collect

We collect information in two categories: essential data that we need to operate the Service, and optional analytics that you control through your account settings.

a) Essential Data (collected for all users)

This information is necessary to provide the Service to you. You cannot opt out of essential data collection while using the Service, but you may delete your account at any time as described in Section 6.

  • Account information: your name, email address, password (stored as a secure hash, never in plain text), and, optionally, the name of your church, production company, or organization.
  • Profile and configuration data: any details you choose to add to your profile or organization settings.
  • User Content: the patch sheets, console configurations, stage I/O layouts, device lists, signal routing, notes, and any other content you create, upload, or store using the Service.
  • Communications: messages you send to us via email, support requests, beta feedback, or other channels.
  • Authentication and security records: login times, IP addresses associated with logins, and other records needed to secure your account.
  • Anonymous error reports: automatic crash and error reports collected through our error monitoring provider, with no personally identifying information attached.
  • Device and technical data: browser type and version, operating system, device type, screen size, language preferences, IP address, and approximate location derived from IP address.
  • Payment information: if you subscribe to a paid plan, payment is processed by our third-party payment processor (Stripe). We receive limited information from Stripe (such as the last four digits of your card, card brand, billing zip code, and subscription status). We never see, store, or have access to your full payment card numbers.

b) Optional Analytics (only if you opt in)

When you first sign up, you'll be asked whether to enable optional analytics. You can change your decision at any time in Settings → Privacy. Disabling optional analytics does not affect your access to any feature of the Service.

If you opt in, we collect:

  • Product usage events: which features you use, when you use them, and how often. Examples include patch sheets created, channels added, exports generated, and pages visited within the Service.
  • User-identified error reports: error and crash reports linked to your account, so we can follow up with you specifically if you encounter a bug.

If you do not opt in, none of this information is collected from your account.

c) Information from Third Parties

  • Email signups and form submissions: if you sign up for our mailing list or submit interest forms, we receive your email and any information you provided through our email marketing provider (EmailOctopus) and form provider (Kit). Active subscribers and customers may also receive transactional and product emails through our transactional email provider (Resend) and our business email provider (Google Workspace).

d) Cookies and Similar Technologies

We use essential cookies for authentication, session management, and security. If you opt in to optional analytics, our analytics provider (PostHog) also uses cookies and similar technologies to record product usage events tied to your account.

We do not use third-party advertising cookies or cross-site tracking.

In plain English: We collect: your account info, the patch sheets you build, basic technical data, and limited billing data from Stripe. If you opt in to analytics, we also see which features you use. You can turn analytics off anytime in Settings.

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service;
  • Create and manage your account, authenticate logins, and process subscriptions;
  • Display, store, and share your User Content as you direct (for example, when you generate a shareable patch sheet link);
  • Process payments and send billing-related communications such as receipts, renewal notices, and payment failure alerts;
  • Send product updates, announcements, and onboarding emails related to your use of the Service;
  • Send marketing emails (only if you have opted in or are an active customer, and you can unsubscribe at any time);
  • Respond to support requests, beta feedback, and other inquiries;
  • Detect, prevent, and address technical issues, security incidents, fraud, or abuse;
  • Improve the Service, including analyzing usage patterns to inform product development (using optional analytics where you have opted in, and aggregated or anonymized data otherwise);
  • Comply with legal obligations and enforce our Terms of Service.

We do not sell your personal information. We do not share your User Content with third parties for their own marketing purposes. We do not use your User Content to train artificial intelligence or machine learning models without your explicit, separate consent.

In plain English: We use your data to run the app, bill you, support you, and make Patchy better. We don't sell your data and we don't train AI on your patch sheets.

3. How We Share Information

We share information only as described below:

  • Service providers: we share information with trusted third-party vendors who help us operate the Service, including hosting, payment processing, email delivery, error monitoring, and (if you have opted in) product analytics. See Section 4 for the current list. These providers are contractually obligated to protect your information and use it only to provide services to us.
  • Shared content you initiate: if you generate a shareable link to a patch sheet, the recipients of that link will be able to view (and, where applicable, edit) the content you have shared with them.
  • Legal requirements: we may disclose information if required to do so by law, subpoena, court order, or other legal process, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others, investigate fraud, or respond to a government request.
  • Business transfers: if Patchy is involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of that transaction. We will notify you (by email or notice on the Service) before your information becomes subject to a different privacy policy.
  • With your consent: we may share information for any other purpose with your explicit consent.
In plain English: We share data with the vendors that keep the app running (like Stripe and our hosting provider), with people you choose to share patch sheets with, and if legally required.

4. Third-Party Service Providers

The following third-party services currently process information on our behalf. Each has its own privacy policy that governs how it handles data:

  • Vercel — application hosting and content delivery.
  • Supabase — database, authentication, and file hosting.
  • Stripe — payment processing and subscription billing.
  • Sentry (Functional Software, Inc.) — error and performance monitoring. Anonymous error reports are collected for all users; user-identified error reports are collected only if you have opted in to optional analytics.
  • PostHog Inc. — product usage analytics. Used only if you have opted in to optional analytics under Section 1(b).
  • Resend — transactional email delivery (password resets, account confirmations, billing receipts, and similar account-related communications).
  • Google Workspace — business email and document infrastructure for usepatchy.io.
  • EmailOctopus — email marketing and mailing list management (only for subscribers who have opted in to receive marketing communications).
  • Kit — form submission handling for landing pages and mailing list signups.

This list may change as our infrastructure evolves. We will update this Privacy Policy when we add or change service providers in ways that affect how your information is processed, and material changes will be communicated as described in Section 13.

5. Data Storage and Security

Your data is stored on infrastructure operated by our hosting and database providers, currently located in data centers in the United States. By using the Service, you consent to your information being processed in the United States.

We use industry-standard technical and organizational measures to protect your information, including:

  • Encryption of data in transit (HTTPS/TLS);
  • Encryption of sensitive data at rest;
  • Secure password hashing (we never store passwords in plain text);
  • Input masking on any optional analytics tools to prevent capture of form field contents;
  • Restricted access controls so that only authorized personnel can access systems containing user data;
  • Regular review of our security practices.

No method of transmission or storage is 100% secure. While we work to protect your information, we cannot guarantee absolute security. If we become aware of a security incident affecting your personal information, we will notify you in accordance with applicable law.

In plain English: Your data is encrypted, your password is hashed (we can't see it), and we restrict who can access systems. No system is 100% bulletproof, but we take it seriously.

6. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. Specifically:

  • Active accounts: we retain your account information and User Content for the duration of your subscription and active use.
  • Cancelled or terminated accounts: we retain User Content for thirty (30) days after account closure to allow you to export or restore your data, after which it is deleted from active systems.
  • Backups: data may persist in encrypted backups for up to seven (7) days after deletion from active systems, after which backups are overwritten in the ordinary course.
  • Optional analytics data: product usage events from users who have opted in are retained for up to twelve (12) months. User-identified error reports are retained for up to ninety (90) days.
  • Anonymous error reports: retained for up to ninety (90) days.
  • Legal and financial records: we retain billing records, tax records, and records of disputes for as long as required by law (typically up to seven years).
  • Aggregated and anonymized data: we may retain aggregated, de-identified data indefinitely for analytics and product improvement; this data cannot be used to identify you.

7. Your Rights and Choices

You have the following rights with respect to your personal information:

  • Access: request a copy of the personal information we hold about you.
  • Correction: request that we correct inaccurate or incomplete information. Most account information can also be updated directly through your account settings.
  • Deletion: request that we delete your account and associated personal information, subject to legal retention requirements.
  • Export: request a portable copy of your User Content in a common, machine-readable format (such as CSV or JSON).
  • Manage optional analytics: turn optional analytics on or off at any time in Settings → Privacy. Your decision applies to all future sessions until you change it.
  • Opt-out of marketing: unsubscribe from marketing emails at any time via the unsubscribe link in any email or by contacting us. Note that we may still send you transactional emails (billing, security, service updates) while your account is active.
  • Restrict or object: request that we limit how we process your information, where applicable law provides this right.

To exercise any of these rights, contact us at hello@usepatchy.io. We will respond within a reasonable timeframe (typically 30 days). We may need to verify your identity before fulfilling certain requests.

8. Regional Privacy Rights

a) For Residents of California (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including the right to know what personal information we collect, the right to delete personal information, the right to correct inaccurate information, and the right to opt out of the sale or sharing of personal information.

We do not sell or share personal information as those terms are defined under California law.

b) For Residents of the EEA, United Kingdom, and Switzerland (GDPR/UK GDPR)

If you are located in the EEA, UK, or Switzerland, you have rights under the General Data Protection Regulation (GDPR) or UK GDPR, including the rights of access, rectification, erasure, restriction of processing, data portability, and objection to processing.

Our legal bases for processing your information are: (i) performance of our contract with you (to provide the Service), which covers essential data described in Section 1(a); (ii) your explicit consent, which covers optional analytics described in Section 1(b); (iii) our legitimate interests in operating, securing, and improving the Service; and (iv) compliance with legal obligations.

If you wish to file a complaint with a supervisory authority, you have the right to do so in your country of residence.

c) For Other Jurisdictions

Other states and countries may grant you additional privacy rights. If you believe a specific right applies to you, contact us and we will work in good faith to honor it.

In plain English: You have rights: see what we have, fix it, delete it, or export it. Just email hello@usepatchy.io. If you're in California, the EU, or the UK, you have extra protections under local law.

9. Children's Privacy

The Service is not intended for, and is not directed to, individuals under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us at hello@usepatchy.io and we will take steps to delete it.

10. International Users

Patchy is operated from the United States. If you access the Service from outside the United States, you understand and consent to the transfer of your information to, and processing in, the United States, where data protection laws may differ from those in your country.

11. Cookies

We currently use the following categories of cookies and similar technologies:

Essential cookies (used for all users)

  • Authentication cookies that keep you logged in;
  • Session cookies that maintain your activity within a single browsing session;
  • Security cookies that help protect against fraud and abuse.

Analytics cookies (only if you have opted in to optional analytics under Section 1(b))

  • Cookies set by PostHog to record product usage events tied to your account.

We do not use third-party advertising cookies or cross-site tracking. You can configure your browser to refuse cookies, but doing so may impair core functionality such as logging in.

12. Do Not Track Signals

Some browsers offer a “Do Not Track” (DNT) signal. Because there is no industry standard for how to respond to DNT signals, we do not currently respond to them. We will revisit this practice if a clear standard emerges. If you wish to disable optional analytics, you can do so directly in Settings → Privacy.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time as our practices evolve. If we make a material change to this Privacy Policy, we will provide reasonable notice prior to the change taking effect, either by email to the address associated with your account or through an in-app notice. What constitutes a material change and what constitutes reasonable notice will be determined in our reasonable judgment based on the nature of the change.

For non-material changes — such as typo corrections, clarifications, formatting updates, or changes that do not meaningfully affect how your information is collected, used, or shared — we will update the “Last Updated” date at the top of this Privacy Policy without separate notice.

For changes required by law, regulation, court order, or to address security issues, we may make changes effective immediately and will notify you as soon as practical.

You can review the most current version of this Privacy Policy at any time by visiting this page. Your continued use of the Service after the effective date of an updated Privacy Policy constitutes acceptance of the changes. If you do not agree with an updated Privacy Policy, you may delete your account before the effective date.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, contact us at:

Patchy LLC

Email: hello@usepatchy.io

Website: usepatchy.io