diag
Features Pricing Terms Privacy
Sign In Get Started Free
Legal

Privacy Policy

Effective date: March 1, 2026  ·  Last updated: March 1, 2026

Contents

  1. Overview
  2. Information We Collect
  3. How We Use Your Information
  4. Sharing Your Information
  5. Cookies & Tracking
  6. Data Retention
  7. Security
  8. Your Rights
  9. Children's Privacy
  10. International Transfers
  11. Updates to This Policy
  12. Contact

1. Overview

diag ("we," "us," "our") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard your personal information when you use our system architecture diagramming platform.

By using diag, you agree to the collection and use of information in accordance with this policy. We will never sell your personal data or your diagram content to third parties.

2. Information We Collect

Information you provide directly:

  • Account data: Username, email address, and hashed password when you register
  • Diagram content: The nodes, edges, labels, and metadata you create within the Service
  • Billing information: Payment card details processed securely by our payment provider (we do not store raw card numbers)
  • Communications: Messages you send to our support team

Information collected automatically:

  • Usage data: Pages visited, features used, click patterns, session duration
  • Technical data: IP address, browser type, operating system, screen resolution
  • Log data: Server access logs including timestamps, HTTP methods, and response codes
  • Session data: Session identifiers stored in secure, HTTP-only cookies

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Authenticate you and manage your account session
  • Process payments and manage your subscription
  • Send essential service communications (billing, security alerts, feature updates)
  • Respond to your support requests
  • Detect, investigate, and prevent fraudulent or unauthorized activity
  • Analyze aggregate usage patterns to improve the product (using anonymized data)
  • Comply with legal obligations

We do not use your diagram content for any purpose other than delivering the Service to you. We do not train machine learning models on your content.

4. Sharing Your Information

We do not sell, rent, or trade your personal information. We may share your data only in these limited circumstances:

  • Service providers: Third-party vendors who help us operate the Service (e.g., cloud hosting, payment processing, email delivery). These providers are contractually prohibited from using your data for their own purposes.
  • Legal compliance: When required by law, court order, or to protect the rights, property, or safety of diag, our users, or the public.
  • Business transfers: In connection with a merger, acquisition, or sale of assets, subject to confidentiality obligations and this Privacy Policy.
  • With your consent: In any other circumstances, only with your explicit consent.

5. Cookies & Tracking

We use a minimal set of cookies necessary to operate the Service:

  • Session cookie: A secure, HTTP-only cookie that keeps you logged in. Expires when you sign out or after a period of inactivity.
  • Preference cookies: Optional cookies that remember your UI preferences (e.g., theme settings).

We do not use advertising trackers, third-party analytics cookies, or cross-site tracking pixels. We do not participate in any advertising networks.

You can control cookies through your browser settings. Disabling session cookies will prevent you from logging in.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service.

  • Account data: Retained until you delete your account, plus 30 days for recovery purposes
  • Diagram content: Deleted 30 days after account deletion unless you export it first
  • Server logs: Retained for up to 90 days for security and debugging purposes
  • Billing records: Retained for 7 years as required by applicable tax law

7. Security

We take reasonable technical and organizational measures to protect your information:

  • All data is encrypted in transit using TLS 1.3
  • Passwords are hashed using bcrypt before storage — we never store plaintext passwords
  • Session cookies are HTTP-only and SameSite-protected to prevent CSRF and XSS attacks
  • Database access is restricted to authorized backend services only
  • We conduct regular security reviews of our infrastructure

No system is completely secure. If you discover a security vulnerability, please disclose it responsibly to [email protected].

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your account and associated data
  • Portability: Request your diagram data in a portable format (JSON export)
  • Restriction: Request that we restrict processing of your data in certain circumstances
  • Objection: Object to processing based on legitimate interests

To exercise any of these rights, email [email protected]. We will respond within 30 days. You may also export or delete your diagrams at any time from within the application settings.

If you are in the European Economic Area, you have the right to lodge a complaint with your local data protection authority.

9. Children's Privacy

The Service is not directed to children under the age of 16. We do not knowingly collect personal information from anyone under 16. If you believe we have inadvertently collected data from a child, please contact us at [email protected] and we will promptly delete it.

10. International Data Transfers

Your information may be stored and processed in countries other than your own, including countries that may not have the same data protection laws as your jurisdiction. We take appropriate safeguards to ensure your data receives adequate protection wherever it is processed, including through data processing agreements with our service providers.

11. Updates to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by posting a prominent notice in the Service before the changes take effect. The "Last updated" date at the top of this page reflects the most recent revision.

We encourage you to review this policy periodically. Your continued use of the Service after any changes constitutes acceptance of the updated policy.

12. Contact

For privacy-related questions, data requests, or concerns, please contact us:

  • Email: [email protected]
  • Security disclosures: [email protected]
  • General inquiries: [email protected]
diag

Premium system architecture diagramming for engineering teams.

Product
  • Features
  • Pricing
  • Sign in
Legal
  • Terms of Service
  • Privacy Policy
Contact
  • [email protected]
  • [email protected]
© 2026 diag. All rights reserved.
Terms Privacy Sign In