Legal
Privacy Policy
Last updated 18 July 2026
This policy describes how Tessera (“we”, “us”) handles information when you use Tessera at https://app.tesserae.site, including the canvas, Live rendering service, share links, CLI, and Pro billing.
Who we are
Tessera is operated as Tessera. For privacy questions, email support@tesserae.site.
What we collect
- Account data — when you sign in via Clerk (email and/or OAuth identity such as GitHub or Google). We store a Tessera session linked to that identity and your plan (Free or Pro).
- Billing data — handled by Stripe when you upgrade. We receive subscription status and customer identifiers; we do not store full card numbers.
- Workspace & share data — canvas snapshots you choose to share (URL, layout, device tiles) stored so share links can be loaded.
- URLs you load — addresses you enter for preview, Live sessions, captures, tunnels, or agent checks. Those URLs may be fetched by our rendering service (Playwright) to display or screenshot pages.
- Technical logs — IP address, user agent, and request metadata used for rate limiting, abuse prevention, and debugging.
- Local device storage — preferences and canvas state in your browser (for example localStorage), which stay on your device unless you share or sync them through the product.
How we use information
- Provide and improve the canvas, Live sessions, captures, shares, CLI, and checks
- Authenticate you, enforce plan limits, and process Pro subscriptions
- Prevent abuse, rate-limit heavy Live/API use, and keep the service secure
- Respond to support requests you send us
- Comply with law where we are required to
Live engine and URL fetching
When you use the Live engine, captures, tunnels, or agent checks, our servers may open real browser sessions and request the URLs you provide. Content from those pages is processed to stream or screenshot viewports. Do not point Tessera at pages you are not allowed to access. We may block private network targets and apply abuse controls.
Subprocessors
Sharing
We do not sell your personal data. We share information with subprocessors as needed to run the service, when you ask us to (for example a share link you create), or when required by law.
Retention
Account and billing records are kept while your account is active and as needed for accounting or legal obligations. Free-tier share links expire after 7 days; Pro share links remain until deleted or the service ends. Live browser sessions are short-lived and torn down when tiles disconnect. Server logs are retained for a limited period for security and reliability.
International transfers
Our hosts and subprocessors may process data in the UK, EU, US, or other regions. Where required, we rely on appropriate transfer mechanisms provided by those vendors.
Your rights
Depending on where you live, you may have rights to access, correct, delete, or export personal data, or to object to certain processing. Contact support@tesserae.site. You can also delete local canvas data in your browser and close your Clerk/Stripe relationships through those services where available.
Children
Tessera is built for professional developers and is not directed at children under 16. We do not knowingly collect personal data from children.
Changes
We may update this policy as the product evolves. The “Last updated” date above will change when we do. Continued use after an update means you accept the revised policy.
Contact
Privacy requests: support@tesserae.site. See also Terms of Service and Support.