Skip to content
Skappa
Security

Data Privacy

Understand how Skappa handles your data. Full code ownership, export policies, GDPR compliance, and what information Skappa stores.

Skappa is built with a privacy-first mindset. You own your code, your data, and your users' data. This guide explains exactly what Skappa stores, how your data is protected, and your rights as a user.

Data Ownership

You own 100% of the code and content generated in your Skappa projects. Skappa does not claim any intellectual property rights over your applications, designs, or business logic. The code generated by the AI is yours to use, modify, distribute, and monetize however you see fit. There are no licensing restrictions or royalty requirements.

Code Export

You can export your full project source code at any time from the project settings. The exported code is a standard Next.js application — it runs anywhere without Skappa, with no proprietary dependencies or vendor lock-in:

# Your exported project structure
my-app/
  app/          # Next.js pages and layouts
  components/   # React components
  lib/          # Utility functions
  public/       # Static assets
  package.json  # Standard npm dependencies
  tsconfig.json # TypeScript configuration

After exporting, you can deploy to Vercel, Netlify, AWS, or any platform that supports Next.js. You can also continue development in VS Code, Cursor, or any IDE.

What Skappa Stores

  • Account information — email address, display name, and authentication details.
  • Project metadata — project names, settings, deployment configuration, and file contents within the editor.
  • AI conversation history — your chat messages with the AI, used to maintain context continuity across sessions.
  • Usage metrics — credit consumption, deployment counts, and feature usage for billing and analytics.

Skappa does not store your end users' data. If your app uses a database, that data lives in your own Supabase project or external database — Skappa has no access to it.

GDPR Compliance

Skappa processes data in compliance with GDPR regulations. As a user, you have the right to:

  • Request a full export of your personal data at any time.
  • Request deletion of your account and all associated data.
  • Know exactly what data is collected and how it is used.
  • Withdraw consent for non-essential data processing.

Security Measures

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Environment variables and API keys use additional encryption layers. Skappa follows industry-standard security practices, conducts regular audits, and applies security patches promptly.

Tip: To request a data export or account deletion, contact the Skappa team through the feedback form or Discord. Requests are processed within 30 days as required by GDPR.

Still have questions?

Join our Discord community or submit feedback to get help.

Join DiscordSubmit Feedback