Privacy Policy
Last updated: July 11, 2026
This policy describes what data OrgTide collects, why, and who processes it. The short version: we store your account, your org connections, and the work you create in OrgTide; we process org metadata to provide the AI features; and we never read, store, or transmit your Salesforce record data.
What we collect
- Account data — your name, email, and authentication details, managed by our sign-in provider (Clerk).
- Org connections — OAuth tokens for the Salesforce orgs you connect, stored encrypted at rest and used only to make the API calls you initiate.
- Your work product — drafts, releases, packages, deploy history, pre-deploy snapshots, version history, health reports, and drift scans, scoped to your account and org.
- Usage records — which AI actions you ran and when, used to enforce fair-use allowances and to operate the service. Cost and token accounting is internal and never shown to other users.
What we never collect
- Salesforce record data. OrgTide queries metadata APIs only (Tooling and Metadata APIs) — never your Accounts, Contacts, Opportunities, or any business records.
- Production browsing. Production orgs can only be connected as deploy targets. OrgTide reads from them only to verify identity at connect time, to capture a rollback snapshot before a deploy you approved, and to run a drift comparison you explicitly request — metadata only, in every case.
How AI processing works
When you run an analysis, build, or other AI action, the relevant metadata (for example, a class body or your prompt) is sent to Anthropic’s API to generate the result. We send the minimum needed for the task. Per Anthropic’s API terms, API inputs and outputs are not used to train their models.
Who processes your data
- Clerk — authentication and account management.
- Render — application hosting and the Postgres database where your work product lives.
- Anthropic — AI processing of the metadata you choose to analyze or generate from.
- Salesforce — the orgs you connect; OrgTide talks to them with the OAuth access you grant.
- Sentry — error monitoring (stack traces and request context; no org metadata payloads by design).
Cookies
OrgTide uses the session cookies required for sign-in (set by Clerk) and a local preference for your theme. No advertising or cross-site tracking cookies.
Retention and deletion
Your data is retained while your account is active. Deleting your account from the Account page removes your stored org connections, drafts, releases, history, and usage records. You can also disconnect any individual org at any time, which invalidates its stored tokens.
Security
Data is encrypted in transit (TLS) and at rest. Org tokens are scoped to your account, and every piece of stored work is partitioned by account and org. Production orgs get additional guardrails (typed confirmations, deploy-target-only access).
Changes
We may update this policy; material changes will be reflected by the “Last updated” date above.
Contact
Privacy questions? Email support@orgtide.com, or use the Support page inside the app.