Privacy Policy
Last updated: December 31, 2025
Our Commitment to Privacy
At Evvl, we take your privacy seriously. This Privacy Policy explains how we handle your data when you use our service. The short version: we don't store any of your personal data, and API keys are automatically redacted from all logs.
What Data We Collect and Store
We do not store any of your personal data. While your API requests are routed through our servers to reach OpenAI, Anthropic, and OpenRouter (required due to browser security restrictions), we do not store your API keys, prompts, or AI responses.
Our server logs only contain basic operational information (provider name, model name, error types) for debugging purposes. API keys are automatically redacted from all logs. We do not log your prompts or the content of AI responses.
How Your Data is Stored
All data is stored locally in your browser using localStorage, including:
- Your API keys for OpenAI, Anthropic, and OpenRouter
- Your prompts and evaluation history
- AI-generated outputs and responses
- Your ratings and notes
- Column configurations and preferences
This data remains on your device and is only accessible from your browser. If you clear your browser data or use a different browser/device, you will not have access to your previously stored data.
How API Calls Work
When you generate AI outputs, your browser sends requests to our server, which then forwards them to the AI providers (OpenAI, Anthropic, and OpenRouter). This proxy setup is necessary because OpenAI doesn't support direct browser calls due to CORS restrictions.
Important: We do not store your API keys, prompts, or responses. Your API keys are automatically redacted from all server logs. Prompts and responses are never logged. We maintain basic operational logs (provider, model, error types) for debugging, but no personal or sensitive data.
The data you send to AI providers is subject to their respective privacy policies:
- OpenAI Privacy Policy: openai.com/policies/privacy-policy
- Anthropic Privacy Policy: anthropic.com/legal/privacy
- OpenRouter Privacy Policy: openrouter.ai/privacy
Analytics and Tracking
We use Plausible Analytics, a privacy-friendly analytics service, to understand how visitors use Evvl. Plausible does not use cookies and does not collect any personal information. It only tracks anonymous page views and basic usage statistics.
We do not use advertising networks or any other third-party tracking tools. You can learn more about Plausible's privacy practices at plausible.io/privacy.
Data Security
Since all data is stored locally in your browser, the security of your data depends on:
- The security of your device
- Your browser's built-in security features
- Your management of your API keys
We recommend keeping your API keys secure and not sharing them with others. If you believe your API keys have been compromised, revoke them immediately through the respective provider's dashboard.
Children's Privacy
Evvl is not directed to children under 13. We do not knowingly collect information from children. Since we don't collect any data at all, this is not a concern, but parents should supervise their children's use of AI services.
Changes to Privacy Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated “Last updated” date. Your continued use of Evvl after any changes constitutes your acceptance of the updated policy.
Contact
If you have any questions about this Privacy Policy, please contact us through our GitHub repository.