Privacy Policy

Last updated: May 14, 2026

Stride is a task-management software you can use as a hosted service at stridelikeaboss.com or self-host on your own infrastructure. This Privacy Policy describes what data Stride collects, how it is used, and the choices you have. It applies to the hosted service operated by the Stride team. If you self-host Stride, you are the operator of your own instance — none of the data you process flows to us.

Information we collect

  • Account information — your email address, the password hash, and the display name and locale you choose.
  • Workspace content — boards, columns, tasks, comments, attachments, and the metadata you author (titles, descriptions, acceptance criteria, key files, hooks, and so on).
  • Agent activity — when an AI agent claims a task, runs a hook, or completes work, we record the agent's identifier, the task affected, and a timestamp.
  • API tokens — we store the hashed token, the issuing user, the scope, and the last-used timestamp. The plaintext token is shown only once at issuance.
  • Telemetry — request paths, status codes, response durations, and aggregate usage counts. We do not record full request bodies or individual user-agent strings beyond what is needed to keep the service available.

How we use your information

  • Operate the service and authenticate you and your agents.
  • Render the boards, tasks, and activity feeds you have access to.
  • Diagnose errors, measure performance, and prevent abuse (rate limiting, fraud detection).
  • Send transactional email — account confirmation, password reset, security notifications. We do not send marketing email unless you explicitly opt in.

We do not sell your data. We do not use your workspace content to train AI models. We do not run advertising on Stride.

Data sharing

We share your information only in narrowly limited circumstances:

  • Service providers — hosting, transactional email, and error tracking. These vendors process data on our behalf under written agreements that prohibit secondary use.
  • Legal requests — when we are required by valid legal process. We push back on overbroad requests and notify the affected user where the law allows.
  • Workspace collaborators — content you put in a board is visible to the people you invite to that board.

Data retention

We keep your account and workspace data for as long as your account is active. When you delete your account, we delete your account record and your workspace content within 30 days, except where we are required by law to retain a record (for example, financial records for billing).

Telemetry and audit logs are retained for up to 90 days, then aggregated or deleted.

Your rights

Depending on where you live, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate personal data.
  • Delete your account and your personal data.

As a user of this system, you have full access to your data to manage it as you see fit.

Cookies and local storage

We use a small number of cookies and browser-local storage entries that are strictly necessary to operate the service: a session cookie to keep you signed in, a CSRF token to protect form submissions, and a preference entry that remembers your light/dark theme choice. We do not use third-party advertising or analytics cookies.

Security

Stride is hosted on encrypted infrastructure, passwords are hashed with bcrypt, and API tokens are hashed at rest. Despite our best efforts, no system is perfectly secure. If you discover a vulnerability, please report it to us responsibly at the contact address below.

Changes to this policy

We may update this policy from time to time. When we make material changes, we will note the new effective date at the top of this page and, where appropriate, notify you by email or in-app banner before the change takes effect.

Contact us

Questions, concerns, or requests about this policy? Email [email protected] and we will respond within a reasonable time.