Short version: We collect your email address when you join the waitlist, and descriptions of your infrastructure when you use the product. We do not collect patient data. We do not collect PHI. We do not sell your information to anyone.
1. Who we are
Schematiks is a software product operated by DeepDream Security LLC ("DeepDream," "we," "us," or "our"), a limited liability company organized under the laws of the State of Ohio. References to "Schematiks," "the product," or "the service" in this policy refer to the software available at schematiks.io.
For privacy questions, contact us at info@deepdreamsec.com.
2. What we collect
We collect only what we need to operate the service.
- Email address. When you join the waitlist or create an account, we collect your email address. We use it to contact you about your access, send product updates you asked for, and provide support.
- Infrastructure descriptions. When you use the product, you answer questions about your technology stack — cloud providers, service types, data categories, and architectural patterns. We use these responses to generate your diagrams and documentation.
- Usage data. Standard server logs including IP address, browser type, pages visited, and timestamps. Collected automatically by our hosting provider (Cloudflare) and used for security and performance monitoring.
3. What we do not collect
This matters for healthcare and compliance buyers specifically.
- We do not collect protected health information (PHI). The product asks about your infrastructure — what types of systems you run and how they connect. It does not ask for, store, or process patient records, patient names, diagnoses, treatment data, or any other PHI as defined under HIPAA.
- We do not collect credentials. Do not enter database connection strings, API keys, passwords, or access tokens into the product. The questionnaire does not ask for them and we have no mechanism to store them safely.
- We do not sell your data. Your email address and infrastructure descriptions are not sold, rented, or traded to third parties for marketing or any other purpose.
4. How we use what we collect
- To generate the architecture diagrams and documentation you requested
- To contact you about your waitlist spot or account
- To send product updates and announcements (you can unsubscribe at any time)
- To improve the product based on how it is being used
- To detect and prevent abuse, fraud, or security incidents
5. Third parties
We use a small number of third-party services to operate Schematiks. Each receives only what is necessary for their function.
- Cloudflare. Hosts the website and handles DNS, CDN, and DDoS protection. Cloudflare processes request logs including IP addresses. See Cloudflare's Privacy Policy.
- Formspree. Processes waitlist form submissions and forwards them to us by email. Formspree receives the email address you submit. See Formspree's Privacy Policy.
- Stripe. Processes payments when you purchase access. Stripe receives your payment information directly and we do not store card details on our servers. See Stripe's Privacy Policy.
- Anthropic Claude API. Powers the diagram and documentation generation. Your infrastructure descriptions are sent to the Anthropic API to generate outputs. Anthropic's enterprise API agreements govern data handling on their end. See Anthropic's Privacy Policy.
We do not use advertising networks, analytics platforms that track users across sites, or data brokers.
6. Data retention
We keep your email address for as long as your account is active or as long as needed to provide the service. If you ask us to delete it, we will do so within 30 days. Infrastructure descriptions submitted through the product are retained for the period necessary to deliver your diagrams and for a reasonable backup window, after which they are deleted.
7. Your rights
You can ask us to do any of the following at any time:
- Tell you what information we hold about you
- Correct information that is inaccurate
- Delete your information
- Stop sending you marketing emails
To make any of these requests, email info@deepdreamsec.com. We will respond within 30 days.
8. Security
Schematiks is built and operated by a cybersecurity professional. The site runs over HTTPS, applies security response headers, and uses established third-party providers with strong security track records. That said, no system is perfectly secure. Do not submit sensitive credentials or actual patient data through this product.
9. Children
Schematiks is a business tool. We do not knowingly collect information from anyone under the age of 18.
10. Changes to this policy
If we make material changes to this policy, we will update the effective date at the top and notify active users by email. Continued use of the service after a change constitutes acceptance of the updated policy.
11. Contact
Questions about this policy or your data:
DeepDream Security LLC
Cincinnati, Ohio
info@deepdreamsec.com