Legal

Privacy Policy

This policy explains what data Tireless collects, why we collect it, where it lives, and how to see, correct, or delete it. The short version: we collect what we need to run your cloud computer and bill you. We run no analytics, set no ad cookies, and never sell your data. Card details go straight to Stripe and never touch our servers.

About this policy

Last updated: July 12, 2026.

This policy covers the Tireless website (tirelesscode.com) and the Tireless app (app.tirelesscode.com). “Tireless”, “we”, and “us” mean the team that operates the service. Tireless is young: every account is approved by a person before it’s activated, and features may change while we build. We wrote this in plain English so you can actually read it. If anything is unclear, email us at abuse@tirelesscode.com.

What we collect

Your account. Your name, email address, and a password. Passwords are stored hashed, so we cannot read them. If you turn on two-factor sign-in, we store the secret that generates your codes, and your backup codes, in encrypted form. Passkeys store only a public key — we never receive biometric data. If you give us an SSH public key, we store the key and the label you set.

Sign-in and security records. When you sign in, we keep a session record with your IP address and browser type. Security events like password resets and team changes go into an audit log that also records IP addresses. Our servers keep basic technical logs so we can debug problems and block abuse.

Billing. Payments run through Stripe. Card numbers never touch our servers. We store a reference to your Stripe customer record, the status of your subscription, and the billing event records Stripe sends us.

Your workspace.The files on your cloud computer are yours. They live on your workspace’s disk, and we back up the home folder (see Backups below).

Things you send us. Emails, abuse reports, your answers to the short survey when you delete a workspace, and the email addresses of people you invite to your team.

No tracking, no ad cookies, no selling data

We do not run analytics on the website or in the app. We do not use advertising or tracking cookies. We do not sell your data.

We set no cookies on the marketing site. The app sets only the cookies needed to sign you in and to complete sign-in steps like two-factor checks. The browser editor and desktop use their own sign-in cookie for the same reason. That is the whole list of cookies we set.

What we can see in your workspace

We monitor resource and network patterns, not your files or code. Your workspace reports basic health numbers every 30 seconds: CPU, memory, disk, network totals, and which ports are open along with the name of the program using them. We keep this detailed data for 30 days and summarized data for 90 days.

We use these numbers to show you your workspace’s health and to catch abuse our Acceptable Use Policy prohibits, like crypto mining. A flagged workspace may be slowed automatically while a person reviews it. Support staff do not browse your files. As the operator of the infrastructure, we do hold credentials that make technical access possible. We use that access only to run the service and to handle abuse.

Backups

While your workspace is running, we back up its home folder every night to a storage bucket. Backups are encrypted in storage. We hold the key needed to restore them. That means we can help you recover files — and it means the encryption does not lock us out.

Backups rotate on a schedule: roughly the last 7 daily and 4 weekly snapshots are kept while backups keep running. A Paused workspace keeps its most recent snapshots until it runs again. When you delete a workspace, its backup data is not erased instantly; we remove it within a reasonable period. Backups are a convenience, not a guarantee. Keep your own copy of anything you cannot afford to lose.

Where your data lives

Your workspace, its backups, and our own database run in Hetzner data centers in the EU. Today that is Finland. If we offer other regions, such as Germany or the US, and you pick one for a workspace, that workspace and its backups live there instead.

The marketing site is delivered by Cloudflare’s network, so Cloudflare handles those page requests on its systems. Stripe, Resend, and Cloudflare are US companies and handle the data they process under their own compliance programs.

Who processes data for us

We use a small number of companies to run Tireless:

  • Hetzner — hosts our servers, your workspace, and backups, in EU data centers.
  • Stripe — handles payments and subscriptions. Card details go to Stripe, never to us.
  • Resend — delivers our account and billing emails.
  • Cloudflare — provides DNS and delivers the marketing site.

We add to this list only when the service needs it, and we update this page when we do.

Teams: who can see shared workspaces

If you add people to your team, they can open and use shared team workspaces, including the files inside. Only invite people you trust with that access. When someone leaves a team, their access is revoked and the workspace’s credentials are refreshed. Team invitations record the invitee’s email address.

The agent and your accounts with other companies

The agent signs in to its own account inside your workspace. For Claude Code, that is your claude.ai account. Those credentials stay in your workspace. They never pass through Tireless servers, and we never store them.

Claude Code is made by Anthropic. Tireless is not affiliated with Anthropic.

Emails we send

We email you about your account and billing: email verification, password resets, payment receipts and problems, team invitations, workspace health alerts, and warnings before anything is suspended or deleted. Resend delivers these emails for us.

How long we keep data

  • Workspace files: until you delete the workspace. After deletion we keep a recovery snapshot for 7 days, then it is removed.
  • Paused workspaces: the disk is kept as a snapshot until you Resume or delete the workspace.
  • Backups: rotate out on the schedule above; after deletion, removed within a reasonable period.
  • Detailed workspace health data: 30 days. Summaries: 90 days.
  • Billing records: kept for accounting and legal reasons, even after a workspace or account is gone.
  • Security and workspace audit logs: kept so we can investigate problems and abuse.
  • Account details: until you ask us to delete your account.

Your rights

You can ask us to show you the data we hold about you, to correct it, or to delete it. Email us and we will handle it.

Account deletion is currently a manual process: email us from your account’s address and we will confirm it with you, then carry it out. Some records survive deletion, such as billing history, which we keep for accounting and legal reasons.

Children

Tireless is not directed at children under 16. Do not sign up if you are under 16.

Changes to this policy

When we change this policy, we update the date at the top. For material changes, we will email you.

Contact

For privacy questions and data requests, email abuse@tirelesscode.com. Today that is our one monitored mailbox, and it reaches the people who run Tireless.

Back to the Tireless homepage