Privacy Policy
Last updated: February 27, 2026
1. Introduction
This Privacy Policy describes how Textra ("we," "us," "our") collects, uses, and protects information about users of the Textra desktop application and website (textra.app). We are committed to protecting your privacy and being transparent about what data we handle.
2. Information We Collect
Account Information
When you sign in with Google, we receive your name, email address, and profile picture from Google OAuth. This information is stored in our database hosted on Neon Postgres (eu-west-2, AWS Ireland).
Session Data
We store authentication session tokens to keep you signed in. Sessions expire after 7 days of inactivity and are automatically extended on each use.
Subscription Information
We store your Stripe customer ID, subscription ID, and plan status. Payment card details are handled entirely by Stripe — we never see or store your card number, CVV, or billing address.
AI Usage Metrics
When you use the AI Research Agent, we record the AI model used, number of input tokens, and number of output tokens per request. This is used solely to enforce your monthly usage budget. We do not store the content of your queries or the Agent's responses on our servers.
Usage Analytics
The desktop application collects anonymous usage analytics to help us improve the product. This includes: app session duration, compilation events (engine used, success/failure, duration), feature usage (e.g. SyncTeX, keyboard shortcuts, engine changes), TeX Live installation status, auto-update events, file type opened (extension only, not file name or content), AI Research Agent usage (model and status, not query content), and application errors. Analytics are sent to our servers in batches and are associated with your account. We do not collect document content, file names, file paths, or any personally identifiable information beyond what is described in the Account Information section above.
3. Information We Do NOT Collect
Your LaTeX documents, source files, BibTeX libraries, and compiled PDFs never leave your machine. Textra compiles documents locally using your own TeX Live installation. We do not upload, transmit, or access your document content. The usage analytics described above never include file names, file paths, document text, or any content from your projects.
4. How We Use Your Information
- To authenticate your identity and maintain your session
- To verify your subscription status and enforce plan limits
- To process payments via Stripe
- To enforce AI Research Agent usage budgets
- To understand how the application is used and improve the product (usage analytics)
- To send transactional communications (subscription receipts, renewal notices) via Stripe
- To respond to support inquiries
We do not sell your data to third parties. We do not use your data for advertising.
5. Third-Party Services
Textra integrates with the following third-party services:
| Service | Purpose | Data Shared |
|---|---|---|
| Google OAuth | Authentication | Email, name, profile picture |
| Stripe | Payment processing | Email, billing information |
| Neon (Postgres) | Database | Account and session data |
| Vercel | Hosting & CDN | Request logs, IP addresses |
| AI Providers | Research Agent | Query content (not linked to identity) |
| Semantic Scholar | Paper search | Search queries |
Each service's own privacy policy governs their handling of your data.
6. Data Storage and Retention
Account data is stored in Neon Postgres (eu-west-2, AWS Ireland) within the European Economic Area. We retain account data for as long as your account is active, plus a reasonable period after deletion for legal compliance. AI usage records are retained for 90 days. You may request deletion of your account and all associated data by contacting us.
7. Cookies and Sessions
The textra.app website uses a session cookie for web authentication. This is a strictly necessary functional cookie and is not used for tracking or advertising. The Textra desktop application stores an authentication token locally on your machine. We do not use advertising cookies or third-party tracking pixels.
8. Your Rights
Depending on your location, you may have rights under the GDPR (EU/EEA/UK), CCPA (California), or other applicable data protection law, including:
- The right to access personal data we hold about you
- The right to correct inaccurate data
- The right to request deletion of your data
- The right to data portability
- The right to withdraw consent
- The right to lodge a complaint with a supervisory authority
To exercise these rights, contact us at support@textra.app. We will respond within 30 days.
9. GDPR Considerations
Our database is hosted in eu-west-2 (AWS Ireland), within the European Economic Area. For users in the EEA, we process your data on the legal basis of contract performance (providing your account and subscription) and legitimate interests (security, fraud prevention, and product improvement through usage analytics). AI provider interactions may involve data transfer outside the EEA; these providers maintain appropriate safeguards including Standard Contractual Clauses.
10. Security
We implement reasonable technical and organisational measures to protect your data, including HTTPS encryption in transit, database access controls, and automatic session expiry. No system is perfectly secure; we encourage you to use a strong Google account password and enable two-factor authentication.
11. Children's Privacy
Textra is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us and we will delete it.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via email or on the website. The "Last updated" date at the top reflects the most recent revision.
13. Contact
For questions about this Privacy Policy or to exercise your data rights, contact us at: support@textra.app