Carlo
Sign inSign up

Privacy Policy

Last updated: January 2026

1. Introduction

Carlo ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Monte Carlo simulation platform at getcarlo.app.

2. Information We Collect

Account Information

  • Email address
  • Name (if provided via OAuth or profile settings)
  • Profile picture (if provided via OAuth)
  • Display name and bio (optional)

Simulation Data

  • Simulations you create, including blocks, formulas, and configurations
  • Connection data you import from third-party services

Third-Party Connection Data

When you connect external services (Google Sheets, Airtable, Notion, Stripe, PostHog, or REST APIs), we store:

  • OAuth tokens or API credentials (encrypted)
  • Synced data fields you select for use in simulations
  • Connection configuration and sync history

Usage Data

  • Analytics data via PostHog (page views, feature usage)
  • Error logs for debugging purposes

3. How We Use Your Information

  • To provide and maintain the Carlo platform
  • To sync data from your connected services for use in simulations
  • To send you important account-related emails (e.g., sync failures, welcome emails)
  • To improve our services based on usage patterns
  • To respond to your support requests

4. Data Sharing

We do not sell your personal information. We may share data with:

  • Service providers: Hosting, analytics (PostHog), email (Resend)
  • Third-party integrations: Only when you explicitly connect them
  • Legal requirements: If required by law or to protect our rights

5. Data Security

We implement industry-standard security measures including:

  • Encryption of data in transit (HTTPS) and at rest
  • Encrypted storage of API credentials and OAuth tokens
  • Row-level security policies on database tables
  • Regular security reviews

6. Data Retention

We retain your data for as long as your account is active. When you delete your account, we remove your personal data, simulations, and connections. Some anonymized analytics data may be retained for product improvement.

7. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and associated data
  • Export your simulations
  • Disconnect third-party services at any time
  • Unsubscribe from non-essential emails

8. Cookies and Tracking

We use essential cookies for authentication and optional analytics cookies via PostHog. You can disable analytics in your browser settings.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or a notice on our platform.

10. Contact Us

If you have questions about this Privacy Policy, please contact us via the feedback form in the app.