Privacy Policy

Your privacy matters to us. This policy explains how we collect, use, and protect your information.

Last updated: December 11, 2025

This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Application, Website, or Service and tells You about Your privacy rights and how the law protects You. The Application collects anonymous Usage Data and performance metrics which are transmitted to Sentry for monitoring and improvement purposes only. By using the Service, You agree to the handling of information in accordance with this Privacy Policy.

1. Interpretation and Definitions

1.1 Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

1.2 Definitions

For the purposes of this Privacy Policy:

  • You means the individual accessing or using the Application, Website, or Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Application, Website, or Service, as applicable.
  • Developer (referred to as either "the Developer", "We", "Us" or "Our" in this Agreement) refers to WindowSill's owner and development team.
  • Application or App refers to the WindowSill software application for Windows devices.
  • Website refers to WindowSill's website, accessible from https://getwindowsill.app
  • Service refers to the Application, Website, Dashboard, and API collectively.
  • Country refers to: Washington, USA.
  • Extensions means third-party software components that enhance or extend the functionality of the Application.
  • WindowSill+ refers to premium features, subscriptions, or licenses available for the Application.
  • WindowSill Pro refers to premium features, subscriptions, or licenses available for the Application for enterprise organizations.
  • Microsoft Store refers to Microsoft's digital distribution platform for Windows applications.
  • AI Service Providers means third-party artificial intelligence service providers such as OpenAI, Anthropic, Azure OpenAI, Google (Gemini), xAI, OpenRouter, or other AI companies whose services are integrated with the Application.
  • Sentry refers to Sentry.io, a third-party error tracking and performance monitoring service used by the Application to collect anonymous usage data and performance metrics.
  • Stripe refers to Stripe, Inc., a third-party payment processor used by the Website and Service to handle subscription billing for enterprise organizations.
  • Dashboard refers to the web-based interface accessible through the Website where users can manage their accounts, organizations, billing, and settings.
  • Remote Settings refers to configuration settings managed through the Dashboard that are synchronized to the WindowSill desktop Application for enterprise deployments.
  • Device Token refers to an authentication token created by organization administrators that enables silent sign-in for the WindowSill desktop Application in enterprise deployments.
  • Subscription refers to a recurring payment arrangement for WindowSill+ or WindowSill Pro features, either through the Microsoft Store (for individuals) or Stripe (for enterprise organizations).
  • Service Provider means any natural or legal person who processes the data on behalf of the Developer. It refers to third-party Service Providers or individuals who facilitate the Service, provide the Service on behalf of the Developer, perform services related to the Service, or assist the Developer in analyzing how the Service is used.
  • Personal Data is any information that relates to an identified or identifiable individual.
  • Non-Personal Data is any information that does not relate to an identified or identifiable individual.
  • Device means any device that can access the Service such as a computer, cellphone, or digital tablet.
  • Usage Data refers to anonymous data collected automatically by the Application and transmitted to Sentry for performance monitoring and improvement purposes (for example, application crash reports, error logs, performance metrics, and feature usage statistics).

2. Information We Collect

2.1 Anonymous Usage Data and Performance Information

The Application automatically collects anonymous Usage Data and performance information which is transmitted to Sentry, a third-party error tracking and performance monitoring service. This data is collected for the purpose of Application performance monitoring, reliability improvement, and error detection. The collected data includes:

  • Application crash reports and error logs (anonymized)
  • Performance metrics (startup time, memory usage, response times)
  • Feature usage statistics (which features are used and how often)
  • Device information (operating system version, hardware specifications)
  • Application version and configuration information

2.2 Sentry Integration

The Application uses Sentry.io for error tracking and performance monitoring. Anonymous Usage Data is transmitted to Sentry's servers located in the United States. This integration allows the Developer to:

  • Monitor application performance and stability
  • Identify and fix bugs and crashes
  • Understand how features are being used
  • Improve overall application quality

Sentry's data processing is subject to Sentry's Privacy Policy and their data processing agreements. Sentry is certified under various privacy frameworks and implements appropriate security measures for data protection.

2.3 Website Analytics

The Website may use standard web analytics tools to understand how visitors interact with the Website. This helps the Developer improve the Website experience and includes Non-Personal Data such as page views, referral sources, and general geographic regions. This is separate from the Application and applies only to Website usage.

2.4 Website Cookies

The Website uses cookies to provide and improve the user experience. We use two types of cookies:

  • Essential Cookies: These are necessary for the Website to function properly and cannot be disabled. They enable basic functions like page navigation and access to secure areas of the Website.
  • Analytics Cookies: These cookies help us understand how visitors interact with the Website by collecting and reporting information anonymously. They are used with Google Analytics to measure Website performance and user engagement. These cookies are only set with your explicit consent.

For analytics cookies, we use Google Analytics which is subject to Google's Privacy Policy. We have configured Google Analytics to anonymize IP addresses and use secure, strict cookie settings.

2.5 Account Data

When You create an account through the Dashboard, the Developer collects and stores the following Personal Data:

  • Email address - Used for account identification, authentication, and communication
  • Display name - Your chosen name displayed within the Service
  • Account type - Whether Your account is Individual or Enterprise
  • Account timestamps - When Your account was created and last login time
  • IP address - Temporarily stored when verification codes are requested, for security purposes

2.6 Organization Data

If You create or join an organization through the Dashboard, the Developer collects and stores:

  • Organization name - The display name of Your organization
  • Domain - The email domain associated with Your organization (e.g., company.com)
  • Member information - List of organization members and their roles (Admin or Member)
  • Billing identifiers - Stripe customer and subscription IDs for payment processing
  • Remote Settings - Configuration settings that sync to the WindowSill desktop Application
  • Device Tokens - Authentication tokens for enterprise deployment (stored encrypted)
  • AI provider API keys - If configured, Your AI provider API keys are stored with AES encryption

2.7 Payment Processing

The Service uses different payment processors depending on Your subscription type:

For Individual Users (B2C): WindowSill+ subscriptions and lifetime licenses purchased through the Microsoft Store are processed entirely by Microsoft. The Developer does not have access to Your payment card information or billing details for these purchases.

For Enterprise Organizations (B2B): WindowSill Pro subscriptions and lifetime licenses are processed through Stripe. The Developer stores only Stripe identifiers (customer ID, subscription ID) and billing event history. Your payment card information is handled directly by Stripe and is never stored on the Developer's servers.

Stripe's data processing is subject to Stripe's Privacy Policy. Stripe is certified under various privacy frameworks including SOC 2 and implements appropriate security measures for payment data protection.

3. Third-Party AI Services

The Application integrates with various AI Service Providers to offer text assistance features. When You use AI-powered features, Your text may be sent to these third-party AI Service Providers for processing:

4. Extensions

The Application supports third-party Extensions that may enhance its functionality. From a privacy perspective:

4.1 Extension Data Handling

Extensions operate independently from the Application and may have their own data collection, processing, and privacy practices. The Developer has no control over or visibility into:

  • What data Extensions may collect from You or Your Device
  • How Extensions process or store Your information
  • Whether Extensions transmit data to external servers
  • Extension compliance with privacy laws and regulations

4.2 Developer's Responsibility Regarding Extensions

The Developer does not:

  • Monitor or control Extension data collection practices
  • Have access to data collected by Extensions
  • Validate Extension privacy policies or practices
  • Accept responsibility for Extension privacy violations
  • Provide support for Extension-related privacy issues

4.3 Your Privacy Rights with Extensions

When using Extensions, You should:

  • Review each Extension's privacy policy before installation
  • Understand what permissions and data access Extensions require
  • Contact Extension developers directly for privacy-related concerns
  • Remove Extensions if You are uncomfortable with their privacy practices
  • Monitor Extension behavior and data usage on Your Device

5. Microsoft Store Integration

The Application is distributed through the Microsoft Store. Microsoft handles all purchase transactions, subscription management, and payment processing for WindowSill+ subscriptions and lifetime licenses. The Developer does not have access to Your payment information or Personal Data from Microsoft Store purchases.

For subscription management, refunds, or billing inquiries, please refer to:

6. Data Security

The security of Your anonymous Usage Data is important to us. The following security measures apply:

  • Only anonymous, non-personal data is transmitted from the Application
  • No Personal Data is collected or transmitted by the Application
  • Access to Usage Data is restricted to authorized personnel for application improvement purposes only

7. Data Retention

The Developer retains different types of data for different periods based on operational and legal requirements:

  • Account Data: Retained until You request account deletion. Upon deletion request, Your data will be removed within 30 days, except where retention is required by law.
  • Verification Codes: Automatically expire (15 minutes for sign-in, 24 hours for registration) and are deleted after use or expiration.
  • Organization Data: Retained while the organization is active. When a member leaves an organization, their membership data is deleted, except for billing event records.
  • Billing Events: Retained for approximately 30 days after organization departure for operational purposes, and up to 7 years for tax and audit compliance where required by law.
  • Anonymous Usage Data (Sentry): Retained according to Sentry's data retention policies. Since this data is anonymous and cannot be linked to individual users, it is used solely for application improvement purposes.

8. Your Rights and Choices

8.1 Privacy Choices

Regarding data management and privacy choices, You have the following options:

  • Anonymous Data: Since all Usage Data transmitted to Sentry is anonymous, the Developer cannot identify or modify data associated with individual users
  • Local AI Only: Choose to use only local AI models to ensure all AI processing remains on Your Device
  • Cookie Management: You can manage your cookie preferences for the Website through the cookie consent banner or by clearing your browser's cookies. Analytics cookies are only set with your explicit consent and can be declined at any time
  • Extension Control: You can install, uninstall, or disable Extensions at any time through the Application's settings
  • Contact Developer: Contact the Developer if You have questions about the Application's data handling or would like to request information about the types of data collected

8.2 Data Subject Rights (GDPR/CCPA)

Depending on Your location, You may have certain rights under data protection laws such as the General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA). These rights may include:

  • Right to Access: Request a copy of the Personal Data the Developer holds about You
  • Right to Rectification: Request correction of inaccurate Personal Data
  • Right to Erasure: Request deletion of Your Personal Data (subject to legal retention requirements)
  • Right to Data Portability: Request Your data in a structured, commonly used format
  • Right to Restriction: Request limitation of processing of Your Personal Data
  • Right to Object: Object to processing of Your Personal Data for certain purposes

To exercise any of these rights, please contact the Developer at support@getwindowsill.app. The Developer will respond to Your request within 30 days and may require verification of Your identity.

9. Children's Privacy

The Application does not knowingly collect Personal Data from children under 13. The anonymous Usage Data collected through Sentry cannot be linked to individual users, including children. If You are a parent or guardian and have concerns about Your child's use of the Application, please contact the Developer.

10. Changes to This Policy

The Developer may update this Privacy Policy from time to time. The Developer will notify users of any material changes through the Application or on the Website. Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

11. Contact Information

If You have any questions about this Privacy Policy or the Developer's privacy practices, please contact the Developer:

12. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of the jurisdiction where the Application is developed and maintained.


For the most up-to-date version of this Privacy Policy, please visit the Website regularly.

An unhandled error has occurred. Reload 🗙

Rejoining the server...

Rejoin failed... trying again in seconds.

Failed to rejoin.
Please retry or reload the page.

The session has been paused by the server.

Failed to resume the session.
Please retry or reload the page.