Skip to content
BlackNode App
Sign in Start workspace

Data & privacy

A practical map of where every byte you generate ends up, how long it stays, and how to delete it. This is the operator's version of the privacy policy.

File locations

Inside your container

  • /workspace/ — your code + data. Persistent volume. Survives restarts. Backed up daily on Pro/Ultra.
  • ~/.claude/ — Claude Code memory + OAuth tokens. Persistent.
  • ~/.config/Code/User/ — VS Code settings + keybindings. Persistent.
  • /opt/skills/ — read-only skill library. Re-mounted from base image on every restart.
  • /tmp/ — wiped on restart. Don't put anything important here.

On our infrastructure

  • Hetzner (Falkenstein, DE) — your container + its volume. EU jurisdiction.
  • Supabase (Frankfurt) — account row, workspace metadata, billing status. EU jurisdiction.
  • Cloudflare R2 (global, EU-pinned for our bucket) — daily backups of /workspace.
  • Stripe (Ireland, with US transfer under SCCs) — billing only. We never see card data.

Backup schedule

  • Starter — no automatic backup. Run r2-upload /workspace my-bucket manually whenever you want one.
  • Pro — daily snapshot of /workspace to R2, retained 7 days.
  • Ultra — daily snapshot, retained 30 days, plus weekly archive snapshot retained 6 months.

Snapshots are point-in-time tar.gz archives. Restore = mount the archive read-only at /workspace-restore and rsync what you want.

Restore from backup

# Inside the workspace
sudo bn-restore --list
# > 2026-05-21T03:00Z  workspace-x9c2-2026-05-21.tar.gz
# > 2026-05-20T03:00Z  workspace-x9c2-2026-05-20.tar.gz
sudo bn-restore --snapshot 2026-05-20T03:00Z
# mounts under /workspace-restore — rsync what you need

What we do NOT collect

  • We do not read /workspace contents.
  • We do not log Claude prompts or responses.
  • We do not run any third-party analytics, ad pixels, or fingerprinting.
  • We do not train AI models on your data.

Delete just your workspace

From the dashboard → cog icon → Danger zone → Destroy. The container + volume are wiped immediately. Your account stays.

Delete everything (GDPR)

Email privacy@blacknode.tech from the address you signed up with. Within 30 days we delete:

  • Supabase Auth row for your user.
  • All user_workspaces + workspace_events rows.
  • Container + volume on Hetzner.
  • R2 backups (Pro/Ultra).
  • Stripe customer (the subscription stays cancelled).

Operational logs (90-day retention for security forensics) age out separately, never longer than 90 days.

Encryption

  • At rest — Hetzner SSDs are LUKS-encrypted. R2 buckets are server-side encrypted (AES-256).
  • In transit — TLS 1.3 everywhere. HTTP requests are redirected to HTTPS at the edge.
  • Workspace password — bcrypt-only in our DB. Plain text shown to you once, never stored.

Sub-processors

By signing up you consent to data transfer to: Supabase (Frankfurt), Cloudflare (global, EU-pinned bucket), Hetzner (Falkenstein, DE), Stripe (Ireland, US-SCC), IPRoyal (Lithuania), Anthropic (US — only data you send via claude login).

Last updated 2026-05-21 Edit on GitHub soon