ArtiShareHost AI artifacts with positive control.
Privacy

ArtiShare privacy overview

This page describes the data ArtiShare currently collects and stores based on the product that is running today. Last updated April 16, 2026.

What we collect
Account and workspace information

Name, email address, Clerk user ID, Clerk organization ID, workspace name, membership role, and workspace member counts.

Artifact content and metadata

Artifact titles, summaries, rendered artifact content, raw payload JSON, source Claude references, version history, and refresh instructions.

Sharing and recipient data

Share link titles, access mode, expiration settings, recipient email addresses, recipient group names, and recipient group memberships.

Verification and access session data

Recipient email, verification status, one-time access code hashes, code expiration timestamps, and short-lived verified session expiration times.

Billing metadata

Stripe customer IDs, subscription IDs, price IDs, plan quantities, subscription status, and billing period end dates.

Refresh and operational metadata

Refresh schedule definitions, job status, last error messages, and output version references.

How we store it

ArtiShare stores application data in managed cloud systems selected for authentication, billing, email delivery, and secure application data storage. Restricted-share one-time access codes are stored as hashes rather than as reusable plain-text values.

How we use it
To authenticate and authorize users

We use Clerk account and organization data to determine who is signed in and which workspace they belong to.

To publish and serve artifacts

We use stored artifact content and versions to render the dashboard, share pages, and fullscreen artifact viewer.

To enforce link access controls

We use recipient emails, groups, and access sessions to decide who can open a restricted share link.

To manage billing

We use Stripe subscription metadata to determine plan status and workspace allowances.

To run scheduled refreshes

We use stored refresh instructions and job metadata to update artifacts without changing existing share links.

Service providers

ArtiShare uses service providers to support authentication, billing, email delivery, and application hosting. We share only the information required to operate those functions.

What ArtiShare does not currently ask for

ArtiShare does not require external viewers to create full accounts in order to open restricted links, and it does not use custom domain tracking, ad-targeting profiles, or broad social profile ingestion as part of the product flow described here.