Skip to content

Privacy Policy

Last updated: March 15, 2026

Tulip is committed to protecting your privacy. This page explains what data we collect, why, and how you can control it.

Summary (TL;DR)

  • πŸ—ΊοΈ Maps: We proxy Google Maps so you don't need your own API key
  • πŸ› Crash reports: Optional and disabled by default - you choose whether to help us fix bugs
  • πŸ“Š Website: We use privacy-friendly Umami analytics (no tracking, no cookies)
  • βœ… Your data: We don't sell it, share it, or use it for marketing
  • πŸ‡ͺπŸ‡Ί GDPR: EU users' rights are fully respected

What We Collect

1. Google Maps Proxy

What: When you use maps in Tulip, requests go through our proxy server instead of directly to Google.

Why: This lets you use Tulip without getting your own Google Maps API key, making the app easier to use.

Data collected: - IP address (automatically logged by server) - Map tile requests (location coordinates, zoom level) - Request timestamps

How we use it: - Monitor for abuse (excessive requests, API violations) - Ensure service availability - Aggregated statistics feed our website analytics (see below)

Retention: Raw proxy logs are discarded daily. Only aggregated statistics (total requests, no personal data) are retained.

Can you opt out? YES, Just use your own API keys and proxy function is not used.

2. Crash Reports (Sentry)

What: If enabled, Tulip sends anonymous crash reports when the app encounters errors.

Why: This helps us identify and fix bugs faster.

Data collected: - Error messages and stack traces - Tulip version and operating system - Timestamp of the crash - No personally identifiable information is intentionally collected

How we use it: - Debug and fix crashes - Prioritize stability improvements - Improve the app

Retention: Reports are kept until the bug is fixed, then automatically deleted by Sentry after 90 days.

Default: Crash reporting is disabled by default. You must opt in.

How to control: - Enable in Help β†’ Privacy β†’ Help improve Tulip - You can disable it at any time

3. Website Analytics (Umami)

What: Our documentation website uses Umami, a privacy-friendly analytics service.

Why: To understand which pages are helpful and how people use the docs.

Data collected: - Page views (which pages are visited) - Referrer (where visitors came from) - General location (country level, from IP address, not stored) - Device type (desktop/mobile)

What we DON'T collect:

  • ❌ No cookies
  • ❌ No cross-site tracking
  • ❌ No personal information
  • ❌ No IP addresses stored
  • ❌ No fingerprinting

How we use it: Understand which documentation pages need improvement.

Retention: Only aggregated statistics, no personal data retained.

Can you opt out? Umami doesn't track individuals, but you can block analytics with any ad blocker or privacy extension.

Learn more: Umami Privacy

What We DON'T Do

We do not:

  • ❌ Sell your data
  • ❌ Share data with third parties (except Sentry for crash reports, if you opt in)
  • ❌ Use your data for marketing or advertising
  • ❌ Track you across websites
  • ❌ Store personally identifiable information intentionally

Third-Party Services

Tulip uses these external services:

Service Purpose Data Shared Privacy Policy
Google Maps API Map tiles (via our proxy) Location queries, IP address Google Privacy
Sentry Crash reporting (opt-in) Error logs, system info Sentry Privacy
Umami Website analytics Aggregated page views Umami Privacy

Your Rights (GDPR)

If you're in the EU, you have the right to:

  • Access: Request what data we have about you
  • Deletion: Ask us to delete your data
  • Portability: Get a copy of your data
  • Rectification: Correct inaccurate data
  • Objection: Object to data processing

Note: Due to our privacy-by-design approach (daily log deletion, no user accounts), we may have little to no personal data about you.

Data Security

We take reasonable measures to protect data:

  • Proxy server logs are automatically deleted daily
  • Crash reports are encrypted in transit (HTTPS)
  • No user accounts or passwords to secure
  • Minimal data collection reduces risk

Children's Privacy

Tulip is not directed at children under 13. We do not knowingly collect data from children.

Changes to This Policy

We may update this privacy policy occasionally. Changes will be posted on this page with an updated "Last updated" date.

Significant changes will be announced in release notes.

Open Source Transparency

Tulip is open source software. You can:

  • Review the code: GitLab Repository
  • Verify our privacy claims
  • Propose improvements
  • Fork and run your own instance

Technical Details

For developers and privacy enthusiasts:

Proxy logging: 

- Format: Standard nginx access logs
- Retention: 24 hours
- Processing: Aggregated daily for Umami, then discarded
- No cross-correlation with other data

Sentry configuration: 

if (!isDev && isCrashReportsEnabled()) {
  Sentry.init({
    dsn: "URL",
  });
  Sentry.setUser({ip_address: '0.0.0.0'});
}

Umami: 

- Self-hosted instance
- No cookies or localStorage
- No personal data retention
- Aggregated statistics only

This privacy policy reflects our commitment to user privacy and open source transparency.