What Repull AI sees, and what it doesn't.
Repull Studio uses AI to generate code from your prompts. This page lays out exactly what data we send to the AI provider, what we never send, how long we keep things, and how to opt out. Plain English. No surprises.
Last updated 4 May 2026 · Effective for all Studio projects created after this date.
What gets sent to the AI
To generate code that fits your project, the AI needs context. This is the full list of what crosses the wire.
Your prompts
The text you type into the Studio chat — instructions, follow-ups, refinements.
Existing project files
The current contents of your Studio project (source files, config, schema) so the AI has context to edit them.
Conversation history within a project
Earlier messages in the same Studio project, so follow-up requests like ‘make the title bigger’ have the right reference point.
What does not get sent
These categories never leave Repull-controlled storage. The AI provider does not see them, even when generating code that interacts with them.
Your reservations data
Guest names, dates, prices, channel IDs, conversation transcripts — none of it is sent to the AI provider.
Your guest data
Email addresses, phone numbers, ID documents, payment details, check-in instructions — never sent.
Your Stripe / payment data
Cards, payouts, payment methods, owner banking details — handled inside Stripe, never reach the AI provider.
Your Studio Secrets
Anything you store in Studio Secrets is encrypted at rest and decrypted only at runtime inside your deployed app. The AI never sees the values.
Where the AI runs
Repull AI runs on a third-party AI provider hosted in datacenters in the United States and the European Union. We have a Data Processing Agreement in place with that provider; under that agreement your prompts and project files are not used to train models and are not retained by the provider beyond the request lifecycle.
We deliberately keep this description vendor-neutral. The provider we use today may change as the AI landscape evolves. We will update this page and notify active customers if that happens — see the Updates section.
Retention policy
How long Repull keeps each kind of data inside Studio. Different kinds have different lifespans for different reasons.
Generated code
Until you delete it
Your Studio project source code stays in your account until you soft-delete the project. Soft-deleted projects are purged within 30 days.
Conversation history
90 days
Chat messages within a Studio project are kept for 90 days so you can scroll back through how an app evolved. After 90 days they are hard-deleted.
Usage logs
12 months
Aggregate metering for billing and abuse prevention — counts of generations, tokens, deploys per account. No prompt or file content is included.
Studio Secrets
Until you delete them
Stored encrypted at rest. Removed immediately when you delete a secret or the project that owns it.
Opt-out paths
If you want less AI in the loop, you have three escape hatches.
Disable the embedded RepullAgent in your deployed app
Every Studio app ships with the <RepullAgent /> component. You can turn it off with a config flag — set REPULL_AGENT_DISABLED=true in your project environment variables, or remove the component from the page tree. Your team will keep the app, just without the embedded AI.
Delete an individual generation
You can remove a single AI generation (the chat exchange plus the code diff it produced) from a project's history. The conversation message and any associated logs are hard-deleted within 24 hours. The corresponding API endpoint is DELETE /api/studio/projects/{id}/generations/{id}.
Account-level opt-out
Want AI features off across your whole Repull account? Email support@repull.dev and we will flip the flag manually. Studio becomes read-only for existing projects and AI generation is blocked.
Compliance
GDPR
Soft-deleted Studio projects are purged within 30 days, in line with our standard data deletion timeline. You can export your data at any time through the project Export button or by emailing support. Data subject access requests are honored within the 30-day GDPR window.
EU AI Act
Repull Studio is an AI-powered system. The EU AI Act requires that users are informed when they are interacting with AI. This page satisfies that disclosure. The embedded RepullAgent and all Studio chat interactions are clearly labeled as AI in the UI.
SOC 2 Type II
In progress. We are in the observation window for SOC 2 Type II certification covering Studio and the rest of the Repull platform. Updated status will appear here once the audit completes.
Updates
Material changes to this policy require re-acceptance from active customers. The version log lives below.
Questions about how Repull handles your data?
Email privacy@repull.dev for data protection topics, or support@repull.dev for general help.
Back to Studio docs