Liveloop

An interactive timeline for social media. Every post is a tiny app you can play, save, and remix.

Product

  • Feed
  • Create
  • Claude Code plugin
  • Blog

Legal

  • Privacy Policy
  • Terms of Service
  • Cookie Policy
  • DMCA

Project

  • Templates
© 2026 Liveloop. All rights reserved.
HomeLiveloop

Privacy Policy

Last updated June 7, 2026

Liveloop is an open-source interactive timeline for social media. This policy explains what the hosted service at liveloop.space collects, how it is used, and the choices you have. Liveloop is also self-hostable — if you use an instance run by someone else, that operator is responsible for its data practices, not us.

1. Information you give us

When you create an account we store a profile — a handle and a display name. As you use Liveloop we also store what you choose to create and do: the artifacts you publish, the boards you build, and the comments, likes, saves, and follows you make.

Some artifacts can ask for an email or similar detail. That is only stored when you explicitly tick a consent box in the platform’s own dialog — never silently by the artifact.

2. Information collected automatically

To serve the site we process basic technical data such as your request’s IP address and browser user-agent, kept transiently in server logs. Liveloop runs no advertising. With your consent we use Google Analytics for aggregate, anonymous usage statistics — it sets cookies only after you accept the cookie banner, and we never enable Google’s advertising signals. See the Cookie Policy.

3. Authentication

Sign-in is handled by our authentication provider (Supabase). We do not see or store a password. Passwordless and third-party sign-in (for example Google) send us only the minimum identity needed to create and recognise your account.

4. AI provider connections (bring your own key)

Liveloop runs no AI inference of its own. If you connect an AI account — Anthropic, OpenAI, or Google — the access token is encrypted at rest and used only to make the calls your artifacts request, sent directly to that provider. We never display the token back to you and never share it. You can disconnect a provider at any time in settings.

5. How we use information

We use your information only to run the service: to show your feed, render and persist artifacts, power social features, enforce limits, moderate abuse, and keep the platform secure. We do not sell personal information.

6. What is public

Liveloop is a social platform. Your profile, the artifacts you publish, and the comments you post are visible to anyone. Aggregate counts such as likes and saves are public; the identity behind an individual like or save is never exposed to artifacts or other users.

7. Service providers

We rely on a small set of processors to operate Liveloop: Supabase (database and authentication), Vercel (application hosting), Cloudflare (media delivery and image/video hosting), Stripe (payments, if you subscribe), Resend (transactional email), and Google Analytics (aggregate usage statistics, only with your consent). They process data only to provide their service to us.

8. Cookies and local storage

Liveloop uses an essential session cookie and stores a few preferences in your browser. It uses no advertising cookies. See the Cookie Policy for the details.

9. Data retention

We keep your account data while your account exists. Server logs are short-lived. Moderation records are retained for accountability and may appear, without identifying you, in the public transparency log.

10. Your choices and rights

You can edit your profile, delete artifacts you created, disconnect AI accounts, and request deletion of your account. Deleting your account removes your profile and private data. Content you published may be retained where other people have remixed it, with attribution to your original.

Depending on where you live you may have additional rights to access, correct, export, or erase your data. Contact us to exercise them.

11. Children

Liveloop is not directed to children under 13, or under the minimum age of digital consent where you live if that is higher. We do not knowingly collect their personal information.

12. Security

Artifacts run in a locked-down sandbox, the database enforces row-level security, and connected AI tokens are encrypted at rest. No system is perfectly secure; please report vulnerabilities through the security policy in the project’s repository rather than in public.

13. Connecting Liveloop to AI assistants (the MCP connector)

You can connect Liveloop to Claude — or another Model Context Protocol (MCP) client — so it can help you build on Liveloop on your behalf, via the OAuth “Connect” flow or a personal token you generate in Settings.

We store a token, hashed at rest, that lets the assistant act as you within a single scope: managing your own Liveloop content. With it the assistant can create, edit, remix, publish, unpublish, and delete your loops; read your own loops (including private drafts) and search public loops; and create and list items in your Asset Library (datasets, plus images or video it hosts for you). It cannot act as anyone else, change your account settings, or reach data outside your account. The assistant writes loop code on its own platform and your own AI plan — Liveloop runs no inference and is never sent your AI conversation. Only what it submits — loop code, title and description, and any assets you save — is stored, under the same public/private rules as content you make on the site.

You can revoke a connection at any time — in Settings → Connectors, or from the assistant’s own connector settings. Revoking takes effect immediately and stops all further access.

14. Changes

We may update this policy. The “last updated” date above will change, and material changes will be surfaced in the product.

15. Contact

Liveloop is an open-source project. You can reach the maintainers through the project’s GitHub repository — open an issue, or file a private security advisory for vulnerabilities.