Privacy Policy

What is this?

The Boring Receiver is a personal, non-commercial project built for learning and experimentation. It is not affiliated with any company. There is no SLA, no uptime guarantee, and no promise of continuity. Use it at your own risk.

What we collect

• Your name and email address (via Clerk, our authentication provider)
• Webhook requests sent to your endpoints — including HTTP method, headers, query parameters, request body, and the sender's IP address
• Timestamps of when requests were received

How long we keep it

Webhook request data is automatically deleted after 10 days. Your account data persists until you delete your account. You can delete individual requests or all requests for an endpoint at any time from the dashboard.

Who sees your data

Only you can see your endpoints and captured requests. We do not sell, share, or monetise your data. The service operator may access data for debugging or maintenance purposes only.

Third-party services

• Clerk — handles authentication and stores your email and name
• Neon — hosts the database where your data is stored
• Render — hosts the backend server
• Vercel — hosts the frontend

Each of these providers has their own privacy policy.

Your rights

You can delete your captured request data at any time from the dashboard. To request full account deletion or ask about your data, email support@theboringreceiver.com

Important warning

Do not send sensitive, confidential, or production data to this service. Webhook bodies and headers — including Authorization tokens, API keys, and cookies — are stored in plaintext. This tool is intended for development and debugging only.