Privacy Policy

We collect the minimum personal data needed to operate the service and to comply with our legal obligations. This page explains what we collect, why, how we protect it, and the rights you have over it.

Account data (name, email, password hash, optional 2FA secret), billing data (plan, invoice history, country for tax purposes), and usage data (servers you connect, sites you deploy, feature telemetry at aggregate level). We do not log the contents of your shell sessions or deploy artifacts.

To provide the service (authenticate you, route alerts, deliver invoices), to improve it (triage bugs, measure feature adoption at cohort level), and to comply with law (tax reporting, subpoena response).

We do not sell, rent, or barter personal data to advertisers or brokers. We do not use your data to train third-party models.

We use Stripe and Paddle for payments, Resend for transactional email, Vercel for web hosting, Hetzner for compute, Neon for database storage, and Cloudflare for CDN. A current list with each subprocessor\u2019s region is published at /subprocessors.

Our primary database is located in the United States (us-east-1). EU customers can request dedicated EU-region processing as part of an Enterprise agreement; data will be stored in Hetzner\u2019s Falkenstein (FSN1) region with no transatlantic replication.

Active account data is kept while your account is open and for 90 days after cancellation for restoration. Billing records are kept for seven years to satisfy tax obligations. Audit logs are kept for one year on paid plans, six months on free.

All credentials are encrypted at rest with AES-256, transport is TLS 1.2+, and platform-level 2FA is available on every account. Our security posture is documented separately on the Security page.

Depending on your jurisdiction you have the right to access, correct, export, or delete your data; to object to or restrict processing; and to lodge a complaint with a supervisory authority. Email privacy@molixa.app and we will respond within 30 days.

We use a minimal set of first-party cookies for authentication and preferences. We do not use third-party advertising cookies. See the Cookies page for the full inventory.

Molixa Forge is a tool for developers and operators. We do not knowingly collect data from anyone under the age of 16.

Questions about this policy? Email privacy@molixa.app. Our Data Protection Officer can be reached at the same address.