Privacy Policy

Last updated: January 31, 2026

Your privacy is important to us. Here's how we protect your data.

GDPR CompliantData EncryptedYour Data Your Rights

Your Privacy Rights at a Glance

  • Access – Get a copy of your data: Download My Data
  • Rectification – Correct inaccurate data: Edit in Account Settings
  • Erasure – Delete account & data: Delete Account
  • Object – Opt out of processing: Manage Cookie Preferences
  • Portability – Transfer data: Export as JSON/CSV

1. Information We Collect

We collect account data (email, profile), project and activity data, usage data (how you use the product), and technical data (IP, device, logs) necessary to operate and secure the Service.

2. How We Use Your Information

We use your information to operate the Service, provide support, improve performance, ensure security, and comply with legal obligations.

3. Legal Basis for Processing (GDPR)

We process data based on consent (where we ask), contract performance (to provide the Service), legal obligations, and legitimate interests (security, analytics) where balanced with your rights.

4. Data Sharing & Disclosure

We share data with service providers that help us run the Service (e.g. hosting). We may disclose data when required by law. We do not sell your personal data.

5. Data Retention

We retain your data while your account is active. After account deletion, you have a 30-day grace period to cancel; then data is permanently deleted. Backups are purged within 90 days.

6. Security Measures

We use encryption at rest (AES-256) and in transit (TLS 1.3), access controls, and incident response procedures. We conduct regular reviews to improve security.

7. Your Privacy Rights

You have the right to access, rectify, erase, restrict, object, and port your data. You can exercise these via account settings or by contacting us. We respond within 30 days and may verify your identity.

8. Cookies & Tracking

We use cookies as described in our Cookie Policy. You can manage your preferences at any time.

9. International Data Transfers

Data may be processed in regions where our service providers operate. We use appropriate safeguards (e.g. standard contractual clauses) where required.

10. Children's Privacy

The Service is not intended for users under 13 (or 16 in the EU). We do not knowingly collect data from children. If we learn a child has provided data, we will delete it.

11. Changes to This Policy

We may update this policy and will notify you via email or in-app notice. The effective date will be stated at the top.

12. Contact & Data Protection

Privacy questions: privacy@deximind.dev. For GDPR, you may also contact your local data protection authority.