We don't want your data. We built this platform so we couldn't see it even if we wanted to. This policy explains how we maintain that promise.
We collect the absolute minimum required to operate the service. When you sign up, we need your email. When you pay, Stripe handles the billing; we never see your card number.
For your form submissions, we act as a blind courier. If you enable Ghost Protocol™, the data is encrypted in the browser before it ever hits our network. We store the encrypted blob, but we do not have the key.
We use your contact info to send you invoices and critical system alerts. We do not sell your data. We do not share your data with advertisers. We do not use your data to train AI models.
We use RSA-OAEP for key exchange and AES-GCM for payload encryption. This is not "marketing encryption"; this is mathematical certainty.
You own your data. You can export it, delete it, or move it at any time. Because we support "Bring Your Own Storage" (S3, GCS), you can physically own the data storage location as well.
If you delete your account, we wipe your metadata. Your encrypted form submissions in your own storage buckets remain yours.