Skip to content
Oxrion

Legal

Privacy Policy

Last updated: May 2026 · This is a placeholder document. Replace with your jurisdiction's reviewed legal text before launch.

1. Overview

This policy describes how Oxrion collects, uses, and shares information when you use our services. We aim to collect the minimum needed to operate the Service and provide support.

2. Data we collect

2.1 Account data

Email address, hashed password, billing details (handled by Lemon Squeezy — we don't store payment cards).

2.2 Usage data

Files encrypted, API requests, dashboard interactions, IP address, browser type. Used for quotas, debugging, and abuse detection.

2.3 Uploaded files (Cloud only)

PHP files you upload to api.oxrion.com are stored encrypted at rest. Source content is processed in memory only and never written to disk in plaintext.

3. How we use it

  • To provide and operate the Service.
  • To process payments and prevent fraud.
  • To respond to support requests.
  • To send essential service emails (security alerts, billing notices).
  • To improve the Service through aggregated analytics.

4. Cookies

We use a minimal set of cookies: a session cookie for the dashboard, a CSRF token, and a theme preference. We do not use advertising or cross-site tracking cookies.

5. Third parties

  • Lemon Squeezy — payments and tax handling.
  • Crisp — live chat support.
  • Vercel — website hosting.

Each operates under its own privacy policy. Links available on request.

6. Data retention

Account data is retained for the lifetime of your account plus 90 days after deletion for backup purposes. Usage logs are kept for 12 months. Encrypted files follow the lifetime defined by your plan.

7. Your rights

You can request access, correction, or deletion of your personal data by emailing us. We respond within 30 days.

8. GDPR (EU residents)

Under the GDPR, you have rights to access, rectification, erasure, restriction, portability, and objection. Our legal basis for processing is contractual necessity (operating the Service) and legitimate interest (security and fraud prevention).

9. CCPA (California residents)

Under the CCPA, you have rights to know, delete, and opt out of the sale of personal information. We do not sell personal information.

10. Contact

Privacy inquiries: oxrion.ops@gmail.com.