Phluxon

Privacy Policy

Last updated: April 12, 2026

At Phluxon, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.

1. Information We Collect

Personal Information

We collect personal information that you provide when creating an account:

  • Name and email address
  • Profile image (if provided via OAuth)
  • Email verification status

Authentication Data

When you sign in using a third-party provider, we collect:

  • OAuth tokens (access token, refresh token) from GitHub
  • Your unique identifier from the OAuth provider

Automatically Collected Information

When you access our services, we automatically collect:

  • IP address (stored with each session)
  • User agent / browser information (stored with each session)
  • Session tokens and login timestamps
  • API request timestamps and metadata
  • Mapping usage statistics (which transformations you run)

API Usage Data

When you use our API, we log:

  • Request timestamps
  • Which mapping/transformation was used
  • Request status (success or failure)
  • Error messages (if applicable)
  • API key usage counts and rate limit data

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain our services
  • Process transactions and send related information
  • Send administrative information and updates
  • Respond to inquiries and offer support
  • Monitor and analyze usage to improve our services
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

3. Data Sharing and Disclosure

We share your information with the following third-party services:

GitHub

We use GitHub for authentication (OAuth). When you sign in with GitHub, we receive your name, email, and profile image from GitHub. See GitHub's Privacy Statement.

Sentry

We use Sentry for error tracking and monitoring. When errors occur, we send diagnostic data to Sentry including:

  • Error messages and stack traces
  • Request URLs and user IDs
  • Browser console logs
  • Session replays (sampled at 10% of sessions, 100% when errors occur)

See Sentry's Privacy Policy.

Other Circumstances

We may also share your information:

  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with mergers, acquisitions, or asset sales
  • With Your Consent: When you have given explicit permission

4. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and track information about your activity on our services. You can control cookie preferences through your browser settings.

Types of Cookies We Use

  • Essential Cookies: Session cookies for authentication and maintaining your logged-in state
  • Error Tracking: Sentry uses cookies to collect error diagnostics and session replay data

Session Replay

We use Sentry Session Replay to record user interactions for debugging purposes. This captures clicks, scrolls, and page content (with sensitive fields masked). Approximately 10% of sessions are recorded, with 100% recording when errors occur.

5. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law.

  • Account data: Retained until you delete your account
  • Session data: Retained for the duration of your session plus 30 days
  • API usage logs: Retained for analytics and billing purposes
  • Error logs (Sentry): Retained according to Sentry's data retention policies

6. Data Security

We implement appropriate technical and organizational security measures to protect your personal information. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

  • Encryption of data in transit and at rest
  • Regular security assessments
  • Access controls and authentication
  • Secure data backup procedures

7. Your Rights and Choices

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your personal data
  • Portability: Request transfer of your data
  • Objection: Object to certain processing activities
  • Withdrawal: Withdraw consent at any time

To exercise these rights, please contact us using the information provided below.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with applicable laws.

9. Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

10. Third-Party Links

Our services may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

12. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us at:

  • Email: privacy@phluxon.com

See also our Terms and Conditions for information about the rules governing your use of our services.