Privacy Policy

Last updated: February 1, 2026

1. Information We Collect

We collect information you provide directly: account details (name, email), organization information, project data, and usage patterns. We also collect technical data: IP addresses, browser type, device information, and cookies for analytics and service improvement.

2. How We Use Your Information

We use collected information to provide and maintain the Service, improve user experience, send service-related communications, detect and prevent fraud, and comply with legal obligations. We do not sell your personal data to third parties.

3. Code and Repository Data

When you connect Contox, we analyze your codebase structure, conventions, and metadata to power AI features. We do not store your source code on our servers — analysis is performed in real-time and only metadata (file structure, patterns, conventions) is retained.

4. Data Security

We implement industry-standard security measures including encryption in transit (TLS 1.3) and at rest (AES-256), regular security audits, and access controls. We follow SOC 2 Type II compliance standards.

5. Data Retention

We retain your data for as long as your account is active. When you delete your account, we remove all personal data within 30 days. Anonymized, aggregated data may be retained for analytics purposes.

6. Third-Party Services

We use third-party services for hosting (AWS), analytics (PostHog), payment processing (Stripe), and email (Resend). Each third-party provider has their own privacy policy governing their use of your data.

7. Your Rights

You have the right to access, correct, or delete your personal data. You can export your data at any time from Settings. For GDPR/CCPA requests, contact privacy@pilox.dev and we will respond within 30 days.

If you have any questions about these policies, please contact us at legal@pilox.dev.