⟨Privacy Policy⟩

From you, when you sign up and use Mofax:

• Account info: your email address, an optional display name, and (if you signed up with a password) a one-way hash of your password. If you signed up with Google or Microsoft, we store the provider's account ID so we can log you back in.
• Project metadata: the names, slugs, access settings, and deployment history of apps you create.
• App source: the zip or HTML file you upload, stored in object storage so we can rebuild your app on redeploy.
• Encrypted API keys: any environment variables you save are encrypted at rest with AES-256-GCM before they touch our database.
• Build logs: the output of the deploy pipeline. Useful when something fails. Not visible to anyone but you and our staff for support.
• Session cookies: a server-side session row plus an HTTP-only cookie. 30 days. No tracking.

From your visitors(the people who open the apps you deploy): we keep operational logs at the gateway level (request paths, status codes, response times). We don't run analytics scripts in your visitors' browsers.

Three uses, in priority order:

• Run the service. Without your email, project metadata, and app source we can't deploy your app.
• Send transactional email — verification, password reset, magic links for email-domain access controls. No marketing email unless you ask for it.
• Spot abuse and respond to security incidents. We may inspect build logs and content if we have reason to believe an account is misusing the platform.

We use a small set of vendors to run Mofax. Each has its own privacy program and contracts that cover how they handle data on our behalf.

• Fly.io — hosts the control plane and every customer app you deploy.
• Cloudflare — DNS, R2 object storage (where your uploads live), and edge networking.
• Neon — managed Postgres for accounts, projects, deployments, and access settings.
• Resend — outbound transactional email.
• Google, Microsoft— only when you choose to sign in with them. We receive the email address and account ID they release; we don't see your password.

Account data and project data stay as long as your account exists. When you delete a project we tear down the Fly app, remove the DNS record, delete the R2 objects, and remove the database rows. When you delete your account we do the same for every project plus your user record.

Backups roll off based on each subprocessor's schedule. Neon's point-in-time recovery covers the last 7 days on our current plan, so anything you delete may persist in their backups for up to a week after deletion.

You can change or delete your data any time from your account page. If you're subject to a regulation that gives you additional rights (GDPR, CCPA, etc.) email us at the address below and we'll honor a valid request within the timeframe the law requires.

Mofax isn't for children under 13 (or under 16 in the EEA / UK). Don't sign up if you're below that age in your jurisdiction.

We may update this policy. Material changes will be announced by email to registered users. Last updated date at the top of the page reflects the current version.

Privacy questions or a data request? hello@bringyourown.app.