Legal
Privacy Policy
Last updated: June 2, 2026
1. Who we are
Axiom Routing ("Axiom", "we", "us") provides subscription software development. This policy explains what personal data we collect, why, and what rights you have. If you have questions, email privacy@axiomrouting.com.
2. Data we collect
- Account data: name, email, password hash, display name, avatar.
- Subscription data: tier, billing status, Stripe customer and subscription IDs. Payment card data is handled directly by Stripe — we never see it.
- Request data: request titles, descriptions, files, and comments you submit through the portal.
- Usage data: log-in timestamps, IP addresses, browser type, basic analytics about page views.
3. How we use it
- To provide and operate the Service.
- To process payments and manage your subscription (via Stripe).
- To send transactional emails (status changes, comments, billing) via Resend.
- To improve the product, detect abuse, and meet legal obligations.
We do not sell your personal data and we do not use it to train third-party AI models.
4. Sub-processors
- Supabase — database, authentication, file storage.
- Stripe — payment processing.
- Resend — transactional email delivery.
- Cloudflare — hosting and DNS.
5. Retention
We keep account and request data for as long as your account is active. When you delete your account, we delete or anonymise your personal data within 30 days, except where we are required to keep it (e.g. tax invoices for 7 years).
6. Your rights
Under GDPR, CCPA, and similar laws you can:
- Access and export your data — use the "Download my data" button on your account page, or email us.
- Correct inaccurate data from your account settings.
- Delete your account at any time from your account page. This permanently removes your profile, requests, comments, files, and subscription record.
- Object to processing or withdraw consent by emailing us.
- Lodge a complaint with your local data protection authority.
7. Cookies
We use essential cookies to keep you signed in and remember preferences. We do not use advertising or cross-site tracking cookies.
8. Security
We use Postgres row-level security, encrypted connections, and per-user storage scoping. No system is perfectly secure — please report vulnerabilities to security@axiomrouting.com.
9. International transfers
Data may be processed in jurisdictions outside your own. We rely on Standard Contractual Clauses or equivalent safeguards where required.
10. Changes
We may update this policy. Material changes will be communicated by email or in-app notice.