Privacy Policy

Last updated: March 13, 2026

1. Introduction

AuthzX ("we", "our", or "us") operates the authzx.com website and the AuthzX authorization platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and organization name. If you sign up via a social provider (Google, GitHub), we receive your name and email from that provider.

Usage Data

We collect data about how you use the Service, including API call volumes, policy evaluation counts, and feature usage. This data is used to enforce plan limits and improve the Service.

Authorization Data

You may store subjects, resources, roles, policies, and other authorization data in the Service. This data belongs to you and is processed solely to provide the authorization service.

Payment Information

Payment processing is handled by Stripe. We do not store your credit card number or bank account details. We receive your billing address and a reference to your Stripe customer profile.

Log Data

Our servers automatically record information including your IP address, browser type, referring/exit pages, and timestamps. We use this for security monitoring and debugging.

3. How We Use Your Information

  • To provide, maintain, and improve the Service
  • To process your transactions and manage your subscription
  • To send transactional emails (welcome, password reset, billing notifications)
  • To monitor usage and enforce plan limits
  • To detect and prevent fraud, abuse, and security incidents
  • To respond to your requests and support inquiries

We do not sell your personal information. We do not use your authorization data for any purpose other than providing the Service to you.

4. Data Sharing

We share your information only with:

  • Stripe — for payment processing
  • Email service provider — for transactional emails
  • Infrastructure providers — for hosting and operating the Service

We may also disclose information if required by law or to protect our rights, safety, or property.

5. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or compliance purposes. Audit logs are retained according to your plan tier.

6. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS), encryption at rest, access controls, and regular security monitoring. However, no method of transmission over the internet is 100% secure.

7. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Object to or restrict processing of your data

To exercise any of these rights, contact us at hello@authzx.com.

8. Cookies

We use essential cookies to maintain your session and authentication state. We do not use third-party tracking cookies or advertising cookies.

9. Children's Privacy

The Service is not directed to individuals under 16. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on the Service. Your continued use after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy, contact us at: hello@authzx.com