Privacy Policy

ndexr.io

Effective April 16, 2026

At ndexr.io, we are committed to protecting your privacy. This policy outlines how we collect, use, and protect your personal information. By using ndexr.io, you agree to this Privacy Policy.

1. Information We Collect

Information you provide

  • Account information: When you sign up via Google OAuth, we receive your email address, display name, and profile picture from Google. We do not receive or store your Google password.
  • AWS credentials: If you connect your own AWS account, we store the credentials you provide solely to manage infrastructure on your behalf. These are encrypted at rest.

Information collected automatically

  • IP address: Used for access control, rate limiting, and security monitoring.
  • Browser and device info: Used to ensure compatibility and improve the user experience.
  • Usage data: Pages visited and features used, collected to improve the platform.

2. How We Use Your Information

  • Authenticate you and manage your account.
  • Provision and manage cloud infrastructure you request.
  • Improve platform functionality and user experience.
  • Communicate service updates, changes, or issues.
  • Detect and prevent abuse, fraud, or security incidents.

3. Data Sharing

We do not sell your data. We share data with third parties only as necessary to operate the platform:

AWS

Infrastructure hosting and cloud services you provision through the platform.

Google

Authentication via OAuth. We do not send your usage data to Google.

Stripe

Payment processing. Stripe handles card info directly; we never store card numbers.

We may also disclose information if required by law or to protect the rights, property, or safety of ndexr.io, our users, or the public.

4. Cookies and Local Storage

We use session cookies to keep you logged in. We do not use third-party tracking cookies or advertising pixels.

5. Your Rights

1
Access — request a copy of your data
2
Correction — fix inaccurate information
3
Deletion — remove your account and data
4
Portability — export in a portable format
5
Opt-out — unsubscribe from non-essential comms

To exercise any of these rights, contact fdrennan@ndexr.io.

6. Data Security

We use TLS encryption in transit, encryption at rest, IP-based access controls, and restricted administrative access. No system is perfectly secure, but we take commercially reasonable measures to protect your information.

7. Data Retention

We retain your data while your account is active. After deletion, certain data may be retained for up to 90 days as required by law or for legitimate business purposes (e.g., resolving disputes).

8. Third-Party Links

Our platform may link to third-party websites. We are not responsible for their privacy practices.

9. Children's Privacy

ndexr.io is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it.

10. Policy Updates

We may update this policy to reflect changes in our practices or legal requirements. Material changes will be posted on the website with an updated effective date.

11. Contact Us

Questions? Contact us at fdrennan@ndexr.io.

Terms of Service Back to home