Prodix

Legal

Privacy Policy

How we collect, use, and protect your information.

Last updated:

Information We Collect

We collect information you provide directly to us and information generated as you use Prodix. This includes:

  • Account information — name, email address, and password when you register.
  • Payment information — billing details processed by our payment processor (Stripe). We do not store full card numbers.
  • Usage data — prompts you submit, apps you generate, credits consumed, and build logs.
  • Technical data — IP address, browser type, device information, and access timestamps.
  • Communications — messages you send us via email or support channels.

We do not collect sensitive personal information such as government ID numbers, financial account numbers beyond payment processing, or health data.

How We Use Your Information

We use the information we collect to:

  • Provide, operate, and improve the Prodix platform.
  • Process your transactions and manage your subscription.
  • Send you transactional emails (receipts, password resets, build notifications).
  • Respond to your support requests and communications.
  • Monitor usage patterns to detect abuse and ensure platform stability.
  • Send you product updates and announcements — you may opt out at any time from your account settings.
  • Comply with legal obligations.

We do not sell your personal information to third parties. We do not use your prompts or generated code to train AI models without your explicit consent.

Information Sharing

We share your information only in the following circumstances:

  • Service providers — trusted third parties who help us operate Prodix (payment processing, cloud infrastructure, email delivery, error tracking). These providers access your data only to perform services on our behalf.
  • Legal requirements — if required by law, court order, or governmental authority.
  • Business transfers — in connection with a merger, acquisition, or sale of assets, with appropriate notice to you.
  • With your consent — for any other purpose with your explicit agreement.

Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will delete or anonymise your personal information within 30 days, except where we are required to retain it for legal or accounting purposes (typically 7 years for financial records).

Generated application code and build artefacts associated with your projects are retained until you delete them or close your account. You can delete individual projects at any time from the dashboard.

Security

We implement industry-standard security measures to protect your information:

  • All data in transit is encrypted using TLS 1.2 or higher.
  • Passwords are hashed using bcrypt with an appropriate cost factor.
  • Payment information is handled by Stripe and never stored on our servers.
  • Access to production systems is restricted to authorised personnel.
  • We conduct periodic security reviews of our infrastructure and dependencies.

No system is completely secure. If you discover a security vulnerability, please report it to nav@cyberpoint.io and we will respond promptly.

Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access — request a copy of the personal data we hold about you.
  • Correction — request correction of inaccurate or incomplete data.
  • Deletion — request deletion of your personal data, subject to legal obligations.
  • Portability — receive your data in a structured, machine-readable format.
  • Objection — object to processing of your data for direct marketing purposes.

To exercise any of these rights, contact us at nav@cyberpoint.io. We will respond within 30 days.

Cookies & Tracking

We use cookies and similar technologies to operate the platform and understand how it is used. See our Cookie Policy for full details on what we set and why.

Essential cookies (authentication session, CSRF protection) cannot be disabled as they are required for the platform to function. You can control non-essential cookies through your browser settings.

Third-Party Services

Prodix integrates with the following third-party services, each governed by their own privacy policies:

  • Stripe — payment processing.
  • Railway — cloud infrastructure hosting Prodix.
  • Anthropic / OpenAI — AI inference used to generate your applications. Prompts are sent to these providers to generate code. Their data processing policies apply.
  • GitHub — optional OAuth sign-in and repository deployment, if you choose to connect your account.
  • E2B — sandbox execution environment for live app previews.

Children's Privacy

Prodix is not directed at children under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately and we will delete it.

Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or by posting a prominent notice on the platform before the changes take effect. Continued use of Prodix after the effective date constitutes acceptance of the updated policy.

The date at the top of this page reflects when this policy was last revised.

Contact

If you have questions about this Privacy Policy or how we handle your data, please contact us: