LEGAL

Privacy Policy

Last updated: July 4, 2026

Draft pending legal review. The short version: we collect little, we host it ourselves on our own infrastructure, and we don't sell or share it with advertisers. Sovereignty is the product — it applies to your data too.

1. What we collect

  • Signup & contact forms: name, work email, company, optional team size or message, your chosen plan, and the timestamp of your Terms of Service acceptance.
  • Platform operation: per-application resource-usage metrics (CPU, memory, storage, egress) — collected to run the platform and compute your bill at the published rates, not to profile you.
  • Site analytics: self-hosted, first-party product analytics (no third-party ad trackers, no data brokers, no cross-site tracking).

2. Where it lives

On our own infrastructure. Form submissions are stored in our own Postgres database; contact and trial requests are mirrored into our self-hosted CRM. Nothing above is handed to a third-party SaaS processor — the same sovereign stack we sell is the one your data sits on.

3. What we use it for

  • Provisioning and operating your account and trial.
  • Billing, at the published rates.
  • Replying to you, and occasionally telling you about the platform (you can opt out of anything that isn't operational).

4. What we will never do

  • Sell your data.
  • Share it with advertisers or data brokers.
  • Mine your applications or their data for our own purposes.

5. Retention & deletion

We keep account records while your account is active and for a reasonable period afterward for tax and legal purposes. Email hello@paddington.io to ask what we hold about you or to request deletion — a human answers, and we comply unless the law requires otherwise.

6. Cookies

The marketing site uses no advertising cookies. Signed-in surfaces (the portal) use strictly functional session cookies.

7. Contact

Privacy questions: hello@paddington.io. See also our Terms of Service.