Privacy Policy

Last updated: May 2026

AuthKnox (“we”, “us”, “our”) operates the AuthKnox service and this website. This policy explains what data we collect, why, and how we handle it.

Data we collect

• Account data: email address and any information you provide when registering or joining the early access waitlist.
• Usage data: API request logs (timestamp, region, application ID, response code) retained for audit purposes. No token content is stored.
• Technical data: IP address, HTTP headers — retained in server logs for up to 30 days for security and debugging.

What we do not collect

• No analytics scripts, tracking pixels, or third-party embeds on this website.
• No advertising identifiers.
• No cookies beyond what is strictly necessary to operate the service.

How we use your data

• To operate the AuthKnox service and authenticate your API clients.
• To contact you about your account or the early access programme.
• To investigate security incidents.

Data storage and location

Data is stored on Google Cloud Platform infrastructure. Free-tier data is stored in the EU (Belgium, europe-west1). Pro and Enterprise customers may select their preferred region.

Data retention

Audit logs are retained according to your plan (7 days on Free, 90 days on Pro, 1 year+ on Enterprise). Account data is retained for the duration of your account. You may request deletion at any time.

Your rights

You have the right to access, correct, or delete your personal data. To exercise these rights, contact us at privacy@authknox.com.

Third-party services

We use a small number of third-party services to operate:

• Google Fonts: fonts are loaded from fonts.googleapis.com. Google may log the request. No personal data beyond the IP address is shared.
• FormSubmit.co: early access signups on this website are submitted via FormSubmit. The email address you provide is forwarded to us and stored by FormSubmit per their privacy policy. We do not share it further.
• Google Cloud Platform: all service infrastructure runs on GCP. GCP processes data according to Google’s Data Processing Agreement.

We have no advertising partners and no analytics or tracking scripts on this website.

Cookies

This website does not set any cookies. The AuthKnox API service uses short-lived session tokens for dashboard authentication only — no persistent tracking cookies.

Security

All data in transit is encrypted via TLS 1.2 or higher. Secrets are stored using industry-standard key management (Google Cloud KMS). Client secrets are stored as one-way hashes and cannot be recovered — only rotated.

Children’s privacy

AuthKnox is a developer tool intended for professional use. We do not knowingly collect personal information from anyone under the age of 16.

Changes to this policy

We may update this policy as the service evolves. Material changes will be communicated by email to registered users at least 14 days before they take effect. The “Last updated” date at the top of this page reflects the most recent revision.

Contact

Questions about this policy: privacy@authknox.com