Privacy Policy

1. Information We Collect

When you create an account, we collect your email address. When you subscribe to CyrusX Pro, Stripe processes your payment and we store a subscription record linked to your user ID — we do not store your credit card details.

For rate limiting purposes, we may log your IP address temporarily to enforce free-tier usage limits. This data is not shared or used for any other purpose.

2. How We Use Your Information

• — To provide and maintain access to CyrusX tools
• — To process Pro subscriptions via Stripe
• — To enforce usage limits on free-tier tools
• — To send account-related emails (e.g. subscription receipts)

We do not sell your personal data to third parties.

3. Tool Usage Data

Inputs you enter into tools (IP addresses, domains, email headers, etc.) are processed server-side to return results. We do not store or log tool inputs beyond what is required for rate limiting.

The Password Breach Checker uses k-anonymity — your password is hashed in your browser and only the first 5 characters of the hash are sent to our servers. Your actual password never leaves your device.

4. Third-Party Services

CyrusX uses the following third-party services:

• — Supabase — authentication and database
• — Stripe — payment processing
• — Vercel — hosting and deployment

Each of these services has their own privacy policy governing their use of data.

5. Cookies

We use session cookies for authentication purposes only. We do not use tracking or advertising cookies.

6. Data Retention

Account data is retained as long as your account is active. Rate limit records are automatically deleted after 24 hours. You can request deletion of your account by contacting us.

7. Contact

For privacy-related questions, contact us at [email protected].