Privacy Policy
EZKeel is operated by EZKeel ("we", "us"). This policy describes the personal data we collect from visitors to ezkeel.com and users of the EZKeel CLI and dashboard, what we do with it, and how to contact us about it.
Data we collect
- Waitlist email. When you submit the form on the homepage, we receive your email address. The form posts to Web3Forms, which forwards the submission to us by email. Web3Forms does not store the submission long-term beyond that delivery.
- Account data. If you create an account on the hosted dashboard, we store your email, a hashed password, and an encrypted copy of any API keys, SSH keys, or Hetzner tokens you add in order to operate your servers.
- Operational data. The dashboard records the servers and apps you deploy, deploy/log/metric history for those apps, and chat history with the AI agent so the assistant can answer follow-up questions.
- Server logs. Standard HTTP server logs (IP, path, user agent, timestamp) are kept for short-term abuse and troubleshooting purposes.
- Billing data. If you subscribe to a paid plan, Stripe handles payment data on its own infrastructure. We store the Stripe customer ID and subscription status only.
How we use it
- To run the EZKeel service: authenticate you, deploy the apps you ask us to deploy, render dashboards, and operate the AI agent.
- To contact you about the service (account changes, security notices, waitlist updates).
- To debug and improve the product.
We do not sell personal data. We do not share it with advertisers. We do not run third-party advertising or analytics trackers on this site.
Sub-processors
- Web3Forms — relays waitlist submissions.
- Stripe — processes payments.
- Resend — delivers transactional email (verification, password reset, account notices).
- Hetzner — hosts the production VPS and any servers you choose to provision through EZKeel.
- Cloudflare — DNS and edge caching for the marketing site.
- GitHub Pages — hosts the marketing site.
Retention
Account data is retained for the life of your account. Server logs are retained for up to 30 days. App metrics and log lines are retained for 7 days by default. Backups are retained for 30 days. We delete account and operational data within 30 days of an account-deletion request, except where we are required to keep records for legal, accounting, or fraud-prevention purposes.
Security
API keys, SSH keys, and provider tokens are encrypted at rest with AES-256-GCM using server-side keys held only by the control plane. Passwords are stored as bcrypt hashes. Sessions use HTTP-only secure cookies and are invalidated when you change your password.
Your rights
You can ask us to access, correct, export, or delete your personal data. Email privacy@ezkeel.com and we will respond within 30 days. If you are in the EU/UK and believe we are mishandling your data, you have the right to complain to your local data protection authority.
Cookies
The marketing site at ezkeel.com sets no cookies. The dashboard at app.ezkeel.com sets a single HTTP-only session cookie for authentication.
Changes
We will update the "last updated" date above when this policy changes. Material changes will be communicated by email if you have an account.
Contact
Privacy: privacy@ezkeel.com
Security: security@ezkeel.com