Skip to main content
sylphx

Effective Date: January 20, 2026

Privacy Policy

Your privacy matters. This policy explains how we handle your data.

Quick Summary

  • • We collect only what's necessary to provide our services
  • • We never sell your personal data
  • • You can export or delete your data anytime
  • • We use industry-standard encryption (TLS 1.3, AES-256)
  • • GDPR and CCPA compliant

1. Introduction

Sylphx Ltd ("we", "us", or "our") operates the Sylphx platform. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our services.

By using Sylphx, you consent to the practices described in this policy. If you do not agree, please do not use our services.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, password, and profile information when you create an account
  • Billing Information: Payment method details, billing address, and transaction history (processed securely via Stripe)
  • Communications: Information you provide when contacting support or providing feedback
  • User Content: Data you store, upload, or process through our services

2.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, actions taken, and time spent on the platform
  • Device Information: Browser type, operating system, device identifiers, and IP address
  • Log Data: Server logs including access times, error logs, and API usage
  • Cookies: Session cookies for authentication and preferences

2.3 Information from Third Parties

  • OAuth Providers: When you sign in via Google, GitHub, or other providers, we receive your basic profile information
  • Payment Processors: Transaction confirmations and billing status from Stripe

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve our services
  • Process transactions and send billing notifications
  • Send service-related communications and security alerts
  • Respond to your requests and provide customer support
  • Monitor and analyze usage patterns to improve user experience
  • Detect, prevent, and address security issues and abuse
  • Comply with legal obligations

We do not sell your personal information to third parties.

5. Data Sharing

We may share your information with:

  • Service Providers: Third-party vendors who assist in operating our platform (hosting, analytics, email delivery)
  • Payment Processors: Stripe for secure payment processing
  • Legal Requirements: When required by law, court order, or government request
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

We require all third parties to respect the security of your data and process it in accordance with applicable laws.

6. Data Retention

We retain your data for as long as:

  • Your account is active
  • Necessary to provide our services
  • Required by law (e.g., tax records, legal disputes)
  • Needed for legitimate business purposes

After account deletion, we retain certain data for up to 30 days for recovery purposes, then permanently delete it. Some data may be retained longer if required by law.

7. Data Security

We implement industry-standard security measures including:

  • Encryption in transit (TLS 1.3) and at rest (AES-256)
  • Regular security assessments and penetration testing
  • Access controls and authentication requirements
  • Monitoring and logging of system access
  • Employee security training and background checks

No system is 100% secure. If you discover a security vulnerability, please report it to contact@sylphx.com with "SECURITY" in the subject line.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Portability: Receive your data in a structured, machine-readable format
  • Restriction: Limit how we process your data
  • Objection: Object to certain types of processing
  • Withdraw Consent: Withdraw previously given consent

To exercise these rights, contact us at contact@sylphx.com. We will respond within 30 days.

9. International Data Transfers

Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Data processing agreements with all service providers
  • Compliance with applicable data protection frameworks

10. Cookies and Tracking

We use cookies for:

  • Essential Cookies: Authentication and security (required)
  • Functional Cookies: Remembering your preferences
  • Analytics Cookies: Understanding how you use our services

You can manage cookie preferences through your browser settings or our consent manager.

11. Children's Privacy

Our services are not directed to children under 16. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

12. California Privacy Rights (CCPA)

California residents have additional rights:

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of the sale of personal information
  • Right to non-discrimination for exercising privacy rights

We do not sell personal information as defined by the CCPA.

13. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by:

  • Posting the updated policy on this page
  • Sending an email notification for significant changes
  • Displaying a notice in the platform

Your continued use after changes constitutes acceptance of the updated policy.

14. Contact Us

For privacy-related questions or to exercise your rights:

Email: contact@sylphx.com

Company:
Sylphx Ltd
Hong Kong

If you are in the EU and believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection authority.