Privacy Policy

1. Scope

This Privacy Policy applies to EOXScriptum services operated by EOXLABS LLC. It covers information processed through the admin dashboard, authentication flows, public APIs, SDKs, media handling, AI-assisted features, content delivery, support interactions, and related product telemetry.

Customer content belongs to the customer. When we process customer content on behalf of a customer, we do so to provide the service and according to the customer's instructions, configuration, and applicable agreement.

2. Information we collect

• Account information: email address, name, role, login state, tenant, and project membership.
• Authentication information: OTP requests, magic-link tokens, password setup metadata, login timestamps, IP address, and user agent.
• Customer content: posts, content type schemas, media, metadata, topics, prompts, revisions, generated images, and feed configuration.
• API and usage data: API key metadata, request path, cache status, rate-limit state, timestamps, project identifiers, and operational logs.
• Device and network data: browser type, approximate location from network metadata, performance timings, and security event information.
• Support and communications: messages you send to us, feedback, issue reports, and related contact details.

3. How we use information

We use information to:

• Operate, secure, monitor, and improve EOXScriptum.
• Authenticate users, enforce tenant isolation, and manage access controls.
• Deliver content through APIs, feeds, caches, media routes, and SDKs.
• Run requested AI-assisted workflows, including generation, rewriting, analysis, and media creation.
• Provide support, troubleshoot issues, and communicate service updates.
• Measure usage, performance, reliability, abuse patterns, and product quality.
• Comply with legal, billing, tax, security, and contractual obligations.

4. AI-assisted processing

When you use AI-assisted features, relevant prompts, site signals, content excerpts, media URLs, screenshots, or generated outputs may be sent to configured AI providers to complete the request. The exact providers and models can vary by environment, feature, and customer configuration.

Do not submit sensitive personal data, regulated health or payment data, confidential trade secrets, or content you are not authorized to process through AI workflows unless your organization has approved that processing.

5. Cookies and local storage

EOXScriptum uses browser storage and similar technologies to keep users signed in, store interface preferences, protect sessions, and improve product reliability. Public content readers may receive standard cache and security headers from the content delivery infrastructure.

6. How information is shared

We do not sell personal information. We may share information with:

• Service providers: infrastructure, hosting, storage, email, analytics, AI, image generation, security, and payment providers that help operate EOXScriptum.
• Customer administrators: organization admins may see user, content, usage, and project information for their tenant.
• Legal and safety parties: authorities or third parties when required by law, to protect rights, or to address security and abuse.
• Business transfers: relevant information may transfer if EOXLABS LLC is involved in a merger, acquisition, financing, reorganization, or sale of assets.

7. Security

We use technical and organizational safeguards designed to protect information, including tenant-scoped access controls, hashed API keys, secure authentication flows, role-based admin access, audit-oriented data structures, and edge infrastructure controls.

No system is perfectly secure. You are responsible for securing your account, maintaining appropriate permissions, rotating API keys when needed, and avoiding client-side exposure of private credentials.

8. Retention

We retain information for as long as needed to provide the service, comply with legal or contractual obligations, resolve disputes, support security investigations, maintain backups, and improve reliability. Retention periods vary by data type, account state, customer configuration, and operational need.

Customers may delete or export certain content through product features where available. Some deleted data may remain temporarily in backups, caches, logs, or audit records.

9. Your choices and rights

Depending on your location, you may have rights to access, correct, delete, restrict, or export certain personal information. You may also have the right to object to certain processing or withdraw consent where processing depends on consent.

For organization-managed accounts, requests may need to go through the customer administrator because the organization controls the account and content workspace.

10. International processing

EOXScriptum is built on distributed infrastructure. Information may be processed in the United States and other locations where EOXLABS LLC, infrastructure providers, or service providers operate. We use appropriate safeguards where required for cross-border transfers.

11. Children

EOXScriptum is intended for business and professional use. It is not directed to children, and we do not knowingly collect personal information from children under 13 or the equivalent minimum age in the relevant jurisdiction.

12. Changes to this policy

We may update this Privacy Policy to reflect changes in the product, law, providers, or security practices. If changes are material, we will take reasonable steps to notify users through the product, by email, or by posting an updated version.

13. Contact

Questions or privacy requests can be sent through your EOXScriptum account channel or to EOXLABS LLC at privacy@eoxscriptum.com.

If you use EOXScriptum through an organization, that organization may be the controller or primary decision-maker for your workspace data.