PRIVACY
Your data,
your control,
in plain English.
We collect the minimum data needed to deliver Usedeploy, store it on infrastructure we trust, and never sell it. Everything below explains exactly what that means.
Read this first.
Disclaimer. This document is a starting point and should be reviewed by legal counsel before being treated as binding. Last updated: May 2026. If we make material changes we will say so on this page and notify active customers by email before the change takes effect.
Who we are.
Usedeploy is operated by Martin Coll, an independent monotributista (small-business sole proprietor) registered in Argentina. We are the data controller for the personal data described below. Questions, requests, or complaints: [email protected]. We answer every inbound message within five working days.
What we collect.
Account data.
Your email address, a hashed password (we never see the plaintext), your display name and, optionally, an avatar image you choose to upload. This is the data you give us when you create an account.
Product use.
Records of the projects you create, deployment events, build log metadata, organization membership, and the actions you take inside the dashboard. We need this to run the service and show you your own history.
Billing details.
If you subscribe to a paid plan, our payment processors collect your card or local payment details directly. We only store the resulting customer and subscription identifiers, the plan, and the invoices.
Telemetry and logs.
Server logs (IP address, user agent, request paths, timestamps) for security and debugging, and lightweight product analytics (which pages you visit, which features you use) without third-party advertising trackers.
Support correspondence.
If you email us, we keep the thread so we can follow up. We do not feed support emails into AI training.
What we do not collect.
We do not buy data from data brokers, we do not run third-party ad pixels, and we do not read the application data that you store inside the products you build on top of Usedeploy.
Why we collect it.
Contract performance. We process account data, product use, and billing details so we can actually deliver the service you signed up for. Without this data there is no service. Legitimate interest. We use server logs and basic telemetry to keep the platform secure, detect abuse, fix bugs, and understand which features are worth investing in. We balance that interest against your privacy by minimizing what we store and keeping retention short. Consent. Where the law requires opt-in — for example, optional marketing emails or non-essential analytics in jurisdictions that demand a cookie banner — we only act after you say yes, and you can withdraw consent at any time without losing access to the product.
Subprocessors.
| Provider | Purpose | Region |
|---|---|---|
| Railway | Application hosting, databases, object storage. | United States. |
| Stripe | Card payments and subscription billing. | United States, global. |
| Polar | Checkout and merchant of record for the boilerplate license. | United States. |
| Resend | Transactional email delivery (sign-up confirmations, receipts). | United States. |
| Anthropic | Optional LLM features inside the dashboard (only when you invoke them). | United States. |
| OpenAI | Optional LLM features inside the dashboard (only when you invoke them). | United States. |
| Sentry | Error monitoring and aggregated performance traces. | United States. |
Your rights.
Wherever you are based, you can email [email protected] to ask what we have about you, correct it, export it, or delete it. We reply within five working days and complete the request inside one month. EEA and UK (GDPR / UK GDPR). You have the right to access, rectify, erase, restrict, port, and object to the processing of your personal data, and to lodge a complaint with your local data protection authority. California (CCPA / CPRA). You have the right to know what we collect, to delete it, to correct it, and to opt out of the "sale" or "sharing" of personal information. We do not sell or share personal data in the CCPA sense. Argentina (Ley 25.326). You can exercise your ARCO rights — access, rectification, cancellation, and opposition — and complain to the Agencia de Acceso a la Información Pública if you believe we are mishandling your data. We never charge for these requests and we will never retaliate against you for making one.
Retention.
Account data.
Kept while your account is active. After you cancel, we delete personal identifiers within 30 days, except where we are legally required to keep invoices or tax records.
Operational logs.
Rotated after 12 months. Aggregated metrics with no personal identifiers may be kept longer for capacity planning.
Backups.
Encrypted backups are retained for 30 days and then overwritten. A deletion request will purge live data immediately; backups age out on the next cycle.
Billing records.
Kept for the period required by tax law in the relevant jurisdictions (typically 5 to 10 years).
Security.
Traffic to and from Usedeploy is encrypted with TLS. Passwords are hashed with a modern algorithm — we never store or transmit them in clear text. Two-factor authentication is available to every account and we recommend enabling it. No security program is perfect. If we discover a breach affecting your personal data we will notify you and the relevant authorities within the timeframes required by the laws that apply to you.
International transfers.
Our infrastructure runs primarily in the United States. If you sign up from the EEA, the UK, Argentina, Brazil, or anywhere else, your personal data is transferred to and processed in countries that may not have the same privacy framework as your home jurisdiction. For EEA and UK customers we rely on the European Commission's Standard Contractual Clauses (and the UK addendum) with our subprocessors. For Argentine customers we apply equivalent safeguards under Disposition 60-E/2016 of the Agencia de Acceso a la Información Pública.
Cookies and similar technologies.
We use a small set of cookies and local storage entries: a session cookie that keeps you logged in, a preference cookie that remembers your locale and theme, and a CSRF token used to protect form submissions. None of these are advertising cookies. If we add product analytics in the future, we will surface a consent banner in jurisdictions that require one and you will be able to decline without any loss of functionality.
Changes to this policy.
We will update this page whenever our practices change. Material changes — new subprocessors handling personal data, new purposes for processing, changes to your rights — are announced at least 30 days in advance by email to account holders. Continued use of Usedeploy after a change takes effect means you accept the updated policy.
Contact.
Email [email protected] for any privacy question, data subject request, or complaint. Address mail to Martin Coll, City of Buenos Aires, Argentina. We do not currently have a representative in the EU or the UK; for now please reach us directly.
Still have questions?
Send a note to [email protected]. We answer privacy questions personally, not via a ticket queue.