Privacy Policy

Axura ("we", "us", "our") operates axura.dev, a spacecraft and mission data platform. This Privacy Policy explains how we collect, use, and protect your personal information when you use our services.

By accessing or using Axura, you agree to the collection and use of information in accordance with this policy.

Account data

When you create an account we collect your name, email address, and a hashed password. If you sign in via OAuth (Google or GitHub) we receive the profile information those providers share — typically your name, email, and avatar URL.

Usage data

We log API requests and AI query counts to monitor platform health and enforce tier limits. Usage logs are retained for 30 days and then permanently deleted.

Payment data

All payment processing is handled by Stripe. We never see or store your card details. We retain only your Stripe customer ID and subscription tier for billing purposes.

Cookies

We use a single session cookie for authentication and localStorage for UI preferences (such as sidebar state). We do not use advertising or tracking cookies.

• Provide and operate the Axura platform
• Authenticate sessions and manage your account
• Enforce subscription tier limits
• Send transactional emails (account verification, password resets, billing receipts)
• Diagnose errors and improve platform reliability
• Comply with applicable legal obligations

We do not sell your personal data. We share data only with the following sub-processors, each bound by a data processing agreement:

• Stripe — payment processing
• Supabase — database and authentication infrastructure
• Vercel — application hosting and edge delivery
• Resend — transactional email delivery

Account data is kept for as long as your account remains active. If you delete your account, all personal data is permanently erased within 30 days.

Billing records are retained for 7 years in compliance with Dutch accounting law (fiscale bewaarplicht).

Under the General Data Protection Regulation, you have the right to:

• Access — request a copy of the data we hold about you
• Rectification — correct inaccurate or incomplete data
• Erasure — request deletion of your personal data
• Restriction — limit how we process your data
• Portability — receive your data in a structured, machine-readable format
• Objection — object to certain types of processing

To exercise any of these rights, contact us at privacy@axura.dev.

You also have the right to lodge a complaint with the Dutch data protection authority, the Autoriteit Persoonsgegevens.

All data is encrypted in transit using TLS and at rest within our infrastructure. Row-level security (RLS) is enforced at the database layer via Supabase, ensuring users can only access their own data.

No third party has direct access to our database. Access to production systems is restricted and audited.

We may update this Privacy Policy from time to time. Material changes will be communicated by email to the address associated with your account.

Continued use of Axura after receiving notice of changes constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy or your data, contact us at privacy@axura.dev.

Axura · Amsterdam, Netherlands