Privacy
Policy

01

Information We Collect

At INEXX Interactive, your privacy is a design principle, not a compliance checkbox. We collect the minimum data necessary to operate our services, and nothing more.

• Account Data: Username, email address, and cryptographically hashed passwords (bcrypt, 14 rounds minimum). We never store raw passwords.
• Security Logs: IP address, browser user-agent, and login timestamp — retained strictly to detect unauthorized access and protect your account.
• User Content: Files, avatars, and messages you voluntarily upload or submit through our services.
• Technical Data: Anonymized performance metrics and error logs used exclusively for service stability and improvement.

02

How We Use Your Data

Your data is used exclusively to operate, maintain, and secure INEXX services. We do not build advertising profiles, sell data, or engage in behavioral tracking.

• Authenticating your account via session tokens and Two-Factor Authentication (2FA).
• Sending critical security notifications, OTP codes, and password reset instructions.
• Detecting, investigating, and preventing fraudulent activity, abuse, and unauthorized access.
• Sending product updates if you explicitly opted in. You can revoke this at any time.

03

Data Sharing & Third Parties

We do not sell your personal data. Ever. Your information does not leave our infrastructure except under the following strictly limited circumstances:

• When required by a valid legal order or court subpoena from a competent jurisdiction.
• To prevent imminent harm, fraud, or illegal activity targeting our users or infrastructure.
• To transactional service providers (email delivery, payment processing) under strict data processing agreements.

04

Cookies & Session Storage

We use session-essential cookies only — strictly necessary to keep you authenticated. We do not use third-party tracking cookies, advertising pixels, or behavioral analytics tools. Your browsing behavior on our site stays on our site.

05

Your Rights (GDPR / CCPA)

Depending on your jurisdiction, you hold the following rights regarding your personal data:

• Right to Access: Request a full export of all data we hold on you.
• Right to Erasure: Request complete deletion of your account, content, and all associated logs from our active databases.
• Right to Portability: Receive your data in a machine-readable format.
• Right to Opt-Out: Withdraw marketing consent instantly via your profile settings or by contacting us directly.
• Right to Correct: Update inaccurate data held about you at any time through your account settings.

06

Security & Data Retention

All data is transmitted over TLS 1.3. Passwords and 2FA secrets are stored using one-way cryptographic hashes. Our infrastructure is monitored 24/7 and subject to regular independent security assessments. Active accounts retain their data for the duration of account activity. Dormant accounts may be purged after extended inactivity with prior notification.