Privacy Policy

How we handle your data on delixon.dev and the Delixon ecosystem.

About this policy

This policy covers the Delixon platform (delixon.dev, the account panel and the ecosystem shell): account creation and sign-in, language preferences, community features and cross-product communications. Each product in the ecosystem (Nexenv, ContractSanbox, PrismGraph...) has its own privacy notice for the data it collects directly — look for the Privacy link in the product's own footer.

Data controller

XPlus Technologies LLC is the legal entity responsible for processing personal data on the Delixon platform. Delixon Labs is the developer-tools firm operated by XPlus Technologies that publishes the products in the ecosystem.

Data we collect

When you create a Delixon account or use the platform we store:

  • Account data: username, email, hashed password, preferred language.
  • Session data: HttpOnly authentication cookie, CSRF token.
  • Content you post on community features (forum posts, comments, etc. when available).
  • Server-side request logs (IP, user agent, timestamp) retained for a limited time for security and abuse prevention.

We do not run third-party analytics, advertising trackers or behavioural profiling on delixon.dev.

Purpose

  • Operate your account and keep you signed in securely across the ecosystem.
  • Remember your language preference and similar account settings.
  • Deliver transactional emails (account confirmation, security, waitlist confirmations for specific products).
  • Detect and prevent abuse (rate limiting, brute-force protection).

We never use your data for advertising, profiling or resale to third parties.

Cookies

We only use essential cookies: the session cookie (HttpOnly), the CSRF token and the language preference. No analytics cookies, no advertising cookies, no cross-site tracking.

Storage and security

Data is stored on dedicated servers in the European Union (Hetzner) with TLS in transit, HttpOnly cookies, SSH key-restricted access and GPG-encrypted backups (AES256). Passwords are stored as Django PBKDF2 hashes — never in plain text.

Sub-processors

  • Hetzner (EU) — server hosting.
  • Cloudflare — CDN, DDoS protection and DNS.
  • Resend — transactional email delivery.

We do not sell, share or trade your data with any other third party.

Product-specific data

Waitlists, in-product telemetry or any other data collected inside a specific product (Nexenv, ContractSanbox, PrismGraph) are covered by that product's own privacy notice, available from its landing page footer.

Your rights (GDPR)

You can request access, rectification, portability, deletion or withdrawal of consent at any time by writing to [email protected]. We respond within 30 days. You may also file a complaint with your local data-protection authority (AEPD in Spain).

Security contact

Report vulnerabilities or security issues to [email protected].

Last updated

2026-04-18.

← Back to home