Ecosystem Privacy Policy

The ecosystem may process account details, contact information, workspace names, roles, app selections, authentication events, email verification state, consent records, billing status, subscription state, usage and credit records, support requests, audit events, and security metadata.

App-specific data may include operational activity in XFlow, trust and reputation data in Rataify, diagnostics in AudAiX, writing inputs and outputs in WordGeni, and creative inputs and outputs in Crevux.

Verixet handles billing consent, checkout, trial terms, paid entitlement state, usage, credits, and access governance. Other apps may mirror signed Verixet facts so they can enforce access without becoming the billing source of truth.

Payment card details are handled by payment processors and are not intended to be stored directly by XFlow or satellite apps.

Data is used to create accounts, provide app workflows, route users back to the correct app after setup, enforce entitlements, prevent abuse, secure sessions, send service emails, provide support, measure reliability, and satisfy legal or compliance obligations.

Service emails may include verification messages, welcome messages, billing notices, security alerts, support responses, and important policy updates.

Passwords are hashed. Verification tokens, reset tokens, session records, OAuth state, CAPTCHA tokens, and security metadata are handled with limited retention and operational safeguards.

Retention periods vary by record type, legal requirement, audit need, billing obligation, security need, and customer configuration.

Users can sign in, manage workspace access, request support, unsubscribe from optional marketing where available, and contact the legal or privacy mailbox for access, deletion, correction, portability, objection, or restriction requests.

Some records may be retained where required for billing, security, legal compliance, dispute prevention, audit integrity, or fraud prevention.