Legal Documents

Privacy Policy

Last updated: June 26, 2026

At Selixes, we prioritize the privacy and security of your operational workflows and developer logs. This Privacy Policy describes how we collect, use, and handle data when you use the Selixes website, our managed Cloud Gateway services, and our self-hosted Community Edition.

1. Data Boundaries: Self-Hosted vs. Cloud

We design our products around the principle of absolute sovereignty. How data is handled depends entirely on your deployment model:

  • Community Edition (Self-Hosted): 100% of your prompt requests, response payloads, keys, and telemetry metrics stay within your own Virtual Private Cloud (VPC) or local machine. No data is ever transmitted to Selixes servers.
  • Gateway Cloud (Managed): Upstream model requests are routed through our managed cloud gateway proxy. We transiently process requests in-memory to enable cost caps and circuit breakers. If you enable the Observability features in your dashboard, encrypted prompt and completion payloads are stored at rest for 30 days to power your trace history. If Observability is disabled, payloads are transiently processed and immediately discarded from memory without being written to disk.

2. Data Collection, Usage, and Retention

When you create an account on our website, we collect basic account registration details such as name, email address, and organization name. For users of our managed Cloud Gateway, we log system-level operational indicators (such as request volumes, response latencies, and token usage).

Retention: All operational logs and observability traces are retained for a maximum of 30 days, after which they are permanently deleted from our servers.

3. Sub-Processors

To deliver the Gateway Cloud service, we utilize the following trusted third-party sub-processors:

  • Railway: Core compute infrastructure and PostgreSQL database hosting.
  • Upstash: Serverless Redis for quota management and rate limiting.
  • Clerk: Customer identity, authentication, and organization management.
  • Stripe: Payment processing and subscription management.
  • Vercel: Web dashboard hosting and edge delivery.

4. Cookies and Analytics

We use strictly necessary cookies to maintain your authenticated session via Clerk. We do not use third-party tracking pixels, marketing cookies, or cross-site tracking technologies. Any website analytics we employ are privacy-first, anonymized, and do not use cookies.

5. GDPR and CCPA Compliance & DPAs

Under European General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA), we act as a Data Processor for the operational data sent through our Managed Gateway, and a Data Controller for our customers' account information.

Data Processing Agreement (DPA): We offer a standard, signed DPA for all Gateway Cloud customers handling EU personal data. To execute a DPA, please contact us.

6. Data Deletion and Export Requests

You may request a full export or permanent deletion of your account, telemetry data, and observability traces at any time. To exercise your rights under GDPR or CCPA, email us at support@selixes.com. We guarantee a response and fulfillment of all valid data requests within 30 days.

7. Contact Us

If you have any questions regarding this Privacy Policy or data handling procedures, contact us at:
Email: support@selixes.com
Location: Delhi, India