Privacy Policy

Last updated: January 17, 2026

1. Introduction

Welcome to Paqett ("we," "our," or "us"). We are committed to protecting your privacy and handling your data in an open and transparent manner. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our IoT platform and services.

2. Information We Collect

2.1 Account Information

  • Email address (required for account creation)
  • Password (hashed and encrypted)
  • First name and surname (optional)
  • Timezone preferences
  • Email verification status

2.2 Device and Telemetry Data

  • Device identifiers (thing names, MAC addresses)
  • Device metadata (friendly names, firmware versions, connection status)
  • Telemetry data sent by your devices
  • Device connection timestamps and IP addresses

2.3 Usage and Technical Data

  • API usage statistics (message counts, data volume)
  • Session information (login timestamps, IP addresses)
  • API keys and their usage metadata
  • Notification preferences

2.4 Billing Information

  • Subscription plan and status
  • Stripe customer ID (payment processing handled by Stripe)
  • Billing period information

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve our IoT platform services
  • Process your registration and manage your account
  • Store and process telemetry data from your devices
  • Send you service-related notifications (device alerts, usage warnings, security alerts)
  • Process payments and manage subscriptions
  • Respond to your inquiries and provide customer support
  • Ensure platform security and prevent fraud
  • Comply with legal obligations

4. Data Storage and Retention

4.1 Data Storage

Your data is stored securely in our database. Telemetry data retention periods depend on your subscription plan:

  • Free Tier: 7-day retention
  • Paid Tier: 90-day retention

4.2 Account Data

Account information is retained until you delete your account. Upon account deletion, all associated data (devices, telemetry, API keys) is permanently deleted in accordance with our data retention policy.

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your information only in the following circumstances:

  • Payment Processing: We use Stripe for payment processing. Stripe handles your payment information according to their privacy policy.
  • OAuth Providers: If you sign in with GitHub or other OAuth providers, they may receive basic authentication requests.
  • Legal Requirements: We may disclose information if required by law or to protect our rights and safety.
  • Service Providers: We may use third-party services (hosting, email delivery) that process data on our behalf under strict confidentiality agreements.

6. Your Rights (GDPR & CCPA)

You have the right to:

  • Access: Request a copy of all personal data we hold about you (available via Settings → Export All My Data)
  • Rectification: Update your account information through the Settings page
  • Erasure: Delete your account and all associated data (available via Settings → Delete Account)
  • Data Portability: Export your data in a machine-readable format
  • Objection: Opt out of non-essential notifications via Notification Settings
  • Withdraw Consent: Delete your account at any time

7. Cookies and Tracking

We use essential session cookies to maintain your login session. These cookies are necessary for the platform to function and cannot be disabled. We do not use tracking cookies or analytics cookies without your explicit consent.

8. Security

We implement industry-standard security measures to protect your data, including:

  • Password hashing using bcrypt
  • HTTPS encryption for all data transmission
  • Secure session management
  • API key encryption
  • Regular security audits

9. Children's Privacy

Our services are not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

10. International Data Transfers

Your data may be processed and stored in servers located outside your country of residence. By using our services, you consent to the transfer of your data to these locations. We ensure appropriate safeguards are in place to protect your data.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at:

Email: privacy@paqett.com
(Note: Update with your actual contact email)