Legal

Privacy Policy

This policy explains what personal information CAIport collects, how we use it, and the choices you have. CAIport is a Demfilz studio project and an Australian business.

Effective date: 26 June 2026

1. Information we collect

1.1 Account information

When you register we collect your name, email address and phone number, and the credentials used to access your account.

1.2 Payment information

Payments are processed by Stripe. Stripe collects and stores your card details directly — we do not store your card numbers. We retain limited billing metadata such as the last four digits, card brand and your Stripe customer reference.

1.3 SSH public keys

We store the SSH public keys you upload so we can inject them into the servers we provision for you.

1.4 Server metadata

We store metadata about your servers — such as plan, region, operating system image, state, public IP address and timestamps — to operate and display your fleet.

1.5 IP address & geolocation

To protect against fraud and abuse, we collect your IP address and look up its geolocation using ip-api.com as part of our Australia-first abuse gate.

1.6 Usage & audit logs

We keep usage logs and an audit log of actions taken in your account (for example, creating, resizing or destroying servers and API calls) for security, troubleshooting and compliance.

2. How we use your information

We use your information to: create and manage your account; provision and operate your servers; process payments and prevent fraud; run our abuse gate and enforce our Acceptable Use Policy; provide support; send service and billing communications; and meet our legal obligations.

3. Third parties we share with

We share information with service providers only as needed to deliver the service:

Our cloud infrastructure provider — hosts the underlying compute and infrastructure. Stripe — processes payments and stores card data. ip-api.com — performs IP geolocation lookups for fraud and abuse checks. We do not sell your personal information.

4. Cookies

We use a single session cookie to keep you logged in. We do not use third-party advertising or tracking cookies.

5. Data retention & deletion

Server metadata persists while a server exists. Destroying a server permanently wipes its attached storage. When you delete your account, we purge your personal data, subject to any records we are required to retain for legal, tax or fraud-prevention purposes (such as billing records). You can request deletion at any time.

6. Security

We use reasonable technical and organisational measures to protect your information, including encryption in transit, scoped API keys, isolated and tagged per-customer resources, sensible firewall defaults, and access controls. No system is perfectly secure, but we work to keep your data safe.

7. Your rights

You may access, correct or delete your personal information, and ask questions about how it is handled. To exercise these rights, contact us at cl@demfilz.com. We handle personal information consistently with the Australian Privacy Principles.

8. Changes to this policy

We may update this policy from time to time. Material changes will be communicated by email or a notice on the site, and the effective date above will be updated.

9. Contact

Questions about your privacy? Contact us at cl@demfilz.com, or email general support at support@caiport.com.