Privacy Policy
Effective Date: January 22, 2026
1. Introduction
5pm dev, Inc. ("Crate", "we") respects your privacy. This policy describes how we handle data when you use our Gateway.
2. Data We Collect
We collect two categories of data:
A. Account Data (Your Info)
- Name, Email Address, Password (hashed).
- Billing information (processed via Stripe; we do not store full credit card numbers).
B. Traffic Data (Your Users' Info)
As an API Gateway, we transmit data between your end-users and your backend.
- Logs: We may temporarily store Request/Response metadata (IP addresses, URL paths, User-Agents, Latency metrics) for debugging, analytics, and security.
- Payloads: We do not permanently store request bodies (POST data) unless specifically enabled by you for debugging purposes.
3. How We Use Data
- To Provide the Service: Routing traffic, issuing SSL certificates (via Let's Encrypt), and enforcing rate limits.
- Security: detecting DDoS attacks or abusive bots.
- Billing: Calculating bandwidth usage.
- Communication: Sending system alerts or invoice receipts.
4. Data Retention
- Account Data: Retained as long as your account is active.
- Traffic Logs: Retained for 30 days for troubleshooting, then aggregated or deleted.
5. Third-Party Subprocessors
We share data with trusted infrastructure providers to run the Service:
- Hosting: [Cloud Providers] (Infrastructure).
- Payments: Stripe (Payment processing).
- SSL: Let's Encrypt (Certificate generation).
6. Your Rights (GDPR/CCPA)
You may request to export or delete your Account Data at any time by contacting support@crate.cc.
Note:
As a Gateway, we act as a "Data Processor" for your end-user traffic. If your users request data deletion, you are responsible for handling that request within your own backend.
7. Changes
We may update this policy. Continued use of the Service signifies acceptance of the changes.
8. Contact
For privacy questions, contact: support@crate.cc