Privacy Policy

Account information: When you create an account, we collect your name, email address, and password. If you sign in via a third-party provider (Google, GitHub), we receive your name and email from that provider.

Usage data: We collect information about how you interact with our platform, including training run configurations, metric data, and API request logs. This data is used to operate and improve the service.

Payment information: If you subscribe to a paid plan, payment details are processed by our payment provider (Stripe). We do not store your full credit card number on our servers.

Device and browser data: We collect standard log information including IP address, browser type, operating system, and referring URLs. This helps us maintain security and diagnose issues.

To operate the platform: Your training configurations, metrics, and snapshots are stored to provide the core ConvexLabs service.

To improve the product: We analyze aggregate usage patterns to identify performance bottlenecks and prioritize new features. We do not use your model weights or training data for any purpose other than delivering the service to you.

To communicate with you: We send transactional emails (run completion, billing) and occasional product updates. You can opt out of non-essential emails at any time.

To ensure security: We monitor for unusual activity and may use your data to investigate potential abuse or security incidents.

Your training data, metrics, and snapshots are retained for as long as your account is active. When you delete a run or snapshot, it is removed from our storage within 30 days.

If you close your account, we delete all associated data within 90 days, except where we are required to retain records for legal or compliance purposes.

We do not sell your personal information to third parties.

We share data with service providers who help us operate the platform (cloud hosting, payment processing, email delivery). These providers are bound by contractual obligations to protect your data.

We may disclose data if required by law, regulation, or valid legal process.

We use industry-standard encryption (TLS 1.3) for all data in transit. Data at rest is encrypted using AES-256.

Access to production systems is restricted to authorized personnel and requires multi-factor authentication.

We conduct regular security reviews and penetration testing.

You can access, update, or delete your personal information at any time through the dashboard settings page.

You can request a full export of your data by contacting privacy@convexlabs.app.

If you are located in the EU, you have additional rights under GDPR including the right to data portability and the right to restrict processing.

If you have questions about this privacy policy, contact us at privacy@convexlabs.app.