Bootnode
Go to Dashboard
Legal

Privacy Policy

Effective date: January 1, 2026

1. Introduction

Hanzo AI, Inc. ("Bootnode," "we," "us," or "our") operates the bootnode.dev website and the Bootnode API platform (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By accessing or using the Service, you agree to this Privacy Policy. If you do not agree with the terms of this policy, please do not access the Service.

2. Information We Collect

2.1 Information You Provide

We collect information you voluntarily provide when you:

  • Create an account (email address, name, password)
  • Subscribe to a paid plan (billing address, payment information via our payment processor Stripe)
  • Contact us via email or our contact form (name, email, message content)
  • Participate in surveys or promotions

2.2 Information Collected Automatically

When you use the Service, we automatically collect:

  • API usage data (request counts, methods called, response times, error rates)
  • IP addresses used to make API requests
  • Device and browser information when using the dashboard
  • Cookies and similar tracking technologies for authentication and analytics
  • Log data (timestamps, request paths, HTTP status codes)

2.3 Information We Do Not Collect

We do not inspect, store, or log the content of your API request bodies or response bodies beyond what is necessary for rate limiting and abuse prevention. We do not collect or store private keys, seed phrases, or wallet passwords.

3. How We Use Your Information

We use collected information to:

  • Provide, operate, and maintain the Service
  • Process transactions and send related billing information
  • Monitor API usage for rate limiting, abuse prevention, and capacity planning
  • Send service-related notices, including downtime alerts and security notifications
  • Respond to your comments, questions, and support requests
  • Analyze usage patterns to improve the Service
  • Detect, prevent, and address technical issues, fraud, and security breaches
  • Comply with legal obligations

4. How We Share Your Information

We do not sell your personal information. We may share information with:

  • Service providers: Third-party vendors who assist in operating the Service (e.g., Stripe for payments, cloud infrastructure providers for hosting, analytics providers). These vendors are contractually obligated to protect your information.
  • Legal requirements: When required by law, subpoena, or other legal process, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
  • Business transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.
  • With your consent: We may share information for any other purpose with your explicit consent.

5. Data Retention

We retain your account information for as long as your account is active or as needed to provide the Service. API usage logs are retained for 30 days (Growth plan) or 90 days (Enterprise plan). After account deletion, we retain minimal data as required by law or legitimate business purposes (e.g., fraud prevention) for up to 12 months, after which it is permanently deleted.

6. Data Security

We implement industry-standard security measures to protect your information, including encryption in transit (TLS 1.3), encryption at rest (AES-256), API key hashing (bcrypt), and strict access controls. However, no method of transmission over the Internet is 100% secure. See our Security page for detailed information about our security practices.

7. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate personal data
  • Delete your personal data
  • Export your data in a portable format
  • Restrict or object to processing of your personal data
  • Withdraw consent at any time (where processing is based on consent)

To exercise these rights, contact us at privacy@bootnode.dev. We will respond within 30 days.

8. Cookies

We use essential cookies for authentication and session management. We use analytics cookies (which can be opted out of) to understand how the Service is used. We do not use advertising cookies or sell cookie data to third parties. You can control cookie settings through your browser preferences.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission, for any transfers of personal data outside the European Economic Area.

10. Children's Privacy

The Service is not intended for individuals under 16 years of age. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us and we will take steps to delete such information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Effective date" above. For significant changes, we will provide additional notice via email or a banner on the Service. Your continued use of the Service after changes become effective constitutes acceptance of the revised policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

Hanzo AI, Inc.

Email: privacy@bootnode.dev

San Francisco, California, United States