Privacy Policy - MacXCode macOS cloud privacy notice

Overview

MacXCode ("we") respects your privacy. This Privacy Policy ("Policy") describes how we collect, process, store, and protect personal information when you use macxcode.com and related services (collectively, the "Service").

By accessing or using the Service, you acknowledge that you have read and agree to this Policy.If you do not agree, do not use the Service. This Policy and our User Agreement together form the complete agreement between you and us.

1Information we collect

1.1 Information you provide

Account information:Email address, optional name, and password you set at signup (stored encrypted)
Payment information:Payments are processed by third-party providers. We keep transaction outcomes, amounts, dates, and partially redacted billing details—not full card or payment account numbers.
Support content:Issue descriptions, attachments, and correspondence you send via tickets or email
Service configuration:Server specs, data center region, and billing method you select

1.2 Automatically collected information

Access logs:IP address, HTTP request metadata, timestamps, referrer, browser type, and operating system
Device identifiers:Device type and a client-side identifier (SSAID) we generate for security checks and anomaly detection
Service usage data:Sign-in times, feature usage, console actions, and bandwidth/resource statistics
Cookies and local storage:To maintain sessions, remember language, and improve UX (see Section 6)

2How we use information

We use collected data for the purposes below, which are necessary to provide the Service or reflect our legitimate interests:

Provide and operate the Service:Create accounts, provision and manage instances, process payments and renewals
Authentication and security:Verify identity and detect fraud, abuse, and unauthorized access
Customer support:Respond to tickets and troubleshoot technical issues
Service improvement:Analyze usage patterns, optimize performance, and build features—using aggregated or anonymized data where possible
Service notices:Billing notices, expiry reminders, maintenance announcements, and security alerts
Marketing:Unless you opt out, we may send product updates or offers we believe are relevant
Legal compliance:Comply with law, respond to lawful requests, and protect our rights
Platform research:Use anonymized technical and performance logs to improve infrastructure stability

3Sharing and disclosure

We do not sell your personal information.We may share information only in limited cases:

3.1 Service providers

We share the minimum needed with vendors who help us run the Service, including:

Payment processors (transactions are governed by their privacy policies)
Email providers (verification codes and notifications)
Self-hosted analytics (Matomo on infrastructure we control)
Network infrastructure providers

We use data-processing agreements requiring providers to use data only as needed and to apply appropriate safeguards.

3.2 Legal requirements

We may disclose information when required by law or to protect our rights—including legal process, government orders, enforcing our terms, or preventing fraud and security threats.

3.3 Corporate transactions

In a merger, acquisition, asset sale, or bankruptcy, user information may transfer as an asset. We will announce material changes on the platform; the recipient must honor this Policy.

3.4 Your consent

With your clear consent, we may share information for the purposes you authorize.

4Retention

We retain information as follows:

Account information:Kept for the life of the account and a reasonable period after closure (up to 12 months) where required for compliance
Transaction records:Invoices and payment records are kept for at least 7 years
Access logs:Typically retained for 90 daysfor security audits and troubleshooting
Ticket records:During the account lifetime and for 12 monthsafter closure
Server data:After the service ends, within 72 hours,permanently deleted

Where law requires longer retention, we keep data for the legally mandated period.

5Security

We use industry-standard technical and organizational measures:

Encryption in transit:TLS 1.2 or higher for data in transit
Password security:Passwords stored with strong hashing (bcrypt); originals cannot be read
Access control:Staff access to user data is tightly limited under least-privilege rules
Physical security:Data centers with 24/7 physical access controls
Security reviews:Periodic internal reviews and vulnerability scanning

No internet transmission or electronic storage is 100% secure. We cannot guarantee absolute security.No internet transmission or electronic storage is 100% secure. We cannot guarantee absolute security.

6Cookies and similar technologies

We use the following cookies and local storage:

You can manage or block cookies in your browser; disabling necessary cookies may prevent the Service from working.

7Your rights and choices

Depending on applicable law, you may have the rights below. Submit requests via tickets; we respond within 30 days:

Access:Request a copy of personal information we hold about you
Correction:Request fixes to inaccurate or incomplete data (basic profile fields can be edited in the console)
Deletion:After account closure, request deletion of personal data—records we must keep by law (e.g. transactions) are excluded
Opt out of marketing:You may unsubscribe from marketing anytime via the link in emails. Service messages (e.g. billing) cannot be opted out of
Withdraw consent:Where we rely on consent, you may withdraw it anytime without affecting prior lawful processing

While your account is active, some deletion requests may be delayed so we can keep providing the Service and meet legal duties.

8Minors

The Service is not directed at minors under 18We do not knowingly collect children's personal data. If you are a parent or guardian and believe your child shared data with us without permission, contact us via ticket and we will delete it promptly.

9Cross-border transfers

MacXCode operates data centers in Hong Kong, Japan, South Korea, and the United States. Your information may be stored or processed outside your country. Legal requirements for data protection vary by region.

We protect cross-border data with processing agreements with recipients, industry-standard security, and applicable transfer safeguards.

10Third-party links

Our site may link to third-party sites. We are not responsible for their content, privacy practices, or security. Read their policies before you share information.

11Policy updates

We may revise this Policy. Updates appear on this page with a new "Last updated" date at the top.

Formaterial changes(such as a substantial change in how we use data), we will notify you by email or in-product notice.Continued use after changes means you accept the revised Policy.If you disagree, stop using the Service and close your account.

12Contact us

Questions, complaints, or rights requests about this Policy—contact us:

Privacy email:[email protected]

Tickets:Console → Submit a ticket (recommended, trackable)

Response time:General inquiries within 2 business days; rights requests within 30 days