SpaceWhale LogoSpaceWhale
Back to Console
Security & Trust

|

Last Updated: June 14, 2026. This Privacy Policy outlines how SpaceWhale manages your developer data. We prioritize transparency, privacy, and zero data exploitation.

1. Zero Data Harvesting

SpaceWhale does not collect browser history, retargeting pixels, search keywords, or advertising identifiers. Your hosting activity remains entirely private.

2. Sandboxed Storage Privacy

Web applications and background bots run in strictly isolated sandboxes. We do not read, scan, or copy your code, files, databases, or environment keys under any circumstances.

3. Email Privacy & Routing

Inbound and outbound email messages are processed temporarily through our routing gateways. We do not index the body content of your emails or use it for profiling.

4. Local Storage Preferences

We only use local storage to save your UI theme preference (Obsidian Gold vs Champagne Light) and dashboard state so that your preference persists when reloading.

5. Let's Encrypt Verification

When provisioning SSL certificates automatically for your domains, only the necessary cryptographic handshake logs are shared with Let's Encrypt to certify ownership.

6. Secure Payment Transactions

We do not store or process debit/credit card details on our servers. All transaction billing is managed securely through a certified PCI-compliant gateway (Stripe).

7. Temporary Diagnostics Logs

To support server health, we collect CPU and memory usage statistics. These logs are anonymous and deleted automatically after 7 days.

8. Account Data Erasure

When you delete a mailbox, website route, or bot container, all related files, server configs, and storage volumes are purged immediately and permanently from our active nodes.

9. Zero Third-Party Sharing

We do not share, sell, distribute, or license customer email addresses, domain records, configuration data, or hosting logs to any marketing, advertising, or analysis firm.

10. Security Breach Notifications

In the rare event of a cluster-wide service error or unauthorized configuration access, we will notify affected customers via email within 24 hours of discovery.