Privacy Policy

Account data: Your email address, collected when you sign up via Google OAuth or email magic link.

Service data: When you use Hooks, we collect:

• The webhook endpoints you configure (source, label, generated URL token, signing secret — stored encrypted, see Security section)
• The webhook event payloads we receive on your behalf (raw payload, headers, source-assigned event ID)
• Your delivery configuration (filters, templates, channel selections)
• Delivery logs (which events were sent to which channels, with status and error details)

Usage data:Basic feature events (e.g., "endpoint created") for debugging and improving the service. We don't build behavioral profiles.

We don't collect:Payment card details (Stripe handles those and we never see them), location data, device fingerprints, or anything we wouldn't want collected from us.

• To deliver the service: receive webhooks, apply filters, send notifications
• To send billing emails: invoices, subscription changes, payment failures
• To debug issues and improve reliability
• To contact you about material changes to these policies

We don't use your data for advertising. We don't sell it to anyone. We don't share it except with the vendors listed below.

We rely on a small number of trusted vendors to run the service. Each processes your data only as needed to provide their service.

We use one cookie: a Supabase session cookie that keeps you logged in. It's set when you sign in and cleared when you sign out.

No analytics cookies. No advertising cookies. No third-party tracking pixels. No Google Analytics. No Facebook Pixel.

We store the raw webhook payloads you receive on our infrastructure for the duration of your tier's retention window, then delete them automatically via a daily cleanup job:

• Free: 7 days
• Pro: 30 days
• Team: 90 days

Endpoint configurations and delivery logs are retained as long as your account is active. If you delete your account, all data is deleted within 30 days.

Exception: Stripe may retain billing records for up to 7 years to comply with payment regulations. We don't control this — it's a legal requirement on their end.

You can:

• Export your data— email us at mk@natrium.co.jp and we'll send you everything we have within 72 hours.
• Delete your account— email us at mk@natrium.co.jp. We'll confirm and process within 7 days.
• Opt out of non-essential emails — Settings → Notifications in the app.

If you're in the EU or UK, you also have rights under GDPR / UK GDPR: access, rectification, erasure, portability, and the right to object to processing. Email us to exercise them. We'll respond within 30 days.

Webhook payloads may contain personally identifiable information (customer emails, shipping addresses, and similar fields) sent by Stripe, Shopify, GitHub, or other sources. Hooks does not redact individual fields in the MVP; field-level redaction is planned post-MVP. You control what is forwarded via filters and templates.

Replay: Hooks stores past payloads so you can replay an event through your routes again. Replays create a new processing record linked to the original and count toward your monthly event quota.

We do not sell, share, or use your webhook payload data for any purpose other than delivering it to the channels you configured. We do not train machine learning models on your data.

Data is stored on Supabase in the Tokyo region (ap-northeast-1), which encrypts data at rest and in transit. Access to production data is restricted to the minimum necessary.

Signing secrets (used to verify that incoming webhooks are genuinely from Stripe, Shopify, GitHub, etc.) are encrypted with AES-256-GCM before being stored in our database. The encryption key is held in a separate environment variable and is never exposed to client code or logs.

No system is perfectly secure. If you discover a security issue, please email mk@natrium.co.jp and we'll respond promptly.

We'll email you and post a notice in the app before making material changes. We won't sneak in changes that weaken your privacy without telling you.