Privacy Policy for Compute42

Last updated: December 2025

1. Introduction and Controller Information

Compute42 (“we”, “us”, “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our software and services.

Data Controller:

• Company: Elan8
• Address: Netherlands
• Email: info@elan8.com
• Website: https://www.elan8.com

This Privacy Policy applies to the Compute42 Integrated Development Environment (IDE) and related services, including our website and backend services.

2. Legal Basis for Processing

We process your personal data based on the following legal grounds under the General Data Protection Regulation (GDPR):

• Contract Performance: To provide you with the Compute42 IDE and subscription services you have requested
• Legitimate Interest: To improve our services, ensure security, and prevent fraud
• Consent: For certain optional features and communications (where applicable)
• Legal Obligation: To comply with applicable laws and regulations

3. Personal Data We Collect

We collect the following types of personal data:

3.1 Account Information

• Email address
• Password (stored as encrypted hash, never in plain text)
• Email verification status
• Account creation date
• Last login timestamp
• EULA acceptance status and timestamp

3.2 Subscription Information

• Subscription plan details
• Payment information (processed by Paddle, our payment processor)
• Subscription status and history
• Billing cycle information
• Paddle customer ID (for payment processing)

3.3 Support and Communication Data

• Support tickets and messages
• Contact form submissions
• Communication preferences

3.4 Technical Data

• Authentication tokens (refresh tokens)
• Password reset tokens (temporary)
• Email verification codes (temporary)

3.5 Website Analytics

• We use Plausible Analytics, a privacy-friendly analytics service that does not collect personal data or use cookies
• No personal information is collected through our website analytics

4. How We Use Your Data

We use your personal data for the following purposes:

• Service Provision: To provide, maintain, and improve the Compute42 IDE and related services
• Account Management: To create and manage your account, process subscriptions, and handle payments
• Authentication: To verify your identity and secure your account
• Customer Support: To respond to your inquiries, support requests, and provide technical assistance
• Communication: To send you important service updates, security notifications, and account-related information
• Legal Compliance: To comply with applicable laws, regulations, and legal processes
• Security: To protect against fraud, unauthorized access, and other security threats

5. Data Sharing and Third Parties

We do not sell your personal data. We share your data only in the following circumstances:

5.1 Payment Processing

• Paddle: We use Paddle as our payment processor. Paddle processes payment information on our behalf. Paddle is GDPR compliant and acts as a data processor. For more information, see Paddle’s privacy policy: https://paddle.com/legal/privacy

5.2 Service Providers

• Email Service: We use our own email service (owned by Elan8) to send transactional emails, verification codes, and account-related communications
• Analytics: We use Plausible Analytics (owned by Elan8) for website analytics, which does not collect personal data

5.3 Legal Requirements

We may disclose your personal data if required by law, regulation, or legal process, or to protect our rights, property, or safety, or that of our users.

6. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law:

• Account Data: Retained while your account is active and for a reasonable period after account deletion to comply with legal obligations
• Subscription Data: Retained for the duration of your subscription and for accounting/tax purposes as required by law
• Support Tickets: Retained for customer service purposes and to improve our services
• Authentication Tokens: Temporary tokens are deleted when they expire or are no longer needed
• Email Verification Codes: Deleted after verification or expiration (typically 15 minutes)

When you delete your account, we will delete or anonymize your personal data in accordance with our data retention policies and legal obligations.

7. Your Rights Under GDPR

As a data subject under the GDPR, you have the following rights:

7.1 Right of Access

You have the right to request access to your personal data. You can download a copy of all your data through the “Download My Data” feature in your account settings.

7.2 Right to Rectification

You can update your account information, including your email address, through your account settings.

7.3 Right to Erasure (“Right to be Forgotten”)

You can delete your account at any time through your account settings. This will permanently delete your personal data, subject to legal retention requirements.

7.4 Right to Data Portability

You can download your data in a structured, commonly used, and machine-readable format using the “Download My Data” feature in your account settings.

7.5 Right to Object

You have the right to object to processing of your personal data for certain purposes. Please contact us if you wish to exercise this right.

7.6 Right to Restrict Processing

You have the right to request restriction of processing of your personal data in certain circumstances.

7.7 Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw your consent at any time.

To exercise any of these rights, please contact us at info@elan8.com or use the features available in your account settings.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

• Encryption: Passwords are hashed using industry-standard bcrypt encryption
• Secure Transmission: All data is transmitted over HTTPS/TLS
• Access Controls: Access to personal data is restricted to authorized personnel only
• Regular Security Reviews: We conduct regular security assessments and updates
• Database Security: Our database is secured and access is restricted

Despite our efforts, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee absolute security.

9. International Data Transfers

Your personal data is processed and stored within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions by the European Commission
• Other appropriate safeguards as required by GDPR

10. Cookies and Tracking Technologies

10.1 Website Cookies

Our website uses Plausible Analytics, which is a privacy-friendly analytics service that:

• Does not use cookies
• Does not collect personal data
• Complies with GDPR, CCPA, and PECR
• Does not track users across websites

10.2 Application

The Compute42 IDE application does not use cookies. Authentication is handled through secure tokens stored locally on your device.

10.3 Third-Party Services

• Paddle: May use cookies for payment processing. Please refer to Paddle’s privacy policy for details.

11. Children’s Privacy

Compute42 is not intended for children under the age of 16. We do not knowingly collect personal data from children under 16. If you believe we have collected data from a child under 16, please contact us immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated Privacy Policy on our website
• Updating the “Last updated” date at the top of this policy
• Sending an email notification for significant changes (if you have an account)

Your continued use of Compute42 after any changes constitutes your acceptance of the updated Privacy Policy.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: info@elan8.com
• Legal Email: info@elan8.com
• Website: https://www.elan8.com

For data protection inquiries, you can also contact your local data protection authority. In the Netherlands, this is the Autoriteit Persoonsgegevens (AP).

14. Data Protection Officer

For GDPR-related inquiries, you can contact our data protection team at info@elan8.com.

---

By using Compute42, you acknowledge that you have read and understood this Privacy Policy and agree to the collection and use of your personal data as described herein.