Privacy Policy

Last updated: December 26, 2025

This policy explains what data MachineID.io collects, how it is used, and how we protect it. We aim to collect only what we need to operate the service.

1. Data we collect

We collect only the data needed to run the service and support customers:

  • Contact email you provide (used for support and transactional service messages).
  • Organization identifiers and org keys associated with your account.
  • Device identifiers you register through the API.
  • Basic request logs such as IP address, user agent, timestamps, and endpoint details.
  • Operational event logs about key actions (org creation, device registration, revocations, and plan changes).

2. No advertising cookies or tracking

MachineID does not run advertising, sell user profiles, or use tracking pixels. We do not knowingly use third-party analytics scripts on the site. Some infrastructure providers (for example, hosting/CDN services) may produce standard server logs as part of operating the website and API.

3. Payments & billing

Payments are handled by Stripe. MachineID.io does not store your full card number or full payment details. We may store Stripe customer IDs, subscription IDs, and related metadata to understand your plan and apply device limits.

4. Org keys, device data & local storage

Org keys are stored so we can authenticate requests and enforce plan limits. Device identifiers are stored to track registration, revocation status, and plan-based counts.

For convenience, the dashboard may store your org key in your browser’s localStorage (for example under a key like machineid_org_key) so you remain “loaded” as you move between pages. You can clear local storage at any time using the UI controls or your browser settings.

5. How we use data

We use the data we collect to:

  • Provide and maintain the MachineID.io API and dashboard.
  • Enforce subscription limits and device caps.
  • Monitor reliability and security, and investigate abuse.
  • Communicate with you about support, billing, or important service changes.

6. Sharing & selling

We do not sell or rent your personal data. We share data only with service providers that help us operate the platform (such as billing, infrastructure hosting, and email delivery), or when required by law.

7. Security

We implement commercially reasonable technical and organizational safeguards designed to protect stored data. However, no system is perfectly secure. You are responsible for securing your org keys and your own systems.

8. Retention

We retain account, billing, and operational records for as long as needed to provide the service and for a reasonable period afterward for legal, accounting, and security purposes. Log data may be retained for a limited period to monitor system health, investigate abuse, and improve reliability.

9. Your choices & rights

You may contact us to request access, correction, or deletion of personal data we hold about you, subject to applicable law and legitimate operational requirements. You can also remove org keys from your browser at any time by clearing local storage or using the “Clear key” UI controls.

10. Changes to this policy

We may update this policy from time to time. When we do, we will update the “Last updated” date at the top of this page. If changes are significant, we may also notify you by email or through the dashboard.

11. Contact

If you have questions about privacy or data handling, contact us at support@machineid.io.