Plain-language policies.

What we collect, and what we don’t.

The short version

We collect the minimum data we need to run the platform: contact details when you reach out, billing data for paid customers, and the telemetry our service emits about itself. We do not look at the data inside your lake. We do not sell your information.

Customer data

Data ingested into your rjbase deployment — tokenized columns, raw cleartext sitting in your bucket, query results — is your data. We process it on your behalf as outlined in the DPA. We never copy it out of your environment.

Telemetry

Our agents send us platform metrics (latency, error rates, hardware counters) and audit-ledger checksums. They never send query strings, row contents, or user identifiers without your explicit configuration.

Cookies

This marketing site sets one session cookie (rjbase_sess) and nothing else. We do not run third-party trackers or advertising pixels. We sometimes embed a simple privacy-respecting analytics script on documentation pages; you can find it in the <head> if so.

Your rights

Whether you are in the EU (GDPR), California (CCPA), or elsewhere, you can request a copy of your data, ask us to delete it, or correct it. Email privacy@rjbase.io and we will respond within 30 days.

The deal, written down.

Use of the platform

You may use rjbase.io for any lawful purpose under the plan you signed up for. You agree not to attempt to reverse the token vault, exfiltrate other tenants’ data, or run security testing against our control plane without prior written authorization.

Service levels

Paid plans carry a 99.9% control-plane availability SLO. Business and Sovereign tiers carry 99.99% and 99.995% respectively. Service-credit terms are detailed in your order form.

Termination

You may terminate at any time with 30 days’ written notice. On termination, we delete all customer-identifying control-plane data within 30 days and supply a written attestation on request. Your buckets stay yours; we never had them.

Liability

Our total liability is capped at the fees you paid us in the 12 months preceding the claim. Nothing in this section limits liability for fraud, willful misconduct, or gross negligence.

Governing law

These terms are governed by the laws of Delaware, USA. Disputes are resolved in Delaware courts, except where local law requires otherwise for consumer protection or government-tier customers.

How we process data on your behalf.

Roles

You are the data controller for any personal data ingested into your rjbase deployment. We are a processor (or sub-processor, where you are already a processor). The DPA forms part of your subscription agreement.

Sub-processors

We maintain a current list of sub-processors — primarily cloud infrastructure providers, HSM vendors, and our compliance auditors — at dpa@rjbase.io. We will notify you at least 30 days before adding a new sub-processor.

Transfers

For EU/UK customers, transfers outside the EEA rely on the Standard Contractual Clauses with appropriate supplementary measures (encryption, tokenization). Sovereign customers can elect to have no cross-border transfers — full stop.

Security measures

Annex II of the DPA enumerates our technical and organizational measures: tokenization at ingest, HSM-backed key management, mTLS service identities, hash-chained audit, SOC 2 / ISO 27001 controls. The signed PDF is available on request.