Back to home

Privacy Policy

Effective March 2026 · Last updated March 2026

The Short Version

We believe privacy policies should be readable by humans, not just lawyers. Here is what matters:

  • We collect your email, account info, and usage data to run the service.
  • We use Stripe for payments — we never see your card number.
  • We don't sell your data or serve ads. Ever.
  • We don't store your source code or package contents.
  • You can delete your account anytime.

What We Collect

Account information

Email address, password hash (bcrypt), and GitHub ID if you sign in with GitHub OAuth.

Payment

Handled entirely by Stripe. We store your Stripe customer ID so we can link your subscription to your account. We never see, process, or store your credit card number.

Usage data

Download counts, package names, Python versions, CUDA versions, and timestamps. We use this to understand which wheel combinations are most needed so we can prioritize builds.

Technical data

IP addresses (for rate limiting and abuse prevention) and browser/user-agent strings (from standard HTTP headers).

What we DON'T collect

Source code, package contents, GPU model, system specs, shell history, or filesystem information. We are a wheel registry, not a telemetry service.

How We Use Your Data

  • 1. Provide the service — authenticate downloads, enforce subscription limits, deliver wheels.
  • 2. Prioritize builds — figure out which CUDA/Python combos are most requested so we build those first.
  • 3. Improve reliability — error tracking and performance monitoring to keep the service fast.
  • 4. Transactional emails — receipts, trial expiry notices, and security alerts. That's it.

We do not use your data for advertising, behavioral profiling, or AI/ML model training.

Who We Share Data With

We use a small number of infrastructure providers to run EasyWheels. That's the full list:

Stripe

Payment processing

Cloudflare

CDN & DDoS protection

Railway

Application hosting

We don't sell, rent, or trade your data. No data brokers, no ad networks, no "analytics partners."

Data Retention

Data type Retention
Account information Until you delete your account
Usage logs 90 days
Build logs 30 days
Payment records As required by law (typically 7 years)

Your Rights

You have full control over your data. Here is what you can do:

  • Access — Request a copy of all data we hold about you.
  • Correction — Update or correct your account information.
  • Deletion — Delete your account. We purge your data within 30 days.
  • Export — Download your usage history in a machine-readable format.

To exercise any of these rights, email privacy@easywheels.io or contact@easywheels.io.

Security

We take the security of your data seriously. Here is how we protect it:

bcrypt

Passwords are hashed with bcrypt. We never store plaintext passwords.

SHA-256

API keys are hashed. We cannot see your raw key after creation.

HTTPS/TLS

All connections are encrypted in transit. No exceptions.

Encrypted at rest

Data stored on disk is encrypted at rest via our hosting provider.

Cookies

We use exactly two cookies. Both are functional. Neither tracks you.

Cookie Purpose Flags
session Keeps you logged in httponly, secure
oauth_state CSRF protection during GitHub login httponly, secure

No tracking cookies. No analytics cookies. No third-party cookies.

Children

EasyWheels is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us at privacy@easywheels.io and we will delete it promptly.

Changes to This Policy

If we make material changes to this policy, we will email you at least 30 days before they take effect. Minor clarifications or formatting changes may be made without notice. The effective date at the top of this page always reflects the latest version.

Contact

Questions about this policy? Reach us at privacy@easywheels.io.