Privacy Policy
Effective Date: June 5, 2026
At Razix ("we", "our", or "us"), we provide institutional-grade custom domain and proxy infrastructure. We believe in strict data isolation and least-privilege architecture.
This Privacy Policy outlines how we handle the data of Razix customers ("Customers") and the data that passes through our edge nodes from your end-users ("End-User Traffic").
1. Information We Collect
We strictly limit data collection to what is necessary to authenticate you, secure your infrastructure, and route your traffic.
Account & Configuration Data When you register on the Razix dashboard, we collect:
- Email addresses.
- Cryptographically hashed passwords (managed securely via Supabase Auth).
- Domain names and routing targets (target URLs) configured within your dashboard.
- DNS status and SSL certificate provisioning logs.
Billing & Payment Data All payment processing and subscription management is securely offloaded to our Merchant of Record and payment provider, Polar (polar.sh). Razix does not store, process, or transmit your credit card numbers or billing details.
- Subscription Policy: You may cancel your Razix subscription at any time through the dashboard. Upon cancellation, your service will remain active until the end of your current billing cycle. Razix operates on a strict no-refund policy; we do not provide refunds or credits for partial or unused months.
2. The Edge Proxy & End-User Traffic
Razix operates as a high-performance reverse proxy. Because we sit between the public internet and your underlying application, End-User Traffic passes through our servers.
Pass-Through Data We act strictly as a conduit. We do not persistently log, mine, intercept, or sell the data payloads, API requests, or HTML bodies passing through our edge proxy.
Transient Processing for Security To provide intelligent DDoS and abuse protection, we transiently process incoming IP addresses and request metadata. This data is held in memory purely for real-time rate-limiting and malicious traffic mitigation. Once the request is routed or dropped, this transient data is flushed.
3. Infrastructure & Security Posture
Our infrastructure is designed with an institutional-grade security mindset to prevent unauthorized access.
- Least-Privilege Architecture: The Razix Edge Proxy connects to our database using a strict, read-only role (
proxy_reader). The proxy cannot modify, delete, or access your account billing data or passwords under any circumstances. - Network Isolation: Our server infrastructure is hidden from the public internet using private mesh networking and strict firewall routing. Applications run in isolated, sandboxed containers.
- Application Armor: We automatically inject strict security headers (HSTS, XSS protection, no-sniff, frame-deny) to protect your routed endpoints.
4. Third-Party Subprocessors
To deliver our services, we utilize trusted, enterprise-grade infrastructure providers. We do not sell your data to any third parties.
- Google Cloud Platform (GCP): For isolated server hosting and edge networking.
- Supabase: For secure PostgreSQL database hosting and authentication.
- Polar (polar.sh): For secure payment processing, subscription management, and tax compliance.
- Let's Encrypt: For automated, secure SSL certificate provisioning.
5. Data Retention & Deletion
We retain Account and Configuration Data for as long as your account is active. If you choose to delete your Razix account, we will permanently remove your configuration data, routing targets, and domain associations from our active databases.
Please note that SSL certificates previously provisioned may remain on public certificate transparency logs, as this is a fundamental requirement of the global SSL/TLS ecosystem.
6. Contact Us
For any technical or privacy-related inquiries regarding our infrastructure, please contact us at:
Email: contact@mail.razix.app (or adityapatwa@razix.app)
Website: https://razix.app
Institutional-grade custom domains and routing infrastructure for modern B2B SaaS platforms.