Privacy Policy
Last updated: March 2026. Pulrix collects as little data as possible. Here is exactly what we collect, what we skip, and who we share with.
What We Collect
API request logs
When you query the Pulrix API, we log the request path, timestamp, and your API key identifier (if authenticated). These logs are used for rate limiting, abuse detection, and debugging. Logs are retained for 90 days, then deleted.
IP addresses
IP addresses are collected for rate limiting on the free API tier. We do not use IP addresses for tracking, profiling, or advertising. IPs are stored temporarily in memory for rate limit windows and are not persisted to disk.
Payment information
If you subscribe to a paid plan, payment is processed by Stripe. Pulrix does not store your credit card number, CVV, or full billing details. We receive from Stripe: your email address, subscription status, and a Stripe customer ID. See Stripe's Privacy Policy for how Stripe handles your payment data.
Email address
If you create an account or subscribe to a paid plan, we store your email address. We use it for account management, billing notifications, and service updates. We do not sell your email or use it for marketing unless you opt in.
What We Do Not Collect
No cookies
Pulrix does not use cookies. No tracking cookies, no analytics cookies, no session cookies. The website and API are stateless from the browser's perspective.
No personal data from repositories
When we scan MCP server repositories, we collect public project metadata (stars, commit dates, dependencies, license type). We do not collect personal data about repository contributors, committers, or maintainers.
No third-party trackers
No Google Analytics, no Facebook Pixel, no ad networks. We do not track your behavior across the web.
Third-Party Services
Pulrix uses the following third-party services that may process data on our behalf.
| Service | Purpose | Data shared |
|---|---|---|
| Stripe | Payment processing | Email, payment details (handled by Stripe directly) |
| Vercel | Website hosting and edge functions | HTTP request metadata (IP, user agent, URL) |
| Turso | Database (MCP server scores and metadata) | No personal data stored. Server scores and project metadata only. |
Data Retention
API logs: 90 days, then deleted.
IP addresses (rate limiting): Held in memory for the duration of the rate limit window only. Not persisted.
Account data: Retained while your account is active. Deleted within 30 days of account closure upon request.
Payment records: Retained by Stripe per their data retention policies. Pulrix retains subscription status and Stripe customer ID for as long as your account is active.
Your Rights
You can request to:
- Know what data we hold about you.
- Delete your account and associated data.
- Export your data in a machine-readable format.
Send requests to hello@pulrix.dev. We respond within 14 days.
Changes to This Policy
We may update this policy from time to time. Material changes will be posted on this page with an updated date. We will not reduce your privacy protections without notice.
Contact
Questions about privacy? Reach us at hello@pulrix.dev.
Last updated: March 2026.