Privacy Policy

How we handle your data, credentials, and source code.

Updated: March 13, 2026

Serverfy ("we," "our," or "us") respects your privacy. This Privacy Policy outlines how we collect, process, and protect your information when you use our platform.

1. Information We Collect

To provide our server management services, we collect:

  • Account & Billing Data: Name, email address, and billing information. Payment processing is handled securely by Stripe; we never store full credit card numbers on our servers.
  • Infrastructure Credentials: API tokens for third-party cloud providers and SSH keys generated strictly for Serverfy to manage your servers.
  • Version Control System (VCS) Data: OAuth tokens from GitHub, GitLab, or Bitbucket. Important: Serverfy requests access only to configure deployment webhooks and install deploy keys. We do not download, read, or store your application's source code.
  • Telemetry & Logs: Server metrics (CPU, RAM, Disk usage) via our monitoring daemon, IP addresses, and interaction logs for debugging.

2. How We Use Your Information

  • To provision, configure, and maintain your servers.
  • To automate deployments and SSL certificate generation.
  • To provide real-time status pages and server monitoring alerts.
  • To prevent fraud and abuse of our platform.

3. Data Security & Encryption

Your security is our priority. All third-party API keys, OAuth tokens, and database passwords are encrypted at rest using industry-standard AES-256 encryption. Communications are secured via TLS/SSL.

4. Third-Party Sub-Processors

We share necessary data with trusted sub-processors strictly to operate our service (e.g., Stripe for payments, cloud providers to authenticate your API keys, and transactional email services). We do not sell your data.

5. Data Retention

We retain your personal data only for as long as your account is active. Upon account deletion, we immediately destroy all associated OAuth tokens, API keys, and server connection data.

6. Your Rights

Under global privacy laws (including GDPR and LGPD), you have the right to access, correct, export, or delete your personal data. You can manage these preferences in your dashboard or contact us at support@serverfy.io.

Data Processing Agreement (DPA) - Summary

GDPR Compliance Statement:
Serverfy acts as a "Data Processor" on behalf of our customers ("Data Controllers"). We process server metadata and deployment webhooks strictly according to the customer's instructions via our dashboard. Our infrastructure is hosted securely, and we ensure all third-party sub-processors (like Stripe) are fully GDPR-compliant. For a signed DPA, Enterprise customers may contact support@serverfy.io.

7. Contact Us

For privacy-related questions, data access requests, or to exercise your rights under GDPR or LGPD, contact our Data Protection team at: support@serverfy.io

Serverfy uses cookies strictly necessary for the secure operation of the platform. We do not use third-party advertising trackers. By proceeding, you agree to our Terms of Use and Privacy Policy.