Privacy Policy
1. Who we are
Restormel Keys is operated by Allotment Technology Ltd (England and Wales). We act as the controller for personal data described in this policy.
Contact: contact@restormel.dev
2. What we process
Account and authentication
When you sign in to the Dashboard, we receive identifiers (such as your GitHub-linked account email and an internal user ID) via our authentication provider. We use these to create your workspace and let you manage projects.
Billing and payments (Paddle as merchant of record)
If you subscribe to Pro, Paddle processes payments as Merchant of Record. We do not store full card details. We store billing metadata needed to reflect your plan status (for example: plan, subscription status, and provider customer/subscription identifiers).
Product usage and operational data
We process request metadata and operational logs (for example timestamps, request status, and performance metrics) to operate the service, improve reliability, and investigate abuse and incidents.
Keys and credentials (BYOK-first)
Restormel Keys is BYOK-first. We do not want to take custody of raw secrets as a core product feature.
- Gateway Keys (used to call Restormel APIs) are stored as a prefix + hash; we do not store raw values.
- Provider credentials (OpenAI/Anthropic/etc.) should typically live in your own secret store or your existing gateway vendor. If you choose to enter provider credentials into the Dashboard, treat them as sensitive and rotate them as needed; we mask sensitive values in the UI and avoid logging raw secrets.
Analytics
We may use product analytics (for example PostHog) to understand feature usage and improve the product. We do not intentionally send secrets to analytics tools.
3. Why we process data (legal bases)
- Contract: to provide the Dashboard, APIs, and subscription features you request.
- Legitimate interests: service security, abuse prevention, diagnostics, and product improvement.
- Legal obligation: finance/tax records and lawful requests where required.
4. Sharing and sub-processors
We do not sell personal data. We share data with vendors only to provide Restormel Keys, such as:
- Authentication provider: to support sign-in and sessions.
- Neon: hosted Postgres database.
- Vercel: hosting for the Dashboard and site surfaces.
- Paddle: checkout, subscriptions, and billing administration (Merchant of Record).
- Zuplo: control-plane API gateway (where enabled).
- PostHog: product analytics (where enabled).
5. International transfers
Some processors may handle data outside the UK/EEA (including in the US). Where required, we rely on appropriate safeguards made available by our providers.
6. Retention
- Account/workspace records: retained while your account is active.
- Billing records: retained as required for accounting and compliance.
- Operational logs: retained for a limited period for security and reliability.
7. Your rights
Depending on your location and applicable law, you may request access, correction, deletion, portability, restriction, or objection. Send requests to contact@restormel.dev. We may verify identity before acting.
8. Children
Restormel Keys is intended for users 18+ and is not directed to children.
9. Security
We use technical and organizational controls, including encryption in transit, access controls, and production access restrictions. Never share raw keys in support messages.
10. Changes
We may update this policy. Material updates will be reflected by a new version and effective date.