Privacy Policy

Last updated: April 2026

This policy explains how Horizon Digital Engineering LLC ("we", "us") collects and uses information when you use the Cyphera website, documentation, and related services at cyphera.io.

What We Collect

The categories of personal information we collect are limited: an email address for documentation-portal access, and (optionally, if you opt in) anonymous page-view analytics. Details below.

Email address

We collect your email address when you sign up for access to the Cyphera documentation portal. This is used solely to verify your identity and grant access.

Analytics (opt-in)

If you accept analytics via the cookie banner, we use PostHog — proxied through t.cyphera.io so ad-blockers don’t interfere — to collect anonymous page views, the page you came from, your approximate location (city-level, derived from IP), browser type, and device class. We do not enable PostHog’s session replay, heatmaps, or autocapture. If you decline analytics, none of this is recorded.

How We Use Your Data

• Product improvement — analytics help us understand which features and documentation pages are most useful.
• Communication — if you provide your email, we may send you product updates or important notices. We will never sell your email to third parties.
• Access control — email verification is used to manage access to the documentation portal.

Cookies

We use a small number of cookies. See the full Cookie Policy for details.

• Consent cookie (pcmp_consent) — records your consent choice so we don’t re-prompt every page load. Strictly necessary.
• Authentication cookie — used to maintain your session when accessing the documentation portal.
• PostHog analytics cookies (ph_*) — set only if you accept analytics. Distinguish anonymous visitors for page-view metrics. No session replay.

Do Not Sell or Share My Personal Information

We do not sell your personal information to third parties, and we do not share it for cross-context behavioral advertising. There is nothing for you to opt out of in this regard.

If you want to confirm this, or if you want us to delete the data we hold about you anyway, email privacy@horizondigital.dev.

Your Rights

Wherever you live, you can email privacy@horizondigital.dev to exercise the following rights:

• Right to access — tell you what we have about you.
• Right to correct — correct anything wrong.
• Right to delete (also known as the right to erasure) — ask us to delete your data.
• Right to object — stop processing it.
• Right to portability — send your data to you or another provider in a portable format.

We respond within 30 days.

CCPA / CPRA (California): in addition to the above, you have the right to opt out of “sales” or “shares” — we don’t do either; see above. You also have the right to limit the use of sensitive personal information; we do not collect any of the categories CCPA defines as “sensitive personal information” (precise geolocation, race/ethnicity, sexual orientation, biometric data, health data, etc.), so there is nothing to limit. We will not discriminate against you for exercising any of these rights — we will not deny service, charge different prices, or provide a lower quality of service.

GDPR / UK GDPR (EU / UK / Switzerland): the legal bases we rely on are (1) consent for analytics cookies, (2) contract for the docs-portal account, and (3) legitimate interests for server logs and replying to your emails. You can lodge a complaint with your local data-protection authority if you think we got it wrong.

Third-Party Services

We use the following third-party services to operate cyphera.io:

• PostHog — product analytics. PostHog privacy policy.
• Resend — transactional email delivery (verification emails). Resend privacy policy.
• Cloudflare — hosting, CDN, and DDoS protection. Cloudflare Web Analytics (a small cookieless beacon to static.cloudflareinsights.com) is also enabled for aggregate traffic metrics — no individual user is identified or tracked. Cloudflare privacy policy.

Data Retention

We retain your email address for as long as your account is active. Analytics data is retained in aggregate form and is not linked to individual users. If you would like your data deleted, contact us and we will process your request within 30 days.

The SDK Itself

The Cyphera SDK does not collect any data. It runs entirely on your infrastructure. No telemetry, no phone-home, no analytics. Encryption and decryption happen locally — keys never leave your environment.

Contact

Privacy and data-subject requests: privacy@horizondigital.dev.

General inquiries: hello@horizondigital.dev.