Skip to main content
Ranching.Farm

Privacy Policy

Last updated: 2025-01-29

Introduction

anycast.io UG (haftungsbeschränkt) (“we”, “us”, or “our”) is committed to protecting your privacy. This policy explains our practices regarding data collection and usage in our AI-powered Kubernetes management service.

Data We Collect

Account Information

  • Name and email address
  • Profile avatar (optional)
  • Account role and permissions
  • Registration and email confirmation dates
  • Last sign-in timestamp and IP address
  • Marketing email preferences
  • Two-factor authentication status
  • Beta feature enrollment

Service Usage Data

  • Cluster authentication credentials for our management agent
  • Cluster names and identifiers
  • Team/organization membership and roles
  • Chat histories and AI assistant conversations
  • AI token usage statistics by model
  • Activity logs and user actions (limited to 1000 most recent)
  • User notifications and messages

Content You Create

  • Posts and articles (if using blog features)
  • Uploaded files and documents
  • Contact form submissions
  • Newsletter subscription status
  • Team invitations sent and received

Technical Data

  • Session tokens and authentication data
  • API access tokens
  • Browser and device information
  • HTTPS connection data
  • Error logs for service improvement

Payment Information

  • Customer ID from payment processor (Stripe)
  • Subscription status and plan details
  • Billing events and usage metrics
  • We do not store credit card information directly

How We Use Your Data

  • To provide and maintain our Kubernetes management service
  • To authenticate and authorize access to clusters and features
  • To manage team memberships and organizational access
  • To improve our AI assistant’s responses and accuracy
  • To track and limit usage according to subscription plans
  • To process payments and manage subscriptions through Stripe
  • To send service updates, notifications, and marketing emails (if opted-in)
  • To provide customer support and respond to inquiries
  • To analyze usage patterns and improve our service
  • To comply with legal obligations and enforce our terms

Data Storage and Security

  • All data transmissions use HTTPS encryption
  • Passwords are securely hashed using bcrypt
  • Cluster credentials are encrypted and stored securely
  • Session tokens expire after 60 days of inactivity
  • API tokens expire after 30 days
  • We implement rate limiting on sensitive operations
  • We do not access or store data from your cluster workloads
  • Regular security updates and vulnerability patches

Third-Party Services

We integrate with the following third-party services:

Payment Processing

  • Stripe: Handles all payment processing, subscription management, and stores payment methods. Stripe Privacy Policy

Analytics

  • Plausible Analytics: Privacy-friendly analytics that doesn’t use cookies or collect personal data. Tracks page views, referrers, and custom events. Plausible Privacy Policy

AI Services

  • AI Language Model Providers: We may use OpenAI, Anthropic, or other providers to power our AI assistant. Chat contents are sent to these providers for processing.

Infrastructure

  • Cloud Hosting Providers: Application and database hosting
  • Email Service Providers: For transactional and marketing emails

Each third-party service has its own privacy policy and data handling practices.

Cookies and Tracking

Essential Cookies

We use essential cookies for:

  • User authentication and session management
  • CSRF protection
  • Language/locale preferences
  • Color scheme preferences (light/dark mode)

Analytics

  • We use Plausible Analytics which does NOT use cookies
  • Plausible tracks aggregated, anonymous usage statistics
  • We track custom events like signups, feature usage, and revenue
  • No personal data is sent to Plausible

We do not use tracking cookies for marketing or advertising purposes.

Your Rights

Under GDPR (for EU users)

You have the right to:

  • Access: Request a copy of all your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your account (see limitations below)
  • Portability: Export your data in a machine-readable format
  • Restriction: Limit how we process your data
  • Object: Opt-out of certain data processing
  • Withdraw Consent: Change marketing preferences at any time

Data Export

  • Request a comprehensive GDPR export from your account settings
  • Exports include all personal data, settings, content, and usage history
  • Export requests are rate-limited to once per hour
  • Data is provided in HTML and JSON formats

Account Deletion

  • You can delete your account from account settings
  • User deletion marks your account as deleted and removes you from teams
  • Some data may be retained for legal compliance (e.g., billing records)
  • Team/organization deletion permanently removes all team data
  • Active subscriptions are automatically cancelled before deletion

Data Retention

  • Active Accounts: Data retained while account is active
  • Chat History: Retained for service improvement (last 1000 summaries)
  • Activity Logs: Last 1000 actions are retained
  • Session Tokens: Expire and are deleted after 60 days
  • API Tokens: Expire and are deleted after 30 days
  • PIN Codes: Valid for authentication attempts only
  • Deleted Accounts: Accounts are marked as deleted but core data retained for:
    • Legal compliance and billing records
    • Abuse prevention and security
    • Service improvement (anonymized)
  • Team Deletion: Permanently removes all team data immediately
  • Export Logs: Tracked to prevent abuse through rate limiting

Changes to This Policy

We may update this privacy policy at any time. We will notify you of any changes by posting the new policy on this page and updating the “Last updated” date.

Contact Us

For privacy-related questions or requests, please contact us at support@ranching.farm.