StrixAppBack to home

Legal

Privacy Policy

Last updated: 2026-06-24

This policy explains what data OneStrix and the StrixApp desktop application (onestrix.com) collect, why, and the rights you have under the EU General Data Protection Regulation (GDPR). OneStrix is built privacy-first: the control plane only ever sees your identity and presence - never your project names, paths, or terminal output.

Data controller

Belichberg GmbH, Erlachgasse 65/1, 1100 Vienna, Austria.
Email:info+onestrix-web@belichberg.com
Phone: +43 660 9151003

What we do not collect

StrixApp is designed so that your work never leaves your own machines. The control plane never receives your project names, file paths, terminal input or output, or the content of your sessions. Per-device limits (such as device count and per-device project and feather caps) are enforced on the client, so the enforcement data needed to apply them stays on your devices. Nodes connect through an encrypted relay that forwards ciphertext only; the relay cannot read your traffic.

Downloads

Downloading StrixApp is anonymous. We do not require an account or collect personal data to let you download the app. Our hosting providers may process standard server logs as described below.

Account and sign-in

To sign in you provide an email address, which receives a one-time passcode (OTP). We store your email address and the minimal account, device, and subscription records required to operate your account and enforce plan limits (for example, the number of registered devices and their presence). We do not store passwords.

Legal basis: performance of our contract with you (Art. 6(1)(b) GDPR) and our legitimate interest in securing the service and enforcing plan limits (Art. 6(1)(f) GDPR).

Retention: account and subscription records are kept for the life of your account and for as long as required by Austrian commercial and tax law (up to 7 years) after it closes.

Server logs

Our control plane, relay, and website servers record standard technical log data such as IP address, request timestamp, user agent, and referrer for security and debugging.

Legal basis: legitimate interest in secure and reliable operation (Art. 6(1)(f) GDPR).

Retention: we keep server logs only as long as needed for security and reliable operation, then delete them.

Website analytics and cookies

We use analytics to understand how this site is used. Analytics and advertising-measurement cookies (Google, Meta) load only after you accept them in the cookie banner; you can decline, and your choice is stored locally in your browser and in a small consent cookie so we can honour it. We may also use cookieless analytics that set no cookies.

If, and only if, you accept advertising-measurement, we also measure completed downloads and bookings server-side and share them with Meta through its Conversions API to gauge ad effectiveness. This may include your IP address, user agent, the ad click identifier, and which download you chose. Without your consent none of this server-side measurement takes place, and downloads work the same either way.

Email delivery

We send sign-in passcodes and account email using Amazon Simple Email Service (Amazon SES) operating in the EU (Frankfurt) region, acting as a data processor on our behalf.

Your rights

Under the GDPR you have the right to access, rectification, erasure, restriction of processing, data portability, and to object to processing. Where processing is based on consent, you may withdraw it at any time. To exercise any of these rights, contactinfo+onestrix-web@belichberg.com.

Supervisory authority

You may lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde), Barichgasse 40-42, 1030 Vienna, Austria. Phone: +43 1 52 152-0, email:dsb@dsb.gv.at.