Privacy Policy

Last updated: March 2026

MicroDC ("we," "us," or "our") is committed to protecting your personal information. This Privacy Policy describes what data we collect, how we use it, and your rights regarding that data.

1. Information We Collect

• Account data: name, email address, phone number, and password (hashed).
• Identity verification data: government-issued ID, selfie/liveness check images, processed by our third-party KYC provider (Onfido or Persona). We do not store raw ID scans on our servers beyond what is required for compliance.
• Payment data: billing information processed by Stripe. We do not store full card numbers.
• Host hardware data: GPU model, temperature, power draw, and utilization statistics reported by the agent software.
• Usage data: job submission records, API access logs, IP addresses, browser type, and timestamps.

2. How We Use Your Information

• To operate the Platform and process transactions.
• To verify your identity and comply with KYC/AML regulations.
• To screen against OFAC, EU, and UN sanctions lists.
• To detect fraud and enforce our Terms of Service.
• To communicate with you about your account, jobs, and platform updates.
• To comply with legal obligations, including export control regulations (BIS AI Diffusion Rule).

3. Sharing Your Information

We do not sell your personal data. We share data only with:

• KYC providers (Onfido / Persona) for identity verification.
• Payment processors (Stripe) for billing and payouts.
• Sanctions screening services (Sanctions.io) as required by law.
• Infrastructure providers (hosting, CDN) under data processing agreements.
• Law enforcement when required by valid legal process.

4. Data Retention

We retain account and transaction records for a minimum of 5 years to satisfy financial compliance and export control audit requirements. You may request deletion of non-legally-required data by contacting us; requests will be processed within 30 days subject to legal holds.

5. Cookies and Tracking

We use strictly necessary cookies for session management (HTTP-only, secure). We do not use third-party advertising trackers or analytics pixels. Basic server-side access logs are retained for security and performance purposes.

6. Security

All data is transmitted over TLS. Passwords are hashed using bcrypt. Access tokens are short-lived JWTs (15 minutes). We perform regular security audits and maintain incident response procedures.

7. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, or delete your personal data, or to object to certain processing. To exercise these rights, contact support@microdc.io. Note that some data must be retained for legal compliance regardless of deletion requests.

8. Children's Privacy

The Platform is not directed at individuals under 18. We do not knowingly collect data from minors. If you believe a minor has created an account, contact us immediately.

9. Changes to This Policy

We may update this Policy periodically. Material changes will be communicated by email. Continued use of the Platform after changes constitutes acceptance.

10. Contact

For privacy inquiries: support@microdc.io