Last updated: June 12, 2026
We collect only the baseline structural information required to instantiate your secure tenant environment and validate your identity. This includes your corporate email address, display name, and authentication tokens.
Payload Data Custody: For deployments configured under our standard architecture, message content and metadata are processed to ensure secure routing and platform operation. For enterprise tenants utilizing our Bring-Your-Own-Bucket (BYOB) infrastructure model, 100% of raw message payloads, binaries, and ledger assets are streamed directly into your organization's private, compliance-locked cloud storage container. In a BYOB configuration, INBX does not collect, index, or maintain custody of your raw message content.
Cryptographic key material used for Ed25519 asymmetric signing and payload verification is generated using hardware-isolated execution boundaries. Private signing keys are handled entirely within secure client-side or containerized session memory spaces and are never stored in plain text or exposed to third-party network layers.
Account data and operational metadata are utilized strictly to maintain, protect, and validate the integrity of the platform gateway. This includes verifying directory single sign-on handshakes, validating cryptographic message signatures, managing system status updates, and delivering system notifications. We do not engage in data mining, profiling, or cross-site tracking.
We do not sell, lease, trade, or share corporate or personal information with external marketing entities or third-party brokers. Data transmission is limited strictly to:
Account profile information is retained as long as your enterprise workspace partition remains active.
Ledger Permanence: By design, once a message payload transitions to a Sealed state, its cryptographic validation hash and associated routing manifest are written to an immutable ledger architecture. If your workspace utilizes our Compliance Mode Write-Once-Read-Many (WORM) storage protocols, sealed records are subject to hardware-enforced retention policies and cannot be modified or deleted by users, network administrators, or INBX operators until the designated retention window expires. Unsealed drafts may be deleted by the composing user at any time.
We enforce rigorous, industry-standard infrastructure controls to protect your data layers. All data transiting our API gateway is protected using Transport Layer Security (TLS 1.2 or TLS 1.3 minimums), and all ledger blocks utilize end-to-end cryptographic sealing.
Enterprise database relational mappings, authentication profiles, and metadata directory tables are securely managed via Supabase. Data handled within the Supabase ecosystem is governed strictly by their dedicated enterprise isolation and security compliance protocols. We explicitly do not implement tracking pixels, third-party advertising cookies, or behavior analytics frameworks.
Workspace administrators retain the right to audit, inspect, and export their transaction data manifolds and message structures upon demand. To request an independent structural export or execute a formal account termination, contact our operations queue at support@inbxapp.com.
We reserve the right to amend this Privacy Policy to maintain strict alignment with evolving regulatory compliance mandates. Administrative changes will post directly to this verification link. For structural architecture inquiries or detailed compliance whitepaper requests, contact our engineering team at support@inbxapp.com.