Hot Dev Privacy Policy

Last Updated: January 9, 2026

Hot Dev, LLC ("Hot Dev," "Company," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website (https://hot.dev), applications, and services (collectively, the "Services").

Please read this Privacy Policy carefully. By using our Services, you agree to the collection and use of information in accordance with this policy.

1. INFORMATION WE COLLECT

1.1 Information You Provide

Account Information: When you create an account, we collect:

Name
Email address
Password (stored in hashed form)
Organization/company name (if applicable)

Billing Information: When you subscribe to paid services, we collect:

Payment method details (processed by our payment processor, Stripe)
Billing address
Invoice history

Content and Data: When you use our Services, we collect:

Workflow code and configurations you create
API calls and webhook data you process through the Services
Files you upload to the Services
Support tickets and communications with us

Communications: When you contact us, we collect:

Email correspondence
Support requests
Feedback and survey responses

1.2 Information We Collect Automatically

Usage Data: We automatically collect information about how you use the Services:

Features accessed and actions taken
Workflow execution statistics (counts, durations, success/failure rates)
API usage and rate limit data
Error logs and diagnostic data

Device and Connection Information:

IP address
Browser type and version
Operating system
Device identifiers
Time zone and language settings

Cookies and Tracking Technologies:

Session cookies (required for authentication)
Preference cookies (to remember your settings)
Analytics cookies (to understand usage patterns)

See Section 6 for more information about cookies.

1.3 Information from Third Parties

OAuth Providers: If you sign in using Google or GitHub, we receive:

Your name and email address
Profile picture (if available)
Unique identifier from the OAuth provider

Payment Processor: Stripe provides us with transaction status and basic payment details (we do not receive or store full credit card numbers).

2. HOW WE USE YOUR INFORMATION

We use your information for the following purposes:

2.1 Providing and Improving the Services

Create and manage your account
Process your workflows and execute your code
Provide customer support
Send service-related notifications (e.g., password resets, security alerts)
Monitor and improve Service performance and reliability
Develop new features and services

2.2 Billing and Payments

Process subscription payments
Send invoices and receipts
Manage subscription status and renewals
Enforce usage limits based on your plan

2.3 Communications

Respond to your inquiries and support requests
Send product updates and announcements (you may opt out)
Send marketing communications (with your consent, where required)

2.4 Security and Compliance

Detect and prevent fraud, abuse, and security threats
Enforce our Terms of Service and policies
Comply with legal obligations

2.5 Analytics and Improvement

Analyze usage patterns to improve the Services
Generate aggregate, anonymized statistics
Conduct research and development

3. HOW WE SHARE YOUR INFORMATION

We do not sell your personal information. We share your information only in the following circumstances:

3.1 Service Providers

We share information with third-party service providers who perform services on our behalf:

Provider	Purpose	Data Shared
Amazon Web Services (AWS)	Cloud infrastructure	All Service data (encrypted)
Stripe	Payment processing	Billing information, transaction data

All service providers are contractually obligated to protect your information and use it only for the specified purposes.

3.2 Third-Party Integrations

When you connect third-party services (e.g., OpenAI, Anthropic, Slack, email providers) through your workflows, your data is transmitted to those services according to their privacy policies. You control which integrations you enable and what data is sent.

3.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas).

3.4 Business Transfers

If Hot Dev is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or use of your personal information.

3.5 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

4. DATA RETENTION

4.1 Account Data

We retain your account information for as long as your account is active. If you delete your account, we will delete your personal information within thirty (30) days, except as required by law or for legitimate business purposes (e.g., fraud prevention, legal compliance).

4.2 Workflow Data

Active accounts: Workflow execution history is retained according to your Service Plan (typically 30-90 days for execution logs).
Deleted accounts: Workflow data is deleted within thirty (30) days of account deletion.

4.3 Backups

Backup copies may be retained for up to ninety (90) days for disaster recovery purposes.

4.4 Legal Obligations

We may retain certain information longer if required by law (e.g., tax records, fraud investigations).

5. DATA SECURITY

We implement appropriate technical and organizational measures to protect your information:

5.1 Technical Measures

Encryption in transit: All data transmitted to and from our Services uses TLS 1.2 or higher
Encryption at rest: Sensitive data is encrypted using AES-256
Access controls: Role-based access controls limit employee access to data
Infrastructure security: Hosted on AWS with SOC 2 Type II certified infrastructure

5.2 Organizational Measures

Security training for all employees
Regular security assessments and penetration testing
Incident response procedures
Vendor security reviews

5.3 Your Responsibilities

You are responsible for:

Maintaining the security of your account credentials
Not sharing your password or API keys
Reporting any unauthorized access immediately

6. COOKIES AND TRACKING TECHNOLOGIES

6.1 Types of Cookies We Use

Cookie Type	Purpose	Duration
Essential	Authentication, security, core functionality	Session
Preferences	Remember your settings (theme, language)	1 year
Analytics	Understand usage patterns	2 years

6.2 Your Cookie Choices

Browser settings: Most browsers allow you to block or delete cookies
Opt-out: You can opt out of analytics cookies through your account settings
Essential cookies: Cannot be disabled as they are necessary for the Services to function

6.3 Do Not Track

We currently do not respond to "Do Not Track" browser signals.

7. YOUR RIGHTS AND CHOICES

7.1 Access and Portability

You have the right to:

Access the personal information we hold about you
Receive a copy of your data in a portable format
Export your workflow data through the Services

7.2 Correction

You can update your account information at any time through the Services. Contact us if you need assistance correcting other data.

7.3 Deletion

You can delete your account through the Services or by contacting us. Upon deletion:

Your account will be deactivated immediately
Your data will be deleted within thirty (30) days
Some data may be retained as described in Section 4

7.4 Opt-Out

You can opt out of:

Marketing communications (via unsubscribe link or account settings)
Analytics cookies (via account settings)

7.5 Restriction and Objection

You may have the right to restrict or object to certain processing of your data. Contact us to exercise these rights.

8. INTERNATIONAL DATA TRANSFERS

8.1 Data Location

Our Services are hosted in the United States. If you access the Services from outside the United States, your information will be transferred to and processed in the United States.

8.2 Transfer Mechanisms

For transfers from the European Economic Area (EEA), United Kingdom, or Switzerland, we rely on:

Standard Contractual Clauses approved by the European Commission
Our Data Processing Addendum (available at https://hot.dev/dpa)

8.3 Adequacy

The United States does not have an adequacy decision from the European Commission. We implement appropriate safeguards as described above.

9. SPECIFIC JURISDICTIONS

9.1 European Economic Area (EEA) and United Kingdom

If you are located in the EEA or UK, you have additional rights under the General Data Protection Regulation (GDPR):

Legal Basis for Processing:

Contract: Processing necessary to provide the Services
Legitimate interests: Analytics, security, service improvement
Consent: Marketing communications
Legal obligation: Compliance with laws

Additional Rights:

Right to lodge a complaint with a supervisory authority
Right to withdraw consent at any time

Contact: For GDPR inquiries, contact support@hot.dev

9.2 U.S. State Privacy Rights

If you are a U.S. resident, you may have rights under state privacy laws including the California Consumer Privacy Act (CCPA), Texas Data Privacy and Security Act (TDPSA), Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), Connecticut Data Privacy Act (CTDPA), and other state laws. These rights may include:

Your Rights:

Right to Know/Access: Request information about what personal data we collect, how we use it, and who we share it with
Right to Correction: Request correction of inaccurate personal data
Right to Deletion: Request deletion of your personal data, subject to certain exceptions
Right to Portability: Obtain a copy of your data in a portable, readily usable format
Right to Opt-Out: Opt out of the sale of personal data, targeted advertising, or profiling that produces legal or significant effects
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

Categories of Personal Information We Collect:

Identifiers (name, email address, IP address, account credentials)
Commercial information (billing details, transaction history, subscription data)
Internet/network activity (usage data, browsing history on our Services, log data)
Professional information (company name, job title)

Sensitive Data: We do not process sensitive personal data (such as health information, biometric data, precise geolocation, or data revealing racial or ethnic origin, religious beliefs, or sexual orientation) without your consent.

We do not sell personal data as defined by applicable state privacy laws. We do not use personal data for targeted advertising.

How to Exercise Your Rights:

Submit a request to support@hot.dev
We will verify your identity before processing requests
We will respond within 45 days (or as required by applicable law)
If we need additional time, we will notify you and may extend by up to 45 additional days
If we decline your request, you may appeal by contacting us; we will respond to appeals within 60 days

Authorized Agents: You may designate an authorized agent to submit requests on your behalf. We may require proof of authorization.

10. CHILDREN'S PRIVACY

The Services are not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will delete that information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

11. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. We will notify you of material changes by:

Posting a notice on our website
Sending an email to your registered email address
Displaying a notification in the Services

The "Last Updated" date at the top of this policy indicates when it was last revised. Your continued use of the Services after changes become effective constitutes acceptance of the revised policy.

12. CONTACT US

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Hot Dev, LLC 1606 Headway Cir STE 9513 Austin, TX 78754 United States

Email: support@hot.dev
Website: https://hot.dev

13. ADDITIONAL RESOURCES

Terms of Service: https://hot.dev/terms
Data Processing Addendum: https://hot.dev/dpa

This Privacy Policy is available at https://hot.dev/privacy

↑ Back to top ← Back to Home

Legal Documents