Privacy Policy

301.st is designed as an operating layer for your infrastructure, not as a business built around collecting more data than it needs.

Privacy in One Sentence

We keep the account, credential, configuration, and service data needed to run 301.st, protect the platform, and support customers. We try not to collect or retain more than that.

Because 301.st operates on top of infrastructure you already own, much of the operational context still lives in your own provider accounts rather than becoming a second copy inside ours.

Data We Need to Run the Service

  • Account information: email, authentication data, and settings needed to keep your account usable and secure.
  • Integration credentials: tokens or keys you provide so the platform can connect to external services you choose to use.
  • Configuration data: projects, sites, redirect rules, and related product settings you create in the app.
  • Operational logs: limited records that help us support the product, investigate issues, and protect accounts.

Data We Try Not to Collect

  • End-user traffic payloads when those workflows can stay in your own infrastructure layer.
  • More provider data than the product actually needs to perform the requested operation.
  • Marketing-style tracking that follows people across unrelated sites.
  • Payment card data directly on our systems if billing is processed by a dedicated provider.

Why We Process Data

  • To authenticate users and keep accounts accessible and secure.
  • To run the integrations and workflows you explicitly configure.
  • To support the product, investigate errors, and prevent abuse.
  • To communicate important service, billing, or policy updates when needed.

Retention and Deletion

We keep account and configuration data for as long as the account remains active or as long as the data is needed to provide the service.

When an account is closed or a deletion request is completed, we remove or anonymize data that is no longer required for legitimate operational, security, or legal reasons. Some limited logs may remain for a reasonable period where needed for audit, abuse prevention, or dispute handling.

Your Choices and Rights

  • Access: ask what information we keep about your account.
  • Correction: update or correct data that is inaccurate.
  • Deletion: request account deletion and removal of data that no longer needs to be retained.
  • Export: request a usable copy of configuration data where practical.

Third-Party Services

301.st relies on infrastructure and service providers to deliver the app, handle integrations, and support account flows. When you choose to connect an external provider, data needed for that connection is necessarily processed as part of the workflow.

Those providers operate under their own terms and privacy practices. This page describes how 301.st handles the data it controls, not the full policies of every external platform your account may touch.

Questions About Privacy?

For privacy questions, account data requests, or deletion inquiries, contact privacy@301.st. For security reporting, use the Security page. For broader product questions, see the Documentation.

Last updated: April 5, 2026