Privacy policy

Floox stores only the data needed to connect your odoo instance to authorized MCP clients: email, odoo URL, database, user and an encrypted identifier for the API key.

The API key lives encrypted in Supabase Vault (pgsodium XChaCha20). The visible table only stores an opaque UUID. No dump (backup, pg_dump) contains the key in plaintext.

Every MCP query to your odoo is logged in an immutable audit log: date, service role and success/failure. You can see those records from your dashboard at /app/logs.

We don't share your data with third parties. We don't use tracking analytics in MVP. We don't send marketing without your consent.

To request full deletion of your account, use the "Delete" button in the dashboard or write to support@floox.app.

This document is a placeholder for MVP — it will be replaced with a legal version before the public launch.