Galyxy Privacy Policy

Galyxy Privacy Policy

Last Updated: May 13, 2026

Welcome to Galyxy. This Privacy Policy explains how Galyxy (“Galyxy,” “we,” “our,” or “us”) collects, uses, stores, protects, and shares information when you use the Galyxy website, applications, APIs, and related services.

1. Information We Collect

We may collect several categories of information depending on how you use the Service.

  • Account information such as usernames and email addresses
  • OAuth tokens and provider authentication data
  • File metadata and transfer information
  • Usage logs, IP addresses, and device information

2. Connected Provider Information

When you connect third-party cloud providers, Galyxy may collect and process provider account identifiers, OAuth tokens, refresh tokens, synchronization metadata, folder structures, transfer history, and file metadata required to operate integrations.

  • Google Drive
  • Dropbox
  • Microsoft OneDrive
  • Box
  • Mega

3. File Access and Processing

Files may be temporarily accessed, transferred, synchronized, encrypted, cached, or processed through Galyxy infrastructure.

Galyxy does not claim ownership of your files and attempts to minimize unnecessary retention of file contents whenever possible.

4. How We Use Information

  • Provide and maintain the Service
  • Authenticate users
  • Enable cloud storage integrations
  • Transfer and synchronize files
  • Improve reliability and performance
  • Detect abuse and security threats
  • Respond to support requests
  • Comply with legal obligations

5. Cookies and Local Storage

Galyxy may use cookies, local storage, session storage, and authentication tokens to maintain login sessions, remember preferences, improve security, and prevent abuse.

6. OAuth Tokens and Authentication Data

OAuth tokens and authentication credentials may be encrypted at rest and protected using access controls and infrastructure security practices.

Users may revoke connected provider access through either Galyxy settings or provider authorization settings.

7. Sharing of Information

Galyxy does not sell personal information.

Information may be shared with:

  • Infrastructure and hosting providers
  • Connected cloud providers
  • Security and monitoring services
  • Payment processors
  • Legal authorities where required by law

8. Data Retention

Information is retained only as long as reasonably necessary for operation, security, legal compliance, dispute resolution, and enforcement purposes.

9. Security

Galyxy implements reasonable administrative, technical, and organizational safeguards designed to protect information.

  • Encryption in transit
  • Access restrictions
  • Rate limiting
  • Infrastructure monitoring
  • Authentication protections

However, no internet-based service can guarantee absolute security.

10. International Transfers

Your information may be processed or stored in countries outside your own jurisdiction.

11. Your Rights and Choices

Depending on applicable law, you may have rights to access, correct, delete, export, or restrict processing of your personal information.

12. Children's Privacy

Galyxy is not directed toward children under 13 years old and does not knowingly collect personal information from children under 13.

13. Third-Party Services

Third-party integrations and providers operate independently and are governed by their own terms and privacy policies.

14. Changes to This Privacy Policy

Galyxy may update this Privacy Policy periodically. Continued use of the Service after updates become effective constitutes acceptance of the revised policy.

15. Contact Information

Galyxy Privacy Team
privacy@galyxy.dev
https://galyxy.dev

BY USING THE SERVICE, YOU ACKNOWLEDGE THAT YOU HAVE READ THESE TERMS OF SERVICE, UNDERSTAND THEM, AND AGREE TO BE BOUND BY THEM.