Privacy Policy

Traxo is operated by Paritosh Pathak International LLP (“Traxo”, “we”, “us”). This policy explains what data we collect when you use Traxo, why we collect it, and how we handle it.

• Account data — name, work email, hashed password, role within your workspace.
• Workspace data — content you create inside Traxo (tasks, processes, playbooks, KRAs, CORI assessments, comments).
• Usage data — basic activity logs (who did what, when) used inside your workspace and for our own service operation.
• Operational metadata — IP address and browser user-agent on sensitive endpoints (login, signup) for rate-limiting and abuse prevention.

• To provide the Traxo service to you and your team.
• To send transactional email (invitations, password resets, KRA review reminders, system notifications).
• To investigate bugs and improve the product.
• To prevent abuse (rate-limiting, brute-force protection).

Workspace data lives in a Postgres database hosted on a managed cloud provider. Passwords are stored as bcrypt hashes — never in plain text. Email is delivered via Resend. Application errors are reported to Sentry. We do not sell or share your data with third parties for marketing.

Every workspace is scoped to a single company id. Users in one company cannot read data belonging to another company.

You can request a copy of your workspace data, correct any of it, or delete your account at any time by emailing us at the address below. We respond to requests within 30 days.

Traxo uses a single session cookie set by NextAuth so we know you’re signed in. We don’t use third-party advertising cookies.

For privacy questions, email privacy@traxo.app.