NewIntroducing npayload. The communication infrastructure that makes your systems react to the world in real time.
npayload

Privacy Policy

Last updated: 2026-03-08

1. Introduction

This Privacy Policy explains how npayload, operated by DevOps Crowd Inc., collects, uses, stores, and protects your information when you use our platform, website, documentation, APIs, and SDKs. By using our Services, you consent to the practices described in this policy.

2. Information we collect

We collect information you provide directly, including your name, email address, organisation name, job title, billing address, and payment information. We also collect technical data automatically, including IP addresses, browser type, device identifiers, and request metadata. We do not collect or store the content of messages you publish unless you use Standard encryption mode.

3. How we use your information

We use your information to provide and maintain the Services, process transactions, monitor service health, detect abuse, enforce rate limits, and send service announcements. We may use aggregated, anonymised data to improve our platform. We never sell your personal information to third parties.

4. Data processing and encryption modes

npayload offers three privacy modes. In Standard mode, messages are processed in plaintext. In Hybrid mode, payloads are encrypted using AES-256-GCM while metadata remains visible. In Zero Knowledge mode, both payload and metadata are encrypted using RSA-4096 and AES-256-GCM. Your choice is configured per channel.

5. Data residency and cross-region transfers

Your messages are stored in the region where your instance is deployed. Messages are never transferred across regions unless both organisations provide explicit consent. For GDPR customers, data remains within the EEA unless explicitly configured otherwise.

6. Data retention

Account data is retained for 90 days after closure. Message retention depends on tier: Starter 7 days, Pro 30 days, Enterprise up to 6 years. You can request deletion at any time by contacting privacy@npayload.com.

7. Cookies and tracking

We use strictly necessary cookies for authentication, analytics cookies to understand visitor behaviour, and advertising cookies from Google, Meta, LinkedIn, and X. You can manage preferences through the cookie consent banner.

8. Third-party services

We use Clerk for authentication, Stripe for payments, Cloudflare for edge networking, Google Cloud Platform for hosting, and Vercel for website hosting. We share only the minimum information necessary.

9. Security measures

We implement OAuth 2.0 with DPoP, TLS 1.3, AES-256-GCM and RSA-4096 encryption, row-level security, hash-chained audit trails, network isolation, and WAF rules with rate limiting.

10. Your rights

You have the right to access, correct, delete, and export your data. You can object to marketing processing and withdraw cookie consent at any time. Contact privacy@npayload.com to exercise your rights.

11. Children's privacy

Our Services are not directed to individuals under 16. We do not knowingly collect personal information from children.

12. Changes to this policy

We will notify you of material changes at least 30 days before they take effect.

13. Contact

Contact privacy@npayload.com or write to: DevOps Crowd Inc., 1275 Av. des Canadiens-de-Montreal, Suite 5-129, Montreal, H3B 0G4, QC, Canada.