Privacy Policy

ProxmoxR ("the App", "we", "us", "our") is a mobile application for managing Proxmox VE servers, developed and operated by Spectrum Labs ("the Company"). This privacy policy explains what data we collect, how we use it, and what rights you have.

We take your privacy seriously. The App is designed to keep your data on your device and communicate directly with your own servers — not through our infrastructure.

1. Data We Collect

1.1 Data Stored Locally on Your Device

The following data is stored exclusively on your device and is never transmitted to us:

• Server credentials — hostnames, API tokens, usernames, and passwords for your Proxmox VE servers. These are stored in your device's encrypted secure storage (iOS Keychain / Android Keystore).
• App preferences — theme selection, language preference, onboarding status.
• Cluster configurations — the list of Proxmox clusters you have added to the app.

We do not have access to your server credentials, Proxmox data, virtual machines, containers, or any infrastructure information. The App connects directly from your device to your Proxmox servers.

1.2 Data Processed by Third Parties

• Subscription management — handled by Apple (App Store) or Google (Google Play) through their respective in-app purchase systems. Payment information is processed by Apple or Google, not by us. We receive anonymized purchase confirmations through RevenueCat to manage subscription status.
• Crash reports — if the app crashes, anonymized crash data may be collected by Apple or Google through their standard crash reporting mechanisms. This data does not contain personal information or server credentials.

1.3 Data Collected via Our Website

When you use the contact form on our website (proxmoxr.com/support), we collect:

• Your name and email address (to respond to your inquiry)
• Your message content
• Your IP address (for spam prevention, not stored permanently)
• Google reCAPTCHA v3 verification data (processed by Google)

2. Data We Do NOT Collect

We want to be explicit about what we do not collect:

• No server credentials or API tokens
• No information about your Proxmox infrastructure (VMs, containers, nodes)
• No usage analytics or tracking within the app
• No location data
• No contacts, photos, or other personal device data
• No advertising identifiers

3. How Your Data Flows

Understanding how the App works is important for your privacy:

• Your device ↔ Your Proxmox server: The App communicates directly with your Proxmox VE server's REST API over HTTPS. This traffic goes directly between your device and your server. We are not an intermediary and do not see, store, or process this traffic.
• Your device ↔ Apple/Google: Subscription status is verified through Apple's App Store or Google Play. We use RevenueCat as an SDK to manage this.

There is no "ProxmoxR cloud server" that your data passes through.

4. How We Use Your Data

• Contact form submissions: only to respond to your support request. We do not use this data for marketing.
• Subscription data: only to verify your subscription status and provide access to app features.

5. Data Retention

• Local app data: stored until you delete the app or remove a cluster from the app. You are in full control.
• Support inquiries: retained for up to 12 months to provide ongoing support, then deleted.
• Subscription records: retained as long as required by Apple/Google and applicable tax/accounting laws.

6. Third-Party Services

The App uses the following third-party services:

• RevenueCat — for in-app purchase and subscription management. RevenueCat Privacy Policy
• Apple App Store / Google Play — for app distribution and payment processing. See Apple's Privacy Policy and Google's Privacy Policy.
• Google reCAPTCHA v3 — on the website contact form only. Google Privacy Policy

We do not use any advertising networks, analytics SDKs, or tracking tools in the App.

7. Your Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR):

• Right of access — you can request a copy of any personal data we hold about you.
• Right to rectification — you can request correction of inaccurate data.
• Right to erasure — you can request deletion of your personal data ("right to be forgotten").
• Right to restrict processing — you can request that we limit how we use your data.
• Right to data portability — you can request your data in a structured, machine-readable format.
• Right to object — you can object to the processing of your data.
• Right to withdraw consent — where processing is based on consent, you can withdraw it at any time.

Since most data is stored locally on your device, you can exercise many of these rights directly by managing or deleting the app. For data related to support inquiries, contact us at the address below.

8. Legal Basis for Processing (GDPR)

We process personal data on the following legal bases:

• Contract performance — processing subscription data is necessary to provide the service you purchased.
• Legitimate interest — processing contact form data to respond to support requests.
• Consent — when you submit the contact form, you explicitly consent to us processing your message.

9. Data Security

We implement appropriate technical measures to protect your data:

• Server credentials are stored in your device's hardware-backed encrypted storage (iOS Keychain / Android Keystore).
• All communication between the App and your Proxmox server uses HTTPS/TLS encryption.
• Our website uses HTTPS with HSTS enforcement.
• Contact form submissions are protected by rate limiting, honeypot fields, and reCAPTCHA.

10. Children's Privacy

ProxmoxR is not intended for use by children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

11. International Data Transfers

Our company is based in the European Union (the Netherlands). Support form data is processed within the EU. Third-party services (Apple, Google, RevenueCat) may process data outside the EU under their respective data processing agreements and safeguards.

12. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes by updating the "Last updated" date at the top of this page. Continued use of the App after changes constitutes acceptance of the updated policy.

13. Contact

For privacy-related questions, data requests, or to exercise your GDPR rights, contact us:

• Email: accounts@spectrumlabs.dev
• Support form: proxmoxr.com/support
• Company: Spectrum Labs, Rotterdam, the Netherlands