FluxionDB Privacy

Last updated: February 15, 2025

This notice explains how FluxionDB (operated by Volandoo) processes the information collected through fluxiondb.com, the admin console at app.fluxiondb.com, and the managed FluxionDB instances that you provision for your organization.

Account & organization data

When you create an account we collect the minimum details required to operate the control plane.

• Email addresses are normalized to lowercase, verified via expiring tokens, and password hashes are stored with bcrypt (12 rounds). Plaintext passwords are never retained.
• Organization records contain a name, slug, owner relationship, and timestamps so we can provision dedicated Kubernetes namespaces per org.
• Session cookies (tsdb_auth) contain a random 32-byte token. They map to a server-side session row for up to 14 days unless you log out sooner.

Keys, databases, and telemetry

FluxionDB instances run in isolated Kubernetes namespaces. The admin app stores the metadata needed to provision and observe those instances.

• Database master secrets and customer API keys are encrypted at rest with AES‑256‑GCM using the API_KEY_ENCRYPTION_SECRET. Only the last four characters of a customer key are stored for reference.
• Provisioning status, size selections, and namespace names are written to Postgres so we can render dashboards and retry failed operations.
• A daily usage snapshot per org (total and billable MiB) is recorded to power billing forecasts. This job stores aggregated numbers instead of raw time-series data.

Support & communications

We send transactional email only when it is required to operate your account.

• Email verification, password reset, and invite flows use short-lived SHA‑256 hashed tokens that expire after 48h, 1h, and 7d respectively.
• Messages are sent through AWS Simple Email Service (no-reply@fluxiondb.com). Bounce/complaint data from SES is used solely to keep the system healthy.
• If you contact us at info@volandoo.com we retain that correspondence to resolve issues.

Time-series data you ingest

Your measurement data lives entirely inside the FluxionDB instance you create.

• Each database is deployed as its own Kubernetes Deployment, Service, and persistent volume claim (PVC); other tenants cannot access your namespace.
• FluxionDB keeps hot data in RAM and can optionally persist to disk (/app/data). The control plane never copies record payloads into shared storage.
• Operators only access a customer namespace when you request help, and those access attempts are logged.

Security practices

Infrastructure & isolation

Namespaces are created via the k8s-bridge service, which shells out to microk8s-kubectl with strict arguments. PVCs are detached and deleted when you remove a database. Ingress certificates are issued by cert-manager/Let’s Encrypt using the contact email published in k8s/00.setup.yaml. We keep system packages, FluxionDB images (volandoo/fluxiondb), and bridge binaries updated via our Kubernetes manifests.

Credential handling

Secrets are only decrypted in memory when provisioning, resizing, or rotating keys. Bcrypt protects user passwords, and API credentials plus database master tokens use AES‑256‑GCM; they never leave the control plane except when pushed into your database pod. Scoped API keys are created and revoked over a WebSocket session against your database using the official @volandoo/fluxiondb-client SDK, and we do not retain full copies.

Logging & monitoring

The admin app logs high-level request metadata ([REQUEST] METHOD PATH) plus errors via Pino. Production logs are forwarded to our private OpenObserve cluster with limited access. Bridge operations capture command stdout/stderr so we can troubleshoot Kubernetes actions; these logs may include namespace names, pod identifiers, or error text. We do not run analytics or advertising beacons on fluxiondb.com.

Cookies & local storage

We only set storage that is necessary to keep you logged in or to remember a UI preference. There are no advertising, analytics, or cross-site trackers on the landing site.

Name / Storage	Purpose	Retention
tsdb_auth (cookie)	Required session cookie for the admin console; stores a random token.	Expires after 14 days or on logout
fluxion-theme (localStorage)	Remembers your dark/light preference for the marketing site and docs.	Persists until you clear site data

Third-party services

We only share data with infrastructure providers that help us run FluxionDB. They act as processors on our behalf and do not have permission to use your information for their own advertising.

• Amazon Web Services – Simple Email Service (transactional email) and regional infrastructure where we host parts of the control plane. Data shared: recipient email address and the transactional message content.
• Stripe (optional) – Billing portal and payment links referenced by the admin app when STRIPE_BILLING_PORTAL_URL or STRIPE_PAYMENT_LINK is configured. Data shared: aggregate usage and your organization identifier so you can complete payment. Card data flows directly to Stripe.
• Let’s Encrypt / cert-manager – Automated TLS certificates for *.fluxiondb.com endpoints managed by our Kubernetes cluster. Data shared: domain ownership challenges plus the public contact email defined in the Kubernetes manifests.

Your rights

Access & updates

You can view and edit most account data inside the admin console. Contact us if you need a full export or if an administrator has left your organization.

Deletion

Deleting a database from the admin console triggers Kubernetes cleanup (Deployment, Service, Ingress, and PVC). To remove your organization entirely, email info@volandoo.com from a verified address.

Incident notification

If we ever discover unauthorized access to your data we will notify the affected organization owner via email with remediation details.

Questions?

Reach out to info@volandoo.com if you need to report a security issue, request an export, or ask anything else about this policy. We respond from the same verified domain.