Hexaliz logoHexaliz
Legal

Privacy Policy

Last updated: June 2026

Principle

Hexaliz is built local-first. The default way to use Hexaliz Engine is on your own machine with your own hardware — your prompts, images, audio and models never leave your computer unless you explicitly choose a cloud option.

Routing intent

Every generation carries an explicit routing intent: local, byok, or managed_cloud. local generation never silently falls back to cloud. byok uses your own provider key directly with that provider. Only managed_cloud sends request data through the Hexaliz proxy.

Account data

  • Email address (for sign-in and receipts).
  • OAuth identity (GitHub / Google) — only the data those providers return on sign-in.
  • Subscription and spend records (Stripe + Neon) needed to operate the at-cost model.

Managed cloud requests

When you use managed cloud generation, your request payload (prompt and parameters) is sent to the Hexaliz proxy and forwarded to the upstream provider (e.g. OpenAI, Google, ElevenLabs, Meshy, fal, Replicate) to fulfill the request. We log cost metadata (modality, model, provider, cost) for billing and your dashboard — not your full prompt content. The upstream provider's own privacy policy applies to data they receive.

Payment

Payments are processed by Stripe. Hexaliz does not store your full card number; Stripe does. See Stripe's privacy policy.

Your choices

  • Use local models only — nothing leaves your machine.
  • Bring your own keys (BYOK) — requests go directly to your chosen provider.
  • Cancel your subscription at any time from the Stripe customer portal.
  • Request deletion of your account by contacting privacy@hexaliz.com.

Contact

Hexaliz AB, Sweden. Email: privacy@hexaliz.com.