Privacy Policy

Effective date: March 2026 · Last updated: March 2026

TL;DR: eodi.me is an offline-first desktop application. Your analysis data, map interactions, and custom overlays stay on your device. We only receive data necessary for license activation and subscription management — and we never sell it.

1. Who We Are

eodi.me ("we", "our", or "us") is a software product that provides offline neighborhood analysis tools. Contact us at hello@eodi.me for any privacy-related inquiries.

2. Data We Do NOT Collect

By design, the following data never leaves your device:

Your location, search queries, or map interactions within the app
Neighborhood analysis results or vibe scores you view
Custom POI overlays or annotations you create
The hexagon vector database (stored and decrypted locally)
Any usage analytics, telemetry, or crash reports

eodi.me includes no analytics SDKs, no tracking pixels, and no third-party data collection of any kind.

3. Data We Do Collect

3.1 License Activation

When you activate a license key, we transmit the following to LemonSqueezy (our payment and licensing processor) to validate your purchase:

Your license key
A machine-specific activation identifier (a random ID generated at install — not tied to hardware fingerprinting)

This is required to enforce per-seat licensing and prevent unauthorized sharing. LemonSqueezy's privacy policy is available at lemonsqueezy.com/privacy.

3.2 Payment Information

All payment processing is handled by LemonSqueezy. We do not receive, store, or process credit card numbers or other payment details. LemonSqueezy is PCI DSS compliant.

3.3 Subscription Records

Your email address and subscription status (plan tier, billing period, expiry date) are stored in our database when you purchase a license. This is necessary to:

Fulfill your subscription
Send transactional emails (purchase confirmations, renewal reminders)
Provide customer support

3.4 Support Communications

If you contact us via email, we retain your email address and the content of your message to respond to and resolve your inquiry.

4. Self-Hosted (Docker) Deployments

If you run eodi.me in self-hosted Docker mode (Business/Enterprise plan), the engine runs entirely on your own infrastructure. We have no access to your deployment, queries, or data in this mode. The API key authentication is generated locally on your hardware.

5. Data Retention

Subscription records: Retained while your subscription is active and for 90 days after cancellation, then deleted.
Support emails: Retained for 12 months, then deleted.
Local app data: Stored indefinitely on your device until you uninstall the app or manually delete the data directory (%APPDATA%\eodi.me on Windows, ~/Library/Application Support/eodi.me on macOS).

6. Your Rights

Depending on your jurisdiction, you may have the right to:

Access: Request a copy of the personal data we hold about you
Deletion: Request deletion of your subscription records and email
Correction: Request correction of inaccurate data
Portability: Request your data in a structured, machine-readable format
Opt-out: Withdraw consent for any optional processing

To exercise any of these rights, email hello@eodi.me. We will respond within 30 days.

7. Cookies and Tracking

The eodi.me desktop application does not use cookies. The eodi.me website (this landing page) does not use analytics cookies or third-party tracking. No cookie consent banner is required because we do not set tracking cookies.

8. Third-Party Services

LemonSqueezy: Payment and license management — Privacy Policy
OpenStreetMap: Map tile data — Privacy Policy (tiles are fetched anonymously)
Supabase: Subscription database hosting — Privacy Policy

9. Data Security

Local data is protected by:

AES-256-GCM encryption of the hexagon vector database (requires your password to decrypt)
HMAC-SHA256 integrity verification of license files
The engine server binds only to 127.0.0.1 (localhost) by default — inaccessible from the network

Subscription data in transit is protected by TLS 1.2+. We apply industry-standard security practices to our backend infrastructure.

10. Children's Privacy

eodi.me is not directed at children under 13. We do not knowingly collect personal data from children. If you believe a child has provided us data, please contact hello@eodi.me.

11. Changes to This Policy

We may update this policy to reflect changes in our practices or applicable law. We will notify active subscribers of material changes via email at least 14 days before they take effect. The "Last updated" date at the top reflects the most recent revision.

12. Korean Users — 개인정보보호법 (PIPA)

eodi.me complies with the Republic of Korea's Personal Information Protection Act (PIPA, 개인정보보호법). For users in South Korea:

수집 항목 (Data Collected): 라이선스 활성화를 위한 이메일 주소 및 라이선스 키, 구독 플랜 정보
수집 목적 (Purpose): 서비스 이용 계약 이행, 구독 관리, 고객 지원
보유 기간 (Retention): 구독 종료 후 90일 이내 삭제. 법령에 따라 보관이 필요한 경우 해당 기간 동안 보관.
제3자 제공 (Third Parties): LemonSqueezy (결제 처리), Supabase (구독 데이터베이스). 그 외 제3자에게 개인정보를 제공하지 않습니다.
이용자 권리 (Your Rights): 개인정보 열람, 정정, 삭제, 처리 정지 요청 권리가 있습니다. hello@eodi.me로 요청하시면 30일 이내에 처리합니다.
개인정보보호 담당자 (Privacy Officer): hello@eodi.me

앱 내에서 분석하는 모든 데이터(검색 기록, 북마크, 맞춤 장소 등)는 사용자 기기에만 저장되며 서버로 전송되지 않습니다.

13. Contact

For privacy questions, requests, or concerns: hello@eodi.me