This privacy notice for Eon, Inc. (Eon, we, us, or our) describes how and why we might collect, store, use, and/or share (process) your information when you use our services (Services), such as when you:
- Visit our website at https://tryeon.ai, or any website of ours that links to this privacy notice
- Use the Eon platform to build, manage, or serve a storefront, including the dashboard, deployments, and catalog tools
- Engage with us in other related ways, including any sales, marketing, or events
Questions or concerns? Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, contact us at privacy@tryeon.ai.
Summary of key points
- What personal information do we process? When you visit, use, or navigate our Services, we may process personal information depending on how you interact with Eon, the choices you make, and the features you use.
- Do we process sensitive personal information? We do not process sensitive personal information.
- Do we receive information from third parties? Only what you authorize — for example, repository metadata from GitHub when you install the Eon GitHub App.
- How do we process your information? To provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law.
- How do we keep your information safe? Through organizational and technical safeguards described in our Security page — though no electronic transmission or storage technology can be guaranteed 100% secure.
1. What information do we collect?
Personal information you disclose to us
In short: we collect personal information that you provide to us.
We collect personal information that you voluntarily provide when you register for the Services, express interest in our products, or otherwise contact us. This may include:
- Names
- Email addresses (used for one-time-passcode sign-in)
- Profile images you upload
- GitHub account and installation metadata you authorize when connecting a repository (account login, repository names, branch names, commit metadata)
Sensitive information. We do not process sensitive information.
Customer content. Storefront content (pages, snippets, themes, configuration) and product catalog data you import belong to you and are processed solely to provide the Services — to validate, build, publish, and serve your storefronts.
All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.
Information automatically collected
In short: some information — such as your IP address and browser and device characteristics — is collected automatically when you visit our Services.
We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, country, and information about how and when you use our Services. This information is primarily needed to maintain the security and operation of our Services, and for internal analytics and reporting.
- Log and usage data. Service-related, diagnostic, usage, and performance information our servers automatically collect, including date/time stamps, pages viewed, searches, features used, and error reports.
- Device data. Information about the computer, phone, or other device you use to access the Services, such as IP address, browser type, operating system, and system configuration.
2. How do we process your information?
In short: we process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law.
- To facilitate account creation and authentication and otherwise manage user accounts and workspaces.
- To operate your storefronts — checking out your repository, validating and publishing content, and serving your storefront on your domains.
- To identify usage trends so we can understand how the Services are used and improve them.
- To protect our Services, including fraud monitoring and prevention.
If we engage or change any third-party service providers (sub-processors) that handle your personally identifiable information, we will notify you in advance and give you a reasonable period to review the change and raise objections.
3. What legal bases do we rely on?
In short: we only process your personal information when we believe it is necessary and we have a valid legal reason to do so under applicable law.
If you are located in the EU or UK, the General Data Protection Regulation (GDPR) and UK GDPR require us to explain the legal bases we rely on to process your personal information:
- Consent. We may process your information if you have given us permission for a specific purpose. You can withdraw your consent at any time.
- Performance of a contract. We process your information to deliver the Services you signed up for.
- Legitimate interests. For example, analyzing how our Services are used so we can improve them, where those interests do not outweigh your rights and freedoms.
- Legal obligations. Where processing is necessary to comply with law, cooperate with law enforcement, or exercise or defend our legal rights.
If you are located in Canada, we process your information with your express or implied consent, which you can withdraw at any time, except in cases where applicable law permits processing without consent.
4. When and with whom do we share your information?
In short: we share information only with service providers needed to run the platform, and in specific situations described below.
Our sub-processors include:
| Provider | Purpose |
|---|---|
| Vercel | Application hosting, content delivery, and file storage |
| Neon | Postgres database hosting |
| GitHub | Repository hosting and source integration you authorize |
| Better Auth Infra | Authentication email delivery and monitoring |
We may also share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company (business transfers). We do not sell personal information.
5. Do we use cookies and other tracking technologies?
In short: we use a small number of cookies necessary to operate the Services.
We use cookies primarily for session management — keeping you signed in to your workspace. We do not use third-party advertising cookies.
6. How long do we keep your information?
In short: we keep your information for as long as necessary to fulfill the purposes outlined in this notice unless otherwise required by law.
We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law. No purpose in this notice will require us keeping your personal information for longer than the period of time in which you have an account with us. When we have no ongoing legitimate business need to process your personal information, we will delete or anonymize it.
7. How do we keep your information safe?
In short: we aim to protect your personal information through a system of organizational and technical security measures.
We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process — see our Security page for details. However, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. You should only access the Services within a secure environment.
8. Do we collect information from minors?
In short: we do not knowingly collect data from or market to children under 18 years of age.
By using the Services, you represent that you are at least 18. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data. If you become aware of any data we may have collected from children under 18, contact us at privacy@tryeon.ai.
9. What are your privacy rights?
In short: in some regions, such as the EEA, UK, and Canada, you have rights that allow you greater access to and control over your personal information.
Depending on your region, these rights may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure, (iii) to restrict the processing of your personal information, and (iv) if applicable, to data portability. In certain circumstances, you may also have the right to object to the processing of your personal information. You can make such a request by contacting us at privacy@tryeon.ai. You can also delete your account — and the data associated with it — at any time from your account settings.
If you are located in the EEA or UK and believe we are unlawfully processing your personal information, you have the right to complain to your local data protection supervisory authority.
California and Virginia residents have specific rights under the CCPA and CDPA, including the rights to know, access, correct, delete, and opt out of the sale of personal information. Eon has not disclosed, sold, or shared any personal information to third parties for a business or commercial purpose and will not do so in the future. To exercise these rights, contact us at privacy@tryeon.ai.
10. Controls for Do-Not-Track features
Most web browsers include a Do-Not-Track ("DNT") setting. No uniform technology standard for recognizing and implementing DNT signals has been finalized, so we do not currently respond to DNT browser signals. If a standard is adopted that we must follow, we will inform you in a revised version of this notice.
11. Do we make updates to this notice?
In short: yes, we will update this notice as necessary to stay compliant with relevant laws.
We may update this privacy notice from time to time. The updated version will be indicated by an updated date and will be effective as soon as it is accessible. If we make material changes, we may notify you by prominently posting a notice or by sending you a notification directly.
12. How can you contact us about this notice?
If you have questions or comments about this notice, email us at privacy@tryeon.ai or write to:
Eon, Inc.Attn: Privacy
privacy@tryeon.ai