Eldon

Privacy Policy

How Eldon collects, uses, and safeguards your account data and fax content. Plain-English summary with the legal detail intact.

Last updated · April 14, 2026

This Privacy Policy describes how Eldon Fax Inc. (“Eldon,” “we,” “us”) collects, uses, and shares information when you use our website, web application, and faxing services (together, the “Services”).

1. Information we collect

Account information

When you create an Eldon account we collect your name, email address, password (stored as a salted hash), organization name, and, if you subscribe to a paid plan, billing information processed by our payment provider (Stripe). We do not store full credit card numbers on our servers.

Fax content and metadata

To send and receive faxes on your behalf we process the documents you upload, the destination and source numbers, timestamps, transmission status, page counts, and any cover-page information you provide. Fax documents are encrypted at rest in Amazon S3 using AES-256 and are scoped to the organization that owns them.

Usage and device information

We collect log data (IP address, browser, operating system, pages visited, and actions taken within the app) to secure the Services, debug issues, and understand product usage.

2. How we use information

  • To deliver, maintain, and improve the Services.
  • To transmit your faxes through our carrier partner (Telnyx) and return delivery status to you.
  • To bill you and manage your subscription.
  • To detect, investigate, and prevent fraud, abuse, or violations of our Customer Agreement.
  • To communicate with you about account activity, security issues, and product changes.

3. How we share information

We share information only with:

  • Service providers who process data on our behalf (Telnyx for fax transmission, Amazon Web Services for hosting and storage, Stripe for payments). Each is contractually bound to appropriate security and confidentiality obligations.
  • Law enforcement or regulators when required by valid legal process.
  • A successor entity in connection with a merger, acquisition, or sale of assets.

We do not sell your personal information, and we do not use fax content to train machine-learning models.

4. Data retention

Fax documents are retained for as long as your organization keeps them in the app. You can delete any fax at any time; deletion requests are propagated to our storage backend within 30 days. Audit logs of administrative actions are retained for up to seven years to satisfy compliance obligations.

5. Security

We use TLS 1.2+ for all data in transit and AES-256 for documents at rest. Access to production systems is restricted, logged, and protected by multi-factor authentication. No system is perfectly secure, but we treat security as a continuous engineering practice rather than a one-time checklist.

6. Your rights

Depending on where you live, you may have the right to access, correct, delete, or port your personal information, and to object to or restrict certain processing. To exercise any of these rights, email [email protected]. We will verify your identity before responding.

7. Children

The Services are not directed to children under 16, and we do not knowingly collect personal information from them.

8. Changes

We will post updates to this Policy on this page and, for material changes, notify active account holders by email at least 14 days before the change takes effect.

Privacy questions

Reach the team at [email protected]

Send email