Privacy Policy

Bloxvault collects and stores the information needed to provide paste hosting, account management, folders, API access, abuse prevention, moderation, and basic security.

Information We Store

We may store your username, email address, display name, bio, hashed password, email verification status, paste content, paste metadata, project folder names, bookmarks, reports, moderation notes, API key hashes, API request history, execution log metadata for Lua loadstrings, view counts, and hashed IP-derived signals used for ownership recovery, rate limits, and abuse prevention.

How We Use Information

We use stored information to operate the service, authenticate users, verify email addresses, show profiles and pastes, attach anonymous pastes to later accounts, provide API key activity history, detect abuse, enforce rate limits, and investigate reports.

Service Providers

Bloxvault may use hosting, database, email, security challenge, and analytics or logging providers. Email addresses may be shared with MailerSend for account email. Cloudflare Turnstile may process browser and challenge data to reduce automated abuse.

Security

Passwords and API keys are stored as hashes rather than plaintext. No web service can guarantee perfect security, so you should avoid pasting secrets, tokens, private keys, credentials, or personal information unless you are prepared for the risk of disclosure.

Retention

Pastes may be deleted by users, expire automatically, burn after read, or be removed by moderation. Some metadata, rate-limit counters, reports, and audit records may remain for abuse prevention, diagnostics, and service integrity.

Your Choices

You can delete your own pastes, remove API keys, edit profile details, and delete your account where available. For account or privacy requests, contact the site administrator from the email address associated with your account.