Policies

These policies govern your use of Irongist, including our website, dashboard, API, documentation, and related services. By accessing or using Irongist, you agree to these policies.

Effective date: 19 April 2026

Terms & Conditions Privacy Policy Cookies Policy

Terms & Conditions

Irongist provides a hosted backend platform that enables users to create structured tables, define schemas, store data, and interact with that data through authenticated APIs and related tools.

1. Eligibility and account responsibility

You must ensure that all registration information you provide is accurate and kept up to date. You are responsible for all activity occurring under your account, credentials, API keys, and any integrations you connect or operate through Irongist.

You must keep your login credentials and API keys secure at all times. You are responsible for maintaining appropriate technical and organizational safeguards on your own systems, applications, proxies, devices, and environments.

2. Customer responsibility for content and compliance

You are solely responsible for all data, prompts, records, files, schemas, API requests, outputs, and other content submitted to, stored in, retrieved from, or processed using Irongist. You are also solely responsible for determining whether your use of Irongist complies with applicable law, regulation, contractual restrictions, industry obligations, and internal governance requirements.

Without limitation, you are responsible for:

  • obtaining any required notices, consents, permissions, and lawful bases for personal data processing;
  • ensuring that you have the right to upload, store, use, and disclose all content you submit;
  • configuring your applications and workflows appropriately;
  • reviewing whether Irongist is suitable for any regulated, high-risk, or mission-critical use case before use; and
  • responding to requests, complaints, incidents, and legal obligations relating to your own data and end users.
Irongist acts as a technology provider. We do not actively monitor, verify, moderate, interpret, or validate the legality, quality, accuracy, or fitness of customer-submitted content or customer processing activities.

3. Acceptable use

You may not use Irongist:

  • for unlawful, fraudulent, deceptive, abusive, infringing, or harmful activity;
  • to store or process data in breach of privacy, confidentiality, intellectual property, sanctions, export control, or consumer protection laws;
  • to interfere with, probe, scan, attack, reverse engineer, overload, or otherwise compromise the integrity, availability, or security of the service;
  • to attempt unauthorized access to data, credentials, accounts, systems, networks, logs, or infrastructure;
  • to use the service in a way that creates disproportionate technical risk, platform abuse, or material legal exposure for Irongist or other users; or
  • for safety-critical, emergency, medical, industrial control, or other high-risk environments where a hosted database or API service is not appropriate as the sole or primary system of record or operational dependency.

4. Security and service operation

We aim to operate Irongist securely and reliably, but no hosted service can be guaranteed to be uninterrupted, error-free, or invulnerable. The service is provided on an “as is” and “as available” basis to the fullest extent permitted by law.

You acknowledge that:

  • internet and cloud services inherently involve downtime, latency, dependency risk, and security risk;
  • encryption, access control, and security measures reduce risk but do not eliminate it entirely;
  • you remain responsible for your own backups, validation, proxying, app-layer protections, and operational safeguards where appropriate; and
  • you should not rely on Irongist as your sole source of resilience for critical or irreplaceable workloads.

5. Suspension, restriction, and protective action

We may suspend, restrict, rate-limit, disable, quarantine, investigate, or terminate access to all or part of the service at any time if we reasonably believe it is necessary to:

  • protect the security, integrity, availability, or reputation of the platform;
  • prevent unlawful conduct, abuse, or technical harm;
  • comply with law, regulation, court order, law enforcement request, or platform policy; or
  • address conduct that exposes Irongist, its suppliers, or other users to material risk.

6. Fees, billing, and changes

Paid usage, fees, limits, free tiers, features, and pricing structures may be updated from time to time. Except where immediate changes are required for security, legal, or operational reasons, we will use reasonable efforts to provide notice of material pricing or service changes before they take effect.

7. Intellectual property

Irongist and its website, branding, software, documentation, design, and service components remain the property of Irongist or its licensors. These policies do not transfer any ownership rights to you, except for the limited right to use the service in accordance with these terms.

You retain responsibility for the content you submit and represent that you have all rights needed for its use with the service.

8. Data protection roles

Depending on the context, Irongist may act as a controller for account, billing, support, security, site analytics, and business administration data, and may act as a processor or service provider for customer content processed on behalf of customers through the platform. Customers remain responsible for determining their own data protection obligations for customer-submitted data and end-user data. This role split reflects standard UK GDPR concepts around controllers and processors.

9. Indemnity

To the fullest extent permitted by law, you will defend, indemnify, and hold harmless Irongist, its affiliates, officers, personnel, contractors, and suppliers from and against claims, actions, complaints, investigations, proceedings, damages, losses, liabilities, judgments, settlements, costs, and expenses, including reasonable legal fees, arising out of or relating to:

  • your content, data, applications, or integrations;
  • your breach of these policies;
  • your violation of law or third-party rights;
  • your use of the service in a prohibited or high-risk manner; or
  • any dispute between you and your own users, clients, customers, or counterparties.

10. Notice and opportunity to cure

If you believe Irongist has breached these terms, you agree to provide written notice with reasonable detail to the contact address published in this policy before starting formal legal action, except where urgent injunctive relief is genuinely necessary. Following receipt of a valid notice, Irongist will have a reasonable opportunity to investigate and, where applicable, cure the alleged issue.

Contractually, the parties agree that a reasonable cure period for ordinary non-payment, service configuration, support, documentation, or operational issues is 30 days from receipt of sufficiently detailed written notice, and longer where the issue cannot reasonably be remedied within that period despite prompt and continuous efforts.

Nothing in this section is intended to prevent any person from exercising non-waivable statutory rights, reporting matters to a regulator, or seeking urgent interim relief where legally necessary.

11. Disclaimers

To the fullest extent permitted by law, Irongist disclaims all implied warranties, representations, and conditions, including any implied warranties of merchantability, satisfactory quality, fitness for a particular purpose, non-infringement, uninterrupted availability, or error-free operation. You are responsible for determining whether the service is suitable for your intended use.

12. Limitation of liability

To the fullest extent permitted by law, Irongist will not be liable for any indirect, incidental, special, exemplary, punitive, or consequential loss, or for any loss of profits, revenue, contracts, goodwill, business opportunity, data, anticipated savings, or use, even if advised of the possibility of such loss.

To the fullest extent permitted by law, Irongist’s aggregate liability arising out of or relating to the service or these policies will not exceed the greater of:

  • the total fees paid by you to Irongist in the 12 months immediately preceding the event giving rise to the claim; or
  • £100.
Nothing in these policies excludes or limits liability to the extent such exclusion or limitation is unlawful. In particular, nothing here excludes liability for death or personal injury caused by negligence, fraud, or any other liability that cannot lawfully be excluded or limited.

13. No third-party monitoring obligation

Irongist is under no obligation to monitor customer activity, inspect customer content, or detect unlawful or non-compliant use, although we may do so where reasonably necessary for security, abuse prevention, legal compliance, support, or platform integrity.

14. Service evolution and policy updates

We may modify these policies from time to time. Updated versions will be posted on this page with a revised effective date. Continued use of the service after an update takes effect constitutes acceptance of the revised policies, except where applicable law requires additional consent or notice.

15. Governing law and jurisdiction

These policies are governed by the laws of England and Wales, unless mandatory law requires otherwise. Subject to any mandatory legal rights or restrictions, the courts of England and Wales will have exclusive jurisdiction over disputes arising out of or in connection with these policies.

Privacy Policy

This Privacy Policy explains how Irongist handles personal data relating to website visitors, account holders, support contacts, and customer users of the service. UK GDPR transparency guidance expects privacy notices to explain, among other things, purposes, retention, rights, transfers where relevant, and the right to complain to the supervisory authority.

1. Who we are

For personal data covered by this Privacy Policy, Irongist is the data controller except where we process customer content strictly on behalf of a customer using the platform, in which case the customer is generally the controller and Irongist generally acts as a processor or service provider for that customer-submitted content.

2. Categories of personal data we may collect

Depending on how you interact with the service, we may collect and process:

  • account data, such as email address, login identifiers, and account status information;
  • authentication and security data, such as password hashes, login events, anti-abuse signals, and related security telemetry;
  • support and communications data, such as emails you send us and records of service-related communications;
  • technical and usage data, such as browser type, device information, IP-related telemetry, page visits, referrer information, and interaction data;
  • billing and transactional data where applicable;
  • customer-submitted content and associated metadata processed through the platform; and
  • cookie preference records and related consent data.

3. How we use personal data

We use personal data only where we have a valid legal basis and only to the extent reasonably necessary to:

  • provide, operate, secure, maintain, and improve Irongist;
  • create and administer accounts;
  • authenticate users and protect against fraud, misuse, abuse, and security threats;
  • provide support, respond to requests, and communicate about the service;
  • measure use of our website and documentation where analytics consent has been given;
  • comply with legal obligations and respond to lawful requests; and
  • establish, exercise, or defend legal claims.

4. Legal bases

Depending on context, our legal bases may include:

  • performance of a contract or steps requested before entering into a contract;
  • legitimate interests, including service security, abuse prevention, support, business administration, and platform improvement;
  • consent, where required, including for non-essential analytics cookies; and
  • compliance with legal obligations.

5. Customer data and controller/processor position

If you use Irongist to store or process personal data relating to your own users, clients, employees, or contacts, you are responsible for determining your lawful basis, providing your own privacy notices, handling rights requests where applicable, and deciding whether Irongist is suitable for your use case. In that context, Irongist generally acts only on your instructions in providing the hosted service, subject to security, legal, and operational necessities.

You must not use Irongist to process personal data unlawfully or without appropriate notices, permissions, safeguards, or contractual arrangements where required.

6. Encryption and security

Irongist is designed to store customer-submitted values in encrypted form at rest and to protect access through authenticated service controls. However, no technical system can guarantee absolute security, and you remain responsible for your own application security, credential handling, proxying, endpoint design, and operational safeguards.

7. Sharing personal data

We do not sell personal data. We may share personal data only where reasonably necessary with service providers, infrastructure providers, professional advisers, payment providers, analytics providers where consent applies, corporate affiliates, or public authorities and counterparties where disclosure is required by law, necessary to protect rights and safety, or reasonably required for legal claims, abuse prevention, fraud prevention, or platform security.

8. International transfers

Where personal data is transferred internationally, we will take steps intended to ensure that an appropriate transfer mechanism or lawful safeguard is used where required by applicable law.

9. Data retention

We retain personal data only for as long as reasonably necessary for the purposes described in this policy, including to provide the service, maintain security, comply with legal obligations, resolve disputes, enforce agreements, and preserve appropriate business and technical records.

Retention periods vary depending on the type of data, context, sensitivity, legal obligations, technical necessity, and whether the information is needed for security, backup, auditing, fraud prevention, or legal claims.

When accounts are deleted, active account data and associated content are targeted for deletion or irreversible de-identification within a reasonable operational timeframe, subject to legal retention duties, fraud prevention needs, disaster recovery systems, backup cycles, and the preservation of limited records needed to protect Irongist’s legitimate interests and comply with law.

10. Your rights

Depending on applicable law and the context of processing, you may have rights including access, rectification, erasure, restriction, objection, data portability, and the right to withdraw consent where processing is based on consent.

Where Irongist processes customer content on behalf of a customer, requests relating to that customer content may need to be directed to the relevant customer as controller.

11. Complaints and how to contact us first

If you have a privacy concern, complaint, or request, please contact Irongist first so we can investigate and try to resolve the matter promptly. The ICO now has guidance on internal complaint handling requirements linked to the Data (Use and Access) Act, with new requirements noted as coming into force on 19 June 2026.

We ask that you provide enough detail for us to investigate properly, including the account or email involved, the issue you have identified, the dates or timeframe, and what outcome you are seeking.

Contact: support@irongist.com

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you are unhappy with how your personal data has been handled.

12. Analytics

We use Google Analytics on public pages such as our website landing pages and documentation only where the user has consented to analytics cookies. We do not intend analytics to run on restricted routes such as account and logs pages where we have chosen to suppress it for privacy and risk reduction.

13. Children

Irongist is not directed to children, and the service is not intended to be used by anyone who is not legally able to enter into these terms or authorized to act on behalf of a business or project using the service.

14. Updates to this Privacy Policy

We may update this Privacy Policy from time to time. The latest version will always appear on this page with the current effective date.

Cookies Policy

Cookies and similar technologies are regulated in the UK under PECR. Non-essential analytics cookies generally require prior consent, and consent must involve a clear affirmative action rather than mere continued browsing. Users should also be able to refuse non-essential cookies easily.

1. How Irongist uses cookies

Irongist uses cookies and similar technologies for two broad purposes:

  • Essential cookies required to operate, secure, and administer the website and service; and
  • Analytics cookies used only with consent to understand how public pages are used and how they can be improved.

2. Essential cookies

Essential cookies may be used for functions such as:

  • security and abuse prevention;
  • session integrity and authentication-related support;
  • load balancing and technical delivery;
  • remembering your cookie preference choices; and
  • maintaining core site functionality.

These cookies are necessary for the service to function and do not require consent to the extent permitted by law.

3. Analytics cookies

With your permission, Irongist may use analytics cookies, including Google Analytics, on public-facing pages such as the landing page and documentation pages in order to measure traffic, page usage, navigation patterns, and general site performance.

Analytics cookies are not set unless you actively consent through our cookie controls. Irongist provides options to accept analytics, reject analytics, or manage cookie preferences, and users can revisit those choices later through the Manage cookies control.

Irongist’s analytics setup is intended so that Google Analytics does not load by default and does not load on the app_account and app_logs routes.

4. Cookie preference record

When you make a cookie choice, we may store a cookie preference record so that your decision can be remembered and applied on later visits.

5. How to control cookies

You can control non-essential cookies through Irongist’s cookie banner and preference controls. You may also adjust browser settings to block or delete cookies, although doing so may affect site functionality.

6. Changes to this Cookies Policy

We may update this Cookies Policy from time to time to reflect legal, technical, or operational changes. The latest version will always be available on this page.

Contact

For policy, privacy, or complaint-related questions, contact: support@irongist.com

This page is intended to provide a practical summary of Irongist’s service terms and privacy approach. Where additional contractual terms, data processing terms, security terms, or order-specific terms apply, those may supplement this page.