Privacy Policy

This policy explains what information Noob Media LLC (d/b/a CodeHawke) ("CodeHawke") collects when you use HawkeRun, how we use it, and the choices you have.

Last updated: May 31, 2026

01Our privacy-first design

HawkeRun runs locally. The supervisor, its task queue, project files, worker outputs, logs, and audit timeline live in an embedded database on your own hardware — not on our servers. The local control panel binds to 127.0.0.1 and is not exposed to us. We only receive the limited account, licensing, billing, and optional relay data described below.

02Information we collect

Account information

When you create an account we collect your name, email address, and an authentication credential (a securely hashed password, or an identifier from a third-party sign-in provider if you use one). We also store session data such as a session token, and may log the IP address and browser user-agent associated with a session for security.

Licensing and device information

We issue a license key to your account and record your plan and license status. When your supervisor validates its license, we receive and store a hashed machine identifier, the application version, and first/last-seen timestamps for each device. We use a hash so we can enforce plan limits and detect abuse without identifying your specific hardware.

Billing information

Payments are processed by Stripe, Inc.. We do not store full payment card numbers. We receive limited billing details such as your subscription status, plan, billing country, the last four digits and brand of your card, and transaction history.

Managed relay data (optional, eligible plans)

If you enable the managed reply relay (for example, phone approvals via email), we transmit the contents of the approval request and your response (APPROVE / REJECT / REDIRECT) through our relay so the decision can reach your supervisor. We process this only to deliver the feature and retain it only as long as needed for delivery and troubleshooting.

Usage and diagnostic data

When you use the website or dashboard, we collect standard log and device data (IP address, browser type, pages viewed, timestamps) and may collect aggregated, non-identifying product analytics. The supervisor may send minimal diagnostic events (such as version and license checks); it does not transmit your project contents to us.

Support and communications

If you contact us, we keep your messages and contact details to respond and improve support.

03What we do NOT collect

  • The contents of your projects, repositories, task definitions, prompts, or worker outputs (these stay on your machine).
  • Your model-provider API keys or credentials (these are stored and used locally by your supervisor).
  • Full payment card numbers (handled directly by our payment processor).
  • Keystrokes, screen contents, or the raw machine identifier of your device.

04How we use information

  • To provide, maintain, and secure the Service, including authentication and license enforcement.
  • To process payments, manage subscriptions, and send billing-related messages.
  • To deliver optional features you enable, such as the managed approval relay and email digests.
  • To respond to support requests and communicate service-related notices.
  • To detect, prevent, and investigate fraud, abuse, and security incidents.
  • To understand and improve the Service through aggregated analytics.
  • To comply with legal obligations and enforce our agreements.

05Legal bases for processing (EEA/UK)

If you are in the European Economic Area or the United Kingdom, we process your personal data on these bases: performance of a contract (to provide the Service you signed up for); legitimate interests (to secure, support, and improve the Service); consent (for optional communications, where required); and legal obligation (for tax, accounting, and compliance).

06How we share information

We do not sell your personal information. We share it only as follows:

  • Service providers (subprocessors). We share data with vendors who process it on our behalf to host the Service, process payments, and send email. See our list of subprocessors.
  • Legal and safety. We may disclose information if required by law, regulation, legal process, or to protect the rights, property, or safety of CodeHawke, our users, or others.
  • Business transfers. If we are involved in a merger, acquisition, or sale of assets, information may be transferred as part of that transaction, subject to this policy.
  • With your direction. When you connect third-party tools or providers, data flows to them as you configure; that use is governed by their privacy policies.

07International transfers

We are based in, and our infrastructure is operated from, the United States, and our service providers may process data in the United States and other countries. Where required, we rely on appropriate safeguards (such as the European Commission's Standard Contractual Clauses) for cross-border transfers of personal data.

08Data retention

We retain account, licensing, and billing data for as long as your account is active and as needed to provide the Service. After you close your account, we delete or anonymize personal data within a reasonable period, except where we must retain it to comply with legal, tax, accounting, or security obligations, resolve disputes, or enforce our agreements. Relay message content is retained only briefly for delivery and troubleshooting.

09Security

We use technical and organizational measures appropriate to the risk, including encryption in transit, hashed passwords and machine identifiers, access controls, and reputable infrastructure providers. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. Because the supervisor and its data run on your hardware, securing that environment is your responsibility.

10Your rights and choices

Depending on where you live, you may have rights to access, correct, delete, port, or restrict the processing of your personal data, to object to certain processing, and to withdraw consent. You can update most account details directly in your dashboard, and you can cancel and close your account at any time. To exercise other rights, contact us at support@codehawke.com. We will respond as required by applicable law and will not discriminate against you for exercising your rights.

U.S. state privacy rights

Residents of Virginia (under the Virginia Consumer Data Protection Act), California, and other U.S. states with privacy laws may have rights to confirm, access, correct, delete, and obtain a copy of their personal data, and to opt out of "sale," "sharing," or targeted advertising. We do not sell personal data or use it for targeted advertising. To make a request, contact us at the address above; you also have the right to appeal a declined request, which you may do by replying to our response.

11Cookies and similar technologies

We use strictly necessary cookies to keep you signed in and to operate the dashboard, and we may use limited analytics to understand usage. You can control cookies through your browser settings; disabling essential cookies may prevent you from signing in. The local control panel does not require our cookies.

12Children's privacy

The Service is not directed to children under 16, and we do not knowingly collect personal information from them. If you believe a child has provided us personal information, contact us and we will delete it.

13Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version with a new "Last updated" date and, for material changes, provide additional notice. Your continued use of the Service after the changes take effect constitutes acceptance.

14Contact us

For privacy questions or to exercise your rights, contact our privacy team at support@codehawke.com or write to Noob Media LLC (d/b/a CodeHawke), PO Box 872, Great Falls, VA 22066, USA. The data controller is Noob Media LLC (d/b/a CodeHawke).