Privacy Policy

Last updated: February 18, 2026

What We Collect

When you use Hookpipe, we store:

• API keys — hashed with SHA-256. We cannot recover your raw key after creation.
• Hook configurations — the name, transform rules, and destination URL you set for each hook.
• Webhook payloads — the raw JSON body of every webhook received by your hooks.
• Request logs — timestamps, success/failure status, transform results, and forwarding outcomes. Retained for 7 days.

What We Don't Collect

• We don't require accounts, email addresses, or personal information.
• We don't use cookies or tracking scripts.
• We don't sell or share any data with third parties.

How Webhook Data Is Handled

Webhook payloads are stored on the server's filesystem. They are not encrypted at rest — they're stored as plain JSON files. If you send sensitive data through Hookpipe, be aware of this.

Payloads forwarded to your destination URL are sent over HTTPS when your destination uses HTTPS. We don't modify the transport security of the forwarding request.

Data Retention

• Webhook payloads — stored indefinitely (no automatic cleanup yet).
• Request logs — automatically rotated after 7 days.
• Hook configurations — stored until you delete them.

Beta Notice

Hookpipe is in beta. Data persistence is not guaranteed — server restarts or redeployments may clear stored data. Do not rely on Hookpipe as your only copy of webhook data.

Contact

Questions about privacy? Email us at contact@hobbeslabs.ai.