1. Scope and roles
This policy covers personal information — information that identifies, relates to, or could reasonably be linked to an individual — that we handle as a business in our own right. That includes information about visitors to our website and the individual users who administer a ByteShift account.
It does not govern the telemetry your organization sends us — logs, traces, metrics, and billing records ingested through your OTLP endpoints and integrations. We process that customer data as a processor on your organization's behalf under the Data Processing Addendum and the agreement between us, not under this policy. If you are an end user whose activity appears in that telemetry, please contact the ByteShift customer that operates the account.
2. Information we collect
Information you provide
- Account and profile — name, work email, password (stored only as a hash), organization name, and role when you register or are invited to an organization.
- Billing — plan, billing contact, and transaction records. Card details are handled by our payment processor; we do not store full card numbers.
- Support and communications — the content of messages you send us, and records of correspondence with our team.
Information we collect automatically
- Usage and device data — pages viewed, features used, IP address, browser and device type, and timestamps, collected through our own logging and limited analytics.
- Cookies and similar technologies — see Cookies and similar technologies below.
Information from third parties
When you connect an integration (for example a cloud provider or a Slack workspace) or sign in through an identity provider, we receive the account identifiers and tokens needed to operate that connection. We may also receive limited business-contact information from partners and enrichment providers.
3. Cookies and similar technologies
Cookies are small text files a site stores on your device. We also use related technologies such as local storage and pixels; together we call these “cookies” here. Cookies can be first-party (set by us) or third-party (set by a provider we use), and either session (deleted when you close the browser) or persistent (kept until they expire or you remove them). We use the following categories:
| Category | Purpose | Can you disable it? |
|---|---|---|
| Strictly necessary | Sign-in sessions, security, load balancing, and remembering your consent choices. The Service does not work without these. | No — required to operate |
| Preferences | Remember settings such as theme and layout so you do not re-set them each visit. | Yes |
| Analytics | Help us understand how the website and console are used so we can improve reliability and usability. Aggregated where possible. | Yes |
No advertising cookies. ByteShift does not use cookies to build advertising profiles or to sell or share personal information for cross-context behavioral advertising.
Where required, we ask for your consent to non-essential cookies before setting them, and you can change your choice at any time through our cookie controls. You can also block or delete cookies in your browser settings, though strictly necessary cookies cannot be turned off without breaking core functionality. Most browsers also honor a “Global Privacy Control” signal, which we treat as an opt-out of non-essential cookies where applicable. Some cookies are set by the subprocessors that provide analytics and infrastructure on our behalf — see the list in our Data Processing Addendum.
4. How we use information
- Provide, secure, and operate the Service and your account.
- Authenticate users, enforce org-scoped access, and prevent fraud and abuse.
- Process payments and manage billing.
- Respond to support requests and send service and security notices.
- Understand and improve product usage, reliability, and performance.
- Send product and marketing communications, subject to your choices below.
- Comply with law and enforce our terms.
We rely on the legal bases of performance of a contract, our legitimate interests in running and improving the Service, your consent (where required, such as for certain cookies and marketing), and compliance with legal obligations.
5. How we share information
We do not sell your personal information. We share it only as follows:
- Service providers and subprocessors who host, secure, and support the Service under contract. Our current subprocessors are listed in our Data Processing Addendum.
- Within your organization — account administrators can see the users and activity in their organization.
- Legal and safety — when required by law, to enforce our agreements, or to protect the rights, safety, and security of users and the public.
- Business transfers — in connection with a merger, acquisition, financing, or sale of assets, subject to this policy.
6. International transfers
ByteShift is operated from the United States, and our infrastructure runs on DigitalOcean. If you access the Service from outside the United States, your information will be transferred to and processed in the United States and other countries. Where required, we use recognized transfer mechanisms such as the European Commission's Standard Contractual Clauses. Details of subprocessor locations are in our Data Processing Addendum.
7. Data retention
We keep personal information for as long as your account is active and as needed to provide the Service, then for the period required to meet legal, accounting, and security obligations. Operational telemetry we host as a processor is retained per your plan and configuration, and deleted on the schedule described in the agreement with your organization.
8. Security
We use technical and organizational measures to protect personal information, including encryption in transit, encryption of sensitive credentials at rest, org-scoped access controls, and least-privilege administration. No system is perfectly secure; you can read more about our program on the Security page.
9. Your choices
- Marketing — you can opt out of marketing email using the unsubscribe link in any such message. We will still send necessary service and security notices.
- Cookies — you can control non-essential cookies as described in Cookies and similar technologies.
- Account — you can review and update your profile in the console, or ask us to help.
10. Your privacy rights
Depending on where you live, you may have the right to access, correct, delete, or receive a portable copy of your personal information, to object to or restrict certain processing, and to withdraw consent. To exercise a right, email privacy@byteshift.com. We will verify your request and respond within the time required by law. You will not be discriminated against for exercising a right.
California residents
Under the CCPA/CPRA you may request the categories and specific pieces of personal information we have collected, request deletion or correction, and appoint an authorized agent. We do not sell or “share” personal information for cross-context behavioral advertising.
EU, UK, and Swiss residents
Where the GDPR or UK GDPR applies, you have the rights listed above and the right to lodge a complaint with your supervisory authority. Our EU/UK data-protection contact is dpo@byteshift.com.
11. Children
The Service is a business product and is not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will delete it.
12. Third-party sites
Our website and console may link to third-party sites and services we do not control. Their privacy practices are governed by their own policies, not this one.
13. Changes to this policy
We may update this policy from time to time. We will post the revised version with a new effective date and, for material changes, provide additional notice. Your continued use of the Service after an update means you accept the revised policy.
14. Contact us
Questions about this policy or your personal information? Email privacy@byteshift.com. LogicStack, Inc. is the controller of the personal information described here.