At Bstrapr ("we," "our," or "us"), we are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cloud workspace management platform and related services (the "Service").
By using our Service, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use our Service.
2. Information We Collect
2.1 Personal Information
We collect personal information that you voluntarily provide to us when you:
Create an account (name, email address, username)
Set up billing information (payment details, billing address)
Contact our support team (communication records)
Participate in surveys or feedback (responses and comments)
Configure cloud provider integrations (API credentials, encrypted and stored securely)
2.2 Usage Information
We automatically collect certain information about your use of the Service:
Log data (IP addresses, browser type, access times)
When you create and use workspaces, we may have access to:
Workspace configurations and settings
Network and VPN configuration data
Resource usage and performance metrics
Access logs and security events
Note: We do not access or store the content of your development work, source code, or files within your workspaces unless explicitly required for technical support with your consent.
3. How We Use Your Information
We use the collected information for the following purposes:
Service Provision: To provide, maintain, and improve our Service
Account Management: To create and manage your account and subscriptions
Communication: To send important updates, security alerts, and support responses
Billing: To process payments and manage billing inquiries
Security: To detect, prevent, and respond to security threats
Analytics: To understand usage patterns and improve our Service
Compliance: To comply with legal obligations and resolve disputes
Marketing: To send promotional communications (with your consent)
4. Information Sharing and Disclosure
We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:
4.1 Service Providers
We may share information with trusted third-party service providers who assist us in operating our Service:
Payment processors for billing and subscription management
Analytics and monitoring services
Customer support and communication tools
4.2 Legal Requirements
We may disclose your information if required by law or in response to:
Valid legal processes (subpoenas, court orders)
Government investigations or regulatory requests
Protection of our rights, property, or safety
Prevention of fraud or illegal activities
4.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity, subject to the same privacy protections.
5. Data Security
We implement industry-standard security measures to protect your information:
Encryption: Data is encrypted in transit (TLS) and at rest (AES-256)
Access Controls: Strict access controls and authentication requirements
Monitoring: Continuous security monitoring and threat detection
Auditing: Regular security audits and vulnerability assessments
Incident Response: Established procedures for security incident response
Employee Training: Regular security training for all personnel
While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to protecting your data using industry best practices.
6. Data Retention
We retain your information for as long as necessary to provide our Service and fulfill the purposes outlined in this policy:
Account Data: Retained while your account is active and for 90 days after deletion
Billing Information: Retained for 7 years for tax and accounting purposes
Usage Logs: Retained for 2 years for security and analytics purposes
Support Communications: Retained for 3 years for quality assurance
Workspace Metadata: Retained for 1 year after workspace deletion
You may request deletion of your data at any time, subject to legal and operational requirements.
7. Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal information:
Access: Request a copy of the personal information we hold about you
Correction: Request correction of inaccurate or incomplete information
Deletion: Request deletion of your personal information
Portability: Request transfer of your data to another service
Restriction: Request limitation of processing of your information
Objection: Object to processing of your information for certain purposes
Withdrawal: Withdraw consent for processing where consent was given
To exercise these rights, please contact us using the information provided in Section 11. We will respond to your request within 30 days.
8. International Data Transfers
Your information may be transferred to and processed in countries other than your own. We ensure that such transfers are conducted in accordance with applicable data protection laws and implement appropriate safeguards, including:
Standard contractual clauses approved by relevant authorities
Adequacy decisions by data protection authorities
Certification schemes and codes of conduct
Binding corporate rules where applicable
9. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to enhance your experience:
Essential Cookies: Required for basic functionality and security
Analytics Cookies: Help us understand how you use our Service
Preference Cookies: Remember your settings and preferences
Marketing Cookies: Used for targeted advertising (with consent)
You can control cookie preferences through your browser settings. Note that disabling certain cookies may affect Service functionality.
10. Children's Privacy
Our Service is not intended for children under the age of 18. We do not knowingly collect personal information from children under 18. If you become aware that a child has provided us with personal information, please contact us, and we will take steps to remove such information.
11. Contact Information
If you have any questions about this Privacy Policy or our data practices, please contact us:
Privacy Officer: privacy@bstrapr.com
General Contact: support@bstrapr.com
Address: [Company Address]
Phone: [Phone Number]
For EU residents: You also have the right to lodge a complaint with your local data protection authority.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:
Update the "Last updated" date at the top of this policy
Notify you via email or through our Service
Provide a summary of key changes
Give you the opportunity to review the updated policy
Your continued use of our Service after the effective date of the updated Privacy Policy constitutes acceptance of the changes.
13. Regulatory Compliance
We are committed to complying with applicable data protection regulations, including:
GDPR: European General Data Protection Regulation
CCPA: California Consumer Privacy Act
PIPEDA: Personal Information Protection and Electronic Documents Act (Canada)
SOC 2: System and Organization Controls compliance
ISO 27001: Information security management standards
We regularly review and update our practices to ensure ongoing compliance with evolving privacy regulations.
By using Bstrapr, you acknowledge that you have read and understood this Privacy Policy.