Data Policy

Introduction

At Infobits, we believe in transparency about how we handle your data. This Data Policy explains our practices regarding the collection, processing, and storage of data when you use our privacy-first error tracking and analytics services.

Our commitment to data minimization and responsible data handling is at the core of our business. We designed Infobits to provide valuable insights while collecting only the data that is necessary and with the strongest privacy protections in place.

Data Collection

We collect different types of data depending on whether you are our client (using our services to track your applications) or an end user (using applications that implement our tracking services).

Client Data

As our client, we collect the following information to provide our services to you:

• Account information (name, email address, company name)
• Billing information (processed securely through our payment processors)
• Project configuration data (domains, project settings, custom event definitions)
• Usage data related to your account (API calls, number of projects, etc.)
• Support and communication history

End User Data

For end users of applications that implement our tracking, we collect the following types of non-personal information:

• Error data (stack traces, error messages, application state at time of error)
• Performance metrics (page load times, API response times)
• Usage patterns (feature usage, navigation flows)
• Device information (browser type, operating system, screen size)
• Anonymized location data (country-level only, never precise location)

Data Processing Activities

We process the collected data for the following purposes:

• Providing error tracking and analytics services to our clients
• Generating aggregated insights and reports
• Maintaining and improving our services
• Processing payments and managing subscriptions
• Providing customer support and communication

Data Retention

We retain different types of data for varying periods depending on its purpose and legal requirements. Our general approach is to keep data only as long as necessary for the purposes for which it was collected.

Retention Periods

• Account information: For as long as your account is active, plus a grace period of 30 days after deletion
• Billing information: As required by tax and financial regulations (typically 7 years)
• Error tracking data: According to your subscription plan (from 30 days to indefinite, based on your selection)
• Analytics data: According to your subscription plan (from 90 days to indefinite, based on your selection)

When data reaches the end of its retention period, it is automatically deleted or anonymized in a way that makes it impossible to identify individual users or restore the original data.

Data Security

We implement comprehensive technical and organizational measures to ensure the security of your data. These include:

• End-to-end encryption for all data in transit and at rest
• Role-based access controls for our staff with principle of least privilege
• Regular security audits and penetration testing by independent experts
• Continuous monitoring for suspicious activities and automated alerts
• Secure data centers with physical security measures and redundant systems

We continuously evaluate and update our security practices to adapt to emerging threats and technologies. In the event of a security incident affecting your data, we will notify you promptly in accordance with applicable laws.

Data Sharing and Subprocessors

We do not sell or rent your data to third parties. We value the trust you place in us and handle your data with the utmost care.

Use of Subprocessors

We engage the following categories of subprocessors to help deliver our services:

• Cloud infrastructure providers to host our application and store data
• Payment processors to handle billing transactions
• Email service providers for sending notifications and communications
• Customer support platform providers to assist with support requests

We may also disclose data if required by law, regulation, legal process, or governmental request. In such cases, we will limit the disclosure to what is legally required and will notify affected customers where possible and legally permissible.

Data Subject Rights

We respect and support the data protection rights of individuals. Depending on your location, you may have the following rights regarding your personal data:

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ('right to be forgotten')
• Right to restriction of processing
• Right to data portability
• Right to object to processing

To exercise any of these rights, please contact our Data Protection Officer at [email protected]. We will respond to your request within 30 days or as required by applicable law.

International Data Transfers

Infobits is based in Denmark, and we store most of our data in the European Union. However, some of our subprocessors may process data in other countries. When transferring data outside the EU/EEA, we ensure appropriate safeguards are in place.

These safeguards include Standard Contractual Clauses approved by the European Commission, adequacy decisions for countries with equivalent data protection laws, and additional technical and organizational measures to ensure data is protected to the standards required by European data protection law.

Changes to this Data Policy

We may update this Data Policy from time to time to reflect changes in our practices, services, or legal requirements. We will notify you of any material changes by posting the new Data Policy on our website and updating the 'Last updated' date. For significant changes, we will provide more prominent notice, such as email notifications.

Contact Us

If you have any questions, concerns, or requests regarding this Data Policy or our data practices, please contact our Data Protection Officer at: