Back to Home

Privacy Policy

Last updated: December 8, 2025

This Privacy Policy describes how The CyberFoundry Project ("CyberFoundry", "we", "us", or "our") collects, uses, and protects information in connection with our software, tools, websites, and related services (collectively, the "Services"). By using the Services, you agree to the practices described in this Privacy Policy.

1. Who We Are

The CyberFoundry Project (CyberFoundry) is a software project focused on building tools that may incorporate open source and proprietary components. If you have any questions about this Privacy Policy, you can contact us at:

Email: team@cyberfoundry.tech

2. Information We Collect

Depending on how you use the Services, we may collect the following types of information:

Technical and usage data:
  • IP address, browser type, operating system, device information
  • Log data such as timestamps, pages or features accessed, and error reports
Contact information (if you provide it):
  • Email address
  • Name or handle (if submitted through forms, issues, or support channels)
Configuration or diagnostic data (optional):
  • Application logs or configuration snippets you choose to send for support or debugging
  • Telemetry or analytics data, if enabled, regarding feature usage and performance

We do not intentionally collect sensitive categories of personal data (such as financial information, health data, or government ID numbers) through the core Services. If such information is accidentally shared with us, we will handle it with appropriate safeguards and delete it where feasible.

3. How We Use Information

We use the information we collect for the following purposes:

  • To operate, maintain, and improve the Services, including debugging, performance monitoring, and feature development
  • To respond to inquiries, support requests, and feedback
  • To analyze aggregated usage patterns to guide roadmap and capacity planning
  • To protect the security and integrity of the Services, detect abuse, and prevent fraud
  • To comply with legal obligations and enforce our terms and policies

When possible, we use aggregated or de-identified data that does not identify individual users.

4. Legal Bases for Processing (EEA/UK Users)

If you are in the European Economic Area (EEA) or the United Kingdom, we process your personal data under one or more of the following legal bases:

  • Performance of a contract: To provide you with the Services you request.
  • Legitimate interests: To improve and secure the Services, provided these interests are not overridden by your rights.
  • Consent: Where required by law (e.g., for certain cookies or analytics), we will rely on your consent, which you can withdraw at any time.
  • Legal obligation: To comply with applicable laws and regulations.

5. How We Share Information

We do not sell your personal information. We may share information in the following limited circumstances:

  • Service providers: With trusted third-party vendors (e.g., hosting, error monitoring, analytics providers) who process data on our behalf under contractual confidentiality and security obligations.
  • Project collaboration: In open source contexts (e.g., issue trackers, code contributions), information you choose to publish (such as your name or handle) may be visible to other contributors and the public.
  • Legal and safety: Where required by law, or when necessary to protect our rights, users, or the public, such as in response to lawful requests by public authorities.
  • Business changes: In connection with a merger, acquisition, or other organizational change involving the project, subject to continued protection consistent with this Privacy Policy.

6. International Data Transfers

The Services may be operated from and data may be processed in one or more countries, which may have different data protection laws than your country of residence. Where required, we implement appropriate safeguards (such as standard contractual clauses) to protect personal data transferred across borders.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy, including legal, accounting, or reporting requirements. Retention periods may vary based on:

  • The type of data collected
  • Whether the data is associated with active accounts or ongoing support issues
  • Legal or regulatory obligations requiring longer retention

When data is no longer needed, we will take reasonable steps to delete, anonymize, or securely archive it.

8. Your Rights and Choices

Depending on your jurisdiction, you may have certain rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your data, subject to legal exceptions.
  • Restriction: Request restriction of processing in certain circumstances.
  • Objection: Object to processing based on legitimate interests.
  • Portability: Request transfer of your data to another service where technically feasible.

If you wish to exercise any of these rights, contact us at team@cyberfoundry.tech. We may need to verify your identity before fulfilling your request.

For residents of California and certain other U.S. states, you may have additional rights under CCPA/CPRA or similar laws, including rights to know, delete, and opt out of certain data "sale" or "sharing" activities. At this time, we do not sell personal information as defined by these laws.

9. Cookies and Similar Technologies

If the Services use cookies or similar technologies, they may be used to:

  • Maintain session state and authentication
  • Remember preferences and settings
  • Measure usage and performance (analytics)

Where required by law, you will be presented with choices to accept, reject, or customize cookie settings. You can also manage cookies through your browser settings, though disabling certain cookies may affect the functionality of the Services.

10. Security

We use reasonable technical and organizational measures designed to protect personal data against unauthorized access, loss, misuse, or alteration. These measures may include access controls, encryption in transit, logging, and regular security reviews.

No method of transmission or storage is completely secure, and we cannot guarantee absolute security, but we strive to maintain a security posture appropriate to the nature of the data processed.

11. Third-Party Links and Services

The Services may link to or integrate with third-party websites, tools, or services (including open source dependencies and external platforms). This Privacy Policy does not apply to those third parties, and their privacy practices are governed by their own policies. You should review the privacy policies of any third-party services you interact with.

12. Children's Privacy

The Services are not directed to children under the age of 13 (or the equivalent minimum age in relevant jurisdictions), and we do not knowingly collect personal data from children. If you believe that a child has provided us with personal data, please contact us at team@cyberfoundry.tech, and we will take appropriate steps to delete such information where required by law.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in the Services, legal requirements, or operational practices. When we make material changes, we will update the "Last updated" date and, where appropriate, provide additional notice (such as via the Services or email).

Your continued use of the Services after any changes to this Privacy Policy constitutes your acceptance of the updated terms.