Privacy Policy

Summary of Key Points

We process personal information to provide and improve the Services, communicate with you, for security and fraud prevention, and to comply with law. We do not process sensitive personal information. We do not receive info from third parties. We use organizational and technical safeguards, but no system is 100% secure. Your rights may vary by region; you can exercise them by contacting us.

1. What Information Do We Collect?

Personal information you disclose to us.

We collect information you provide when you register, request info, participate in activities, or contact us. This may include: names, email addresses, passwords, phone numbers, billing addresses, and debit/credit card numbers (processed by Stripe).

Payment Data. Payments are processed by Stripe. See Stripe’s policy: https://stripe.com/privacy.

Accuracy. All personal info you provide must be true, complete, and accurate, and you must notify us of any changes.

Information automatically collected.

When you use the Services, we may collect device and usage data (e.g., IP address, browser, OS, language, referring URLs, device and app IDs, country, general location, timestamps, and other technical data) primarily for security, operations, analytics, and reporting. We also use cookies/ similar technologies.

• Device Data: IP/proxy, model, ISP/carrier, OS, config.
• Location Data: precise or imprecise geolocation (e.g., via IP). You can disable location permissions in your device/browser settings; some features may not work.

2. How Do We Process Your Information?

We process personal data to operate the Services, manage accounts, authenticate users, request feedback, communicate (including marketing per your preferences—you can opt out anytime), provide support, protect against fraud and abuse, and comply with legal obligations.

3. What Legal Bases Do We Rely On? (EU/UK)

Under GDPR/UK GDPR we rely on: Consent (you can withdraw anytime), Legitimate Interests (e.g., product improvement, limited marketing), Legal Obligations (e.g., cooperate with authorities), and Vital Interests (protecting safety).

4. When & With Whom Do We Share Personal Info?

We may share in specific cases such as business transfers(merger, acquisition, financing, or sale of assets).

5. What Is Our Stance on Third-Party Websites?

Our Services may link to third-party sites/apps. We are not responsible for their content, policies, or practices. Review their privacy policies before providing data.

6. Do We Use Cookies & Other Tracking Technologies?

Yes. We use cookies and similar technologies (e.g., pixels, web beacons). See our Cookie Notice for details and choices.

7. How Long Do We Keep Your Information?

We retain personal information only as long as necessary for the purposes described or as required by law (e.g., tax/accounting). When no longer needed, we delete or anonymize it. If deletion is not immediately possible (e.g., backups), we segregate the data until deletion is feasible.

8. How Do We Keep Your Information Safe?

We use administrative, technical, and physical safeguards appropriate to the risk. However, no online service can be guaranteed 100% secure, so transmission is at your own risk. Access the Services within secure environments and follow best practices (e.g., strong, unique passwords).

9. What Are Your Privacy Rights?

Depending on your region, you may have rights to access, correct, delete, restrict, object, or port your data. If you’re in the EEA/UK/Switzerland and believe we’re unlawfully processing your personal data, you may complain to your local authority. You can withdraw consent at any time (this won’t affect processing before withdrawal). You can also opt out of marketing using the unsubscribe links in emails.

Account information: You can review or change your account info in your settings or by contacting us. Upon request to close your account, we deactivate or delete it from active systems; some data may be retained to meet legal obligations or protect our rights.

Cookies: Most browsers accept cookies by default. You can remove or reject cookies in your browser settings; some features may not work as intended.

10. Controls for Do-Not-Track (DNT)

There is no uniform DNT standard; we do not currently respond to DNT signals. If standards emerge that we must follow, we will update this notice.

11. Do California Residents Have Specific Rights? (CCPA)

California residents have rights to know, delete, and (where applicable) opt out of selling/sharing of personal information, and to be free from discrimination for exercising rights. We do not sell or share personal information. You can exercise your rights by emailing hello@formulabyte.com.

12. Do Virginia Residents Have Specific Rights? (CDPA)

Virginia residents have rights to know, access, correct, delete, obtain a copy, and opt out of targeted advertising, sale, or profiling that produces legal/significant effects. We do not sell personal data. We will respond within 45 days (extendable once by 45 days). Appeals can be sent to hello@formulabyte.com.

13. Do We Make Updates to This Notice?

Yes. We update this notice as necessary to stay compliant. The updated version is effective when posted, indicated by the “Last Updated” date above. We may notify you of material changes via prominent notice or direct communication.

14. How Can You Contact Us About This Notice?

Email us at hello@formulabyte.com or by post:

15. How Can You Review, Update, or Delete the Data We Collect?

Based on your local laws, you may request access to the personal information we collect from you, request corrections, or deletion. To submit a data subject request, contact hello@formulabyte.com.

16. Data Privacy & Security (Hosting, AI Processing)

Formula Byte uses enterprise-grade controls to protect customer data. We host on Hostinger VPS and use services including OpenAI and JavaScript frameworks. We implement information security controls across our operations and continuously strengthen our posture.

User-Uploaded Data: When you upload data (files, documents, images, datasets, etc.), we store it to provide requested features, maintain integrity and security, comply with legal obligations, and communicate service updates. Data uploaded to the Data Analyzer is protected at rest with AES-256 encryption (storage-layer). No system is 100% secure.

Retention: We retain User-Uploaded Data only as long as necessary for the purposes above or as required by law. You may delete files and conversations at any time; upon account closure we delete or anonymize data unless further retention is required.

Processing with OpenAI: To generate outputs (e.g., code, formulas, analysis, summaries), we may send files and prompts to OpenAI via API. Per OpenAI’s current policy, data sent via their API is not used to train or improve their models. OpenAI may retain API data for up to 30 days solely for abuse and misuse monitoring, after which it is deleted unless required by law. See OpenAI security & data use guidelines for details.

Data Sharing: We do not sell, rent, or trade User-Uploaded Data for marketing purposes. We share with service providers (e.g., OpenAI, hosting, analytics) strictly to deliver the Services under appropriate agreements.