Contents #
ByteMechanix LLC ("ByteMechanix," "we," "us," or "our") respects your privacy. This Privacy Policy describes how we collect, use, disclose, and protect personal information across our marketing website (bytemechanix.co), our products (including ComplyIQ, CanaryIQ, FirewallIQ, PSForge, and ClientHub), and our business operations.
This policy applies to information we collect as a controller of personal information — for example, prospects, website visitors, account administrators, support contacts, and business partners. When ByteMechanix processes personal information on behalf of a customer (such as a school district using ComplyIQ to manage student or staff records), we act as a service provider or processor; that processing is governed by the customer's agreement and our Data Processing Addendum (BMX-LEG-001), not this Privacy Policy.
1. Information We Collect #
We collect the following categories of personal information:
Information you provide directly: name, employer, email address, phone number, mailing address, billing information, communications you send us, and information submitted through forms (sales inquiries, demo requests, support tickets).
Information collected automatically: IP address, browser type and version, device identifiers, operating system, referring URLs, pages visited, session duration, and other usage data collected through cookies, web beacons, server logs, and similar technologies.
Information from third parties: information provided by integration partners, payment processors, and publicly available business directories.
We do not knowingly collect personal information from children under 13 through our marketing website. Student data processed within ComplyIQ on behalf of K-12 customers is governed by FERPA, our DPA, and applicable state student privacy laws — see our FERPA Notice for details.
2. How We Use Information #
We use personal information to:
- Provide, operate, and maintain our products and services
- Process transactions, manage subscriptions, and issue invoices
- Respond to inquiries, support requests, and communications
- Send service announcements, security notices, and administrative messages
- Send marketing communications (where permitted; you may opt out at any time)
- Improve our products, develop new features, and conduct analytics
- Detect, prevent, and respond to fraud, abuse, and security incidents
- Comply with legal obligations and enforce our agreements
3. Legal Bases for Processing #
Where applicable law (such as the GDPR or UK GDPR) requires a legal basis for processing, we rely on the following:
- Contract: processing necessary to deliver the services you have purchased
- Legitimate interests: improving our products, securing our systems, and conducting business operations, balanced against your rights
- Consent: marketing communications and optional cookies, where required
- Legal obligation: tax, accounting, and regulatory compliance
4. How We Share Information #
We share personal information only as described below:
Service providers (subprocessors): vendors that help us deliver our services, including cloud hosting, email, analytics, payment processing, and customer support tools. A current list is published at bytemechanix.co/subprocessors.
Business transfers: in connection with a merger, acquisition, financing, or sale of assets, subject to standard confidentiality protections.
Legal compliance: when required by law, subpoena, court order, or to protect our rights, property, safety, or that of our users or the public.
With your direction: when you instruct us to share information with a third party (for example, an integration you authorize).
We do not sell personal information. We do not share personal information for cross-context behavioral advertising.
5. Data Retention #
We retain personal information only for as long as needed to fulfill the purposes for which it was collected, comply with our legal obligations, resolve disputes, and enforce our agreements. Specific retention periods vary by data type and are documented in our internal Data Retention Policy (BMX-POL-006).
6. Security #
We maintain administrative, technical, and physical safeguards designed to protect personal information. Our security program is described in the ByteMechanix Security Overview and is undergoing SOC 2 readiness assessment. No system is perfectly secure; we cannot guarantee absolute security but commit to industry-standard practices.
7. International Transfers #
ByteMechanix is based in Texas, United States. Personal information we collect may be processed in the United States or any country where our service providers operate. Where required, we use Standard Contractual Clauses or other approved transfer mechanisms.
8. Your Rights #
Depending on your location, you may have the following rights regarding your personal information:
- Access: request a copy of personal information we hold about you
- Correction: request that we correct inaccurate or incomplete information
- Deletion: request that we delete your personal information
- Portability: request a copy in a structured, machine-readable format
- Objection or restriction: object to or restrict certain processing
- Withdrawal of consent: where processing is based on consent
- Non-discrimination: we will not discriminate against you for exercising these rights
To exercise these rights, contact privacy@bytemechanix.co. We will verify your identity before responding and will respond within the timeframes required by applicable law (typically 30 to 45 days).
California residents have additional rights under the CCPA/CPRA, including the right to know categories of personal information collected and disclosed. We do not sell or share personal information for cross-context behavioral advertising.
9. Cookies and Tracking #
We use cookies and similar technologies for essential site functionality, analytics, and (where permitted) marketing. You can control cookies through your browser settings. Disabling cookies may limit some site functionality.
10. Third-Party Links #
Our site and products may contain links to third-party websites. We are not responsible for their privacy practices. Review their privacy policies before providing personal information.
11. Changes to This Policy #
We may update this Privacy Policy periodically. The "Last Updated" date at the top reflects the most recent revision. Material changes will be communicated by posting a prominent notice on our site or by email to account administrators.
12. Contact Us #
Privacy questions: privacy@bytemechanix.co General inquiries: hello@bytemechanix.co Mailing address: ByteMechanix LLC, [Registered Texas Address]
For data subjects in the European Economic Area or United Kingdom, you have the right to lodge a complaint with your local data protection authority.