Privacy Policy

Last updated: April 1, 2026

Introduction

ConfigDate Labs, Inc. ("Company," "we," "us," or "our") operates the ConfigDate platform. We are committed to protecting your privacy and ensuring you have a positive experience on our website and platform. This Privacy Policy explains our information practices, your rights regarding your data, and how we comply with applicable privacy laws including the European Union General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

This Privacy Policy applies to all individuals who visit our website, use our platform, or interact with our services in any way. If you do not agree with our policies and practices, please do not use our services. By accessing ConfigDate, you acknowledge that you have read and understood this Privacy Policy.

Information We Collect

We collect information in several ways to provide, improve, and maintain our service:

Account Information

When you create a ConfigDate account, we collect information you provide directly, including your name, business email address, company name, and billing information. If you choose to add team members to your workspace, we collect their email addresses and invite them to your account. We also collect any profile information you voluntarily provide, such as your role, department, or preferences.

Usage and Activity Data

We automatically collect information about how you interact with our platform. This includes which features you use, feature flag configurations you create, API calls you make, SDK implementations you deploy, the duration of your sessions, pages and content you access, search queries, errors you encounter, and the success or failure of your operations. This data helps us understand how you use ConfigDate and identify areas for improvement.

Device and Technical Information

When you access ConfigDate, we collect information about your device and connection, including your IP address, browser type, operating system version, device identifiers, and mobile network information. We also collect information about the applications and SDKs you use to integrate with our platform, including their version numbers and configurations.

Cookies and Tracking Technologies

We use cookies, web beacons, pixels, and similar tracking technologies to recognize you, remember your preferences, understand how you use our service, and improve your experience. This includes essential cookies required for authentication and security, analytics cookies that help us understand usage patterns, and functional cookies that store your preferences. We may also use third-party cookies from analytics providers and integration partners.

Communication Data

When you contact us via email, chat, or support channels, we collect and retain copies of your communications, including your messages, attachments, and any information you provide when reporting issues or requesting assistance. We also collect information when you participate in surveys, webinars, or feedback sessions.

Information from Third Parties

We may receive information about you from third parties, including single sign-on providers (such as Google, GitHub, or other OAuth providers) when you authenticate through them, payment processors when you provide billing information, and integration partners you authorize to connect with ConfigDate.

How We Use Information

We use the information we collect for legitimate business purposes:

  • Service Delivery: Providing, maintaining, and improving the ConfigDate platform; processing transactions and sending related information; managing your account and authenticating access.
  • Communication: Responding to your inquiries and support requests; sending service-related announcements and updates; notifying you of changes to our policies or service.
  • Analytics and Optimization: Analyzing usage patterns and trends; understanding how customers use our features; identifying technical issues and resolving them; optimizing platform performance and reliability.
  • Personalization: Customizing your experience based on your preferences; recommending features or improvements relevant to your use case.
  • Security: Detecting and preventing fraud, abuse, and security incidents; enforcing our terms and legal agreements; protecting the rights and safety of ConfigDate, our users, and the public.
  • Marketing: Sending promotional content, product announcements, and feature updates with your consent; analyzing the effectiveness of marketing campaigns.
  • Compliance: Complying with applicable laws, regulations, and legal requests; maintaining records for audit and compliance purposes.

Sharing and Disclosure

We do not sell your personal information to third parties. We may share your information in limited circumstances:

Service Providers

We share information with vendors and service providers who perform services on our behalf, including cloud infrastructure providers, payment processors, analytics providers, customer support platforms, email delivery services, and security vendors. These providers are contractually obligated to use your information only as necessary to provide services to us and are required to maintain confidentiality.

Integrated Services

If you authorize third-party integrations or connect external services to your ConfigDate account (such as Slack, Datadog, or other platforms), we share the necessary information to enable those integrations and may provide them with usage data as you've authorized.

Legal Requirements

We may disclose your information when required by law, such as in response to a subpoena, court order, or other legal process. We may also disclose information when we believe in good faith that disclosure is necessary to protect our rights, your safety, the safety of others, or to investigate fraud.

Business Transfers

If ConfigDate is involved in a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will provide notice of any such change and any choices you may have regarding your information.

Aggregated and Anonymized Data

We may share aggregated, anonymized, or de-identified data with partners, researchers, or the public for benchmarking, industry analysis, or marketing purposes. This data cannot be used to identify you.

Data Retention

We retain your personal information for as long as necessary to provide our services, comply with legal obligations, and fulfill the purposes outlined in this policy. Generally, we retain active account data while your account remains active. After account termination, we retain certain information as required by law or for legitimate business purposes, such as financial records, for a period of seven years. Usage logs and analytics data are typically retained for 24 months unless longer retention is required for legal or security reasons. You may request deletion of your account and associated data at any time, subject to our legal retention obligations.

Your Rights

Depending on your location, you have certain rights regarding your personal information:

General Rights

  • Access: You have the right to request a copy of the personal information we hold about you.
  • Correction: You may request that we correct any inaccurate or incomplete information.
  • Deletion: You may request that we delete your personal information, subject to certain exceptions.
  • Portability: You have the right to receive your data in a structured, commonly used format and to transmit it to another service provider.

GDPR Rights (European Union)

If you are located in the EU, you have additional rights under GDPR including the right to object to processing, the right to restrict processing, and the right to lodge a complaint with your supervisory authority. We will not process your data for marketing purposes without your explicit consent.

CCPA Rights (California)

If you are a California resident, you have the right to know what information we collect, the right to delete personal information we have collected, the right to opt-out of the sale or sharing of your personal information, and the right to non-discrimination for exercising your CCPA rights.

Exercising Your Rights

To exercise any of these rights, please contact us at privacy@config.date with your request. We will verify your identity and respond to your request within 30 days (or within the timeframe required by applicable law). If you are unable to access your account, we may require additional information to verify your identity.

International Data Transfers

ConfigDate is headquartered in the United States. If you are located outside the United States, your information will be transferred to and processed in the United States, which may have different data protection laws than your home country. By using ConfigDate, you consent to the transfer of your information to the United States. We implement appropriate safeguards including Standard Contractual Clauses and other mechanisms approved under GDPR to protect your information during international transfers.

Security

We implement comprehensive security measures to protect your personal information from unauthorized access, alteration, disclosure, and destruction. Our security practices include encryption of data in transit and at rest using industry-standard protocols, access controls and authentication mechanisms, regular security audits and penetration testing, employee training and confidentiality agreements, and incident response procedures. However, no security system is impenetrable, and we cannot guarantee absolute security. We will notify you of any breach involving your personal information as required by law.

Children's Privacy

ConfigDate is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected information from a child under 13, we will take steps to delete such information and terminate the child's account. If you have concerns about a child's information, please contact us at privacy@config.date.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by updating the "Last updated" date and, for significant changes, by sending you an email or displaying a prominent notice on our website. Your continued use of ConfigDate after any modifications indicates your acceptance of the updated Privacy Policy.

Contact Us

If you have questions about this Privacy Policy, our privacy practices, or would like to exercise your privacy rights, please contact us at:

ConfigDate Labs, Inc.
Privacy Team
Email: privacy@config.date

We will respond to your inquiry within 30 days of receipt.