B
Byrge

Privacy Policy

Last updated: January 1, 2026

Version 1.0

At Byrge, we take your privacy seriously. This policy explains what information we collect, how we use it, and your rights regarding your data.

1. Information We Collect

Information you provide:

  • Account information: Email address and password when you create an account
  • Profile information: Username, display name, bio, and profile photo
  • Content: Places (pins) you save, including names, descriptions, addresses, and photos
  • Collections: How you organize your saved places

Information collected automatically:

  • Usage data: How you interact with our service (pages visited, features used)
  • Device information: Browser type, operating system, device type
  • Log data: IP address, access times, referring URLs
  • Analytics: We use Amplitude to understand how users interact with our service. This helps us improve user experience and fix issues.

2. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve our service
  • Create and manage your account
  • Enable you to save, organize, and share places
  • Send important service updates (e.g., security alerts)
  • Respond to your questions and support requests
  • Detect and prevent fraud or abuse

Legal Basis for Processing (GDPR):

  • Contract: Processing necessary to provide our service to you (account creation, saving places)
  • Legitimate Interest: Improving our service, preventing fraud, ensuring security
  • Consent: Where you have given explicit consent (e.g., optional marketing communications)
  • Legal Obligation: When required by applicable law

We do not: Sell your personal information to third parties, use your data for targeted advertising, or share your private content without your consent.

3. How We Share Your Information

We share your information only in these cases:

  • Public content: Places and collections you mark as public are visible to other users
  • Service providers: We use trusted third parties to help run our service:
    • Supabase (database and authentication) – EU servers
    • Vercel (hosting)
    • Cloudflare (CDN and security)
    • Amplitude (analytics)
  • Legal requirements: If required by law or to protect our rights

4. Data Storage and Security

Your data is stored on secure servers in the European Union. We implement industry-standard security measures including:

  • Encryption of data in transit (HTTPS/TLS)
  • Secure password hashing
  • Regular security updates
  • Access controls and authentication

Data Retention:

  • Active accounts: Data retained while your account is active
  • Deleted accounts: Personal data deleted within 30 days of account deletion
  • Backups: May be retained for up to 90 days for disaster recovery
  • Legal requirements: Some data may be retained longer if required by law

International Data Transfers:

While your data is primarily stored in the EU, some of our service providers (Vercel, Cloudflare, Amplitude) may process data in the United States. These transfers are protected by Standard Contractual Clauses (SCCs) approved by the European Commission, ensuring your data receives equivalent protection outside the EU.

5. Your Rights

Under GDPR, UK GDPR, and other applicable data protection laws, you have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Delete your account and all associated data
  • Export: Download your data in a portable format (data portability)
  • Restriction: Limit how we use your data
  • Object: Object to processing based on legitimate interests
  • Withdraw consent: Where processing is based on consent

To exercise these rights, contact us at privacy@byrge.io. We will respond to your request within 30 days as required by GDPR.

Right to Complain: If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority in the EU member state of your residence, place of work, or where the alleged infringement occurred. UK residents may contact the Information Commissioner's Office (ICO).

6. Cookies and Tracking

We use cookies and similar technologies on our website. When you first visit Byrge, we will ask for your consent to use non-essential cookies.

Essential cookies (always active):

  • Authentication: Keep you logged in to your account
  • Security: Protect against cross-site request forgery
  • Preferences: Remember your cookie consent choice

Analytics cookies (require consent):

  • Amplitude: Helps us understand how users interact with our service, which features are most used, and where we can improve

Your choices:

  • Accept: Analytics cookies will be enabled to help us improve the service
  • Decline: Only essential cookies will be used. No analytics data will be collected. You can still use all features of Byrge without any restrictions.

You can change your cookie preferences at any time by clearing your browser's local storage and refreshing the page. We do not use tracking cookies or third-party advertising cookies.

7. Children's Privacy

Byrge is not intended for children under 13 years of age (or 16 in certain European countries where required by local law). We do not knowingly collect personal information from children under these age limits. If you believe we have collected such information, please contact us immediately.

8. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date.

9. Contact Us

If you have questions about this privacy policy or how we handle your data, please contact us at:

Email: privacy@byrge.io