Privacy Policy

Overview

ByteForgeLab ("we", "us", or "our") operates the website byteforgelab.com and all associated products including CartRecovery Pro, WooScribe AI, WooAnalytics Pro, WooSwatches Pro, and WC Gateway Monitor. This Privacy Policy explains how we collect, use, disclose, and protect information when you visit our website, use our products, or contact us.

By using our website or products, you agree to the collection and use of information in accordance with this policy. We will never sell your personal data to third parties.

Information We Collect

Information you provide directly

• Contact form submissions — name, email address, project description, and budget range when you use our contact form.
• Email correspondence — emails you send to hello@byteforgelab.com or any other ByteForgeLab email address.
• Newsletter sign-ups — email address if you subscribe to product update emails.
• Product purchases — purchase details are handled by the marketplace platform (e.g. CodeCanyon/Envato). We receive notification of a purchase and your username but not payment card details.
• Support requests — any information you include in support tickets or GitHub issue reports.

Information collected automatically

• Server logs — IP address, browser type, referring URL, pages visited, and timestamp. These are standard web server logs retained for 30 days for security purposes.
• Analytics — if we use privacy-respecting analytics tools (such as Plausible Analytics), we collect aggregate, anonymised usage statistics. No cookies are set for analytics.

Information we do NOT collect

• Payment card numbers or banking details — all payments are processed by third-party platforms.
• Passwords — we have no account system on byteforgelab.com.
• Device fingerprints or persistent tracking identifiers.

How We Use Your Data

We use the information we collect for the following purposes:

Purpose	Legal basis	Data used
Respond to project enquiries and contact form submissions	Legitimate interest / Contract	Name, email, message content
Deliver product updates and security notices to customers	Legitimate interest	Email address, purchase records
Send newsletter emails you have opted into	Consent	Email address
Improve website performance and diagnose technical issues	Legitimate interest	Server log data (anonymised)
Comply with legal obligations	Legal obligation	As required by applicable law

We will never use your data for automated decision-making that produces legal or similarly significant effects without your explicit consent.

Cookies & Tracking

byteforgelab.com uses minimal cookies. Specifically:

• No advertising or retargeting cookies. We do not run ads and do not use any ad-tracking technology.
• No third-party social tracking pixels. We do not embed Facebook, Twitter, or Google tracking scripts on our website.
• Session cookies only. If any cookies are set, they are strictly necessary session cookies that expire when you close your browser.

Data Sharing & Disclosure

We do not sell, trade, or rent your personal information. We may share data in the following limited circumstances:

• Service providers — we use email hosting (e.g. Google Workspace or similar) to send and receive email. These providers act as data processors under our instruction.
• Legal requirements — we may disclose information if required to do so by law, court order, or governmental authority.
• Business transfers — if ByteForgeLab is acquired, merged, or undergoes a structural change, customer data may be transferred as part of that transaction. We will notify affected users.
• With your consent — we may share data in any other circumstance with your explicit prior consent.

Data Retention

• Contact form enquiries — retained for up to 3 years to support ongoing project discussions and client relationships.
• Newsletter subscribers — retained until you unsubscribe. Each marketing email includes a one-click unsubscribe link.
• Server logs — retained for 30 days, then automatically purged.
• Purchase records — retained for 7 years as required for financial record-keeping under applicable law.

You may request deletion of your data at any time by emailing privacy@byteforgelab.com. We will respond within 30 days.

Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Right of access — request a copy of the personal data we hold about you.
• Right to rectification — request correction of inaccurate or incomplete data.
• Right to erasure — request deletion of your personal data ("right to be forgotten").
• Right to restriction — request that we limit processing of your data.
• Right to data portability — receive your data in a structured, machine-readable format.
• Right to object — object to processing based on legitimate interests or direct marketing.
• Right to withdraw consent — where processing is based on consent, withdraw it at any time without penalty.

To exercise any of these rights, email privacy@byteforgelab.com with the subject line "Data Rights Request". We will verify your identity and respond within 30 days (extendable to 90 days for complex requests).

Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include:

• HTTPS/TLS encryption for all data in transit.
• Restricted access to personal data — only team members who need it for their role have access.
• Regular security reviews of our infrastructure and code.
• No storage of payment card data — all payment processing is handled by PCI-DSS compliant third-party platforms.

If you discover a security vulnerability in any ByteForgeLab product or website, please contact us responsibly at security@byteforgelab.com before public disclosure.

Third-Party Services

Our products integrate with or link to third-party services. Their privacy practices are governed by their own policies, not ours:

• Anthropic — WooScribe AI and WooAnalytics Pro use Anthropic's Claude API. Data sent to Claude is governed by Anthropic's Privacy Policy. You use your own API key and Anthropic's terms apply directly to you.
• Twilio / CallMeBot — CartRecovery Pro optionally integrates with Twilio for WhatsApp. Your store's use of Twilio is governed by Twilio's own policies.
• Envato / CodeCanyon — product purchases are made through Envato's marketplace. Envato's privacy policy applies to your purchase transaction.
• Google Fonts — our website loads fonts from Google's CDN. This may transmit your IP address to Google. See Google's Privacy Policy.

Children's Privacy

ByteForgeLab's website and products are intended for business users and are not directed at children under the age of 13 (or 16 in some jurisdictions). We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately at privacy@byteforgelab.com and we will delete it promptly.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, product offerings, or applicable law. When we make material changes, we will:

• Update the "Last updated" date at the top of this page.
• Post a notice on our website homepage for 30 days after a material change.
• Where required by law, notify affected users by email.

Your continued use of our website or products after changes become effective constitutes acceptance of the updated policy. We encourage you to review this page periodically.

Contact Us

For any questions, concerns, or requests related to this Privacy Policy or your personal data, please contact us:

We aim to respond to all privacy-related requests within 5 business days and to complete any action required within 30 days.