1. Data We Collect
Account Information
When you create an account, we collect your name, email address, and password (stored as a secure hash). If you use OAuth (Google, GitHub), we receive your name and email from those providers.
Usage Data
We collect information about how you use our platform: pages visited, features used, API calls made, and technical data such as IP address, browser type, and device information.
Payment Data
Payments are processed by Stripe. We do not store full credit card numbers. We retain billing records (amount, date, plan) for legal and accounting purposes.
Traffic Data
To provide the CDN service, we process HTTP requests passing through our network. We do not read or store the content of these requests beyond what is necessary for caching and delivery.
2. How We Use Your Data
- Providing and improving our services
- Sending transactional emails (account confirmations, invoices, security alerts)
- Analysing usage patterns to improve performance and reliability
- Detecting and preventing fraud and abuse
- Complying with legal obligations
We do not sell your personal data to third parties. We do not use your data for advertising.
3. Data Sharing
We share data only with:
- Service providers — Stripe (payments), AWS/GCP (infrastructure), Postmark (email), Datadog (monitoring). All are bound by data processing agreements.
- Legal requirements — if required by law, court order, or to protect our rights.
- Business transfers — in the event of a merger or acquisition, your data may transfer to the new entity.
4. Data Retention
We retain account data for as long as your account is active, plus 90 days after deletion for backup purposes. Access logs are retained for 30 days. Financial records are retained for 7 years as required by law.
5. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access a copy of your personal data
- Correct inaccurate data
- Request deletion of your data ("right to be forgotten")
- Object to or restrict processing
- Data portability (receive your data in a machine-readable format)
To exercise any of these rights, email us at privacy@gotofast.biz. We will respond within 30 days.
6. Cookies
We use essential cookies for authentication and session management. We use analytics cookies (with your consent) to understand how our site is used. See our Cookie Policy for full details.
7. Security
We use industry-standard security practices: TLS encryption in transit, AES-256 encryption at rest, multi-factor authentication for internal systems, and regular third-party security audits.
8. Children's Privacy
Our services are not directed to children under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.
9. Changes to This Policy
We may update this policy from time to time. We will notify you of material changes by email and by updating the "Last updated" date above. Continued use of our services after changes constitutes acceptance.
10. Contact Us
GoToFast Technologies Ltd.
Email: privacy@gotofast.biz
For GDPR inquiries: dpo@gotofast.biz