ALPHA
Byte-Range
Back to Home

Privacy Policy

Last updated: February 2026

1. Introduction

ByteRange ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform. By using ByteRange, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Personal Information

Information you provide directly to us:

  • Account credentials (name, email address, username, password)
  • Profile information (bio, avatar, professional background, skills)
  • Challenge submissions, writeups, and solution content
  • Job applications and cover letters submitted through the Platform
  • Communications with our support team
  • Payment and billing information (processed securely by Stripe — we do not store card details)

2.2 Usage Data

Information collected automatically when you use the Platform:

  • IP address, browser type, and operating system
  • Pages visited, features used, and time spent on the Platform
  • Challenge interaction data (attempts, completion times, difficulty ratings)
  • Device information and screen resolution
  • Referral source and search terms used to reach the Platform
  • Error logs and performance data to maintain service quality

2.3 Company Data

If you register a company account, we additionally collect company name, description, logo, industry, website, team member information, and job posting details. Company data is used to facilitate the hiring and candidate matching features of the Platform.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Platform and its features
  • Create and manage your account
  • Track your challenge progress, calculate scores, and verify skills
  • Generate your public skill profile and leaderboard rankings
  • Connect candidates with potential employers (with your explicit consent)
  • Process payments and manage credits
  • Send service-related notifications (account updates, security alerts, challenge results)
  • Respond to your support requests and communications
  • Analyze usage patterns to improve the Platform experience
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations

4. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

  • Partner companies: Only your public profile and verified skill information, and only with your explicit consent through your privacy settings. We never share your email, password, or payment details with employers.
  • Service providers: Third-party services that assist our operations (hosting, analytics, payment processing). These providers are contractually bound to protect your data and use it only for the purposes we specify.
  • Payment processing: Payment information is processed by Stripe. We do not store your credit card details. Stripe's privacy policy governs the handling of payment data.
  • Legal requirements: When required by law, court order, or government request, or to protect the rights, property, or safety of ByteRange, our users, or the public.
  • Business transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred. We will notify you before your data is subject to a different privacy policy.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit (TLS/HTTPS) and at rest
  • Regular security assessments and vulnerability testing
  • Access controls limiting employee access to personal data on a need-to-know basis
  • Row-level security (RLS) policies ensuring users can only access their own data
  • Security headers and content security policies to prevent common web attacks
  • Rate limiting to prevent abuse and brute-force attacks

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but will notify affected users promptly in the event of a data breach.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with the Platform's services. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law, for fraud prevention, or to resolve disputes. Anonymized and aggregated data (e.g., challenge completion statistics) may be retained indefinitely for analytics and improvement purposes.

7. Your Rights

Under applicable data protection laws (including GDPR), you have the right to:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Request correction of inaccurate or incomplete data
  • Erasure: Request deletion of your personal data ("right to be forgotten")
  • Portability: Request export of your data in a structured, machine-readable format
  • Objection: Object to certain processing of your data, including direct marketing
  • Restriction: Request that we limit the processing of your data in certain circumstances
  • Withdrawal: Withdraw your consent at any time where processing is based on consent

To exercise any of these rights, contact us at byte-range@proton.me. We will respond to your request within 30 days.

8. Cookies and Tracking

We use cookies and similar technologies for the following purposes:

  • Essential cookies: Required for authentication, security, and basic Platform functionality. These cannot be disabled.
  • Analytics cookies: Help us understand how users interact with the Platform so we can improve the experience. You can opt out via Cookie Settings in the footer.
  • Preference cookies: Remember your settings and preferences (theme, language, dashboard layout).

You can manage cookie preferences through the Cookie Settings link in the footer, or configure your browser to refuse cookies. Disabling essential cookies may impact Platform functionality.

9. Third-Party Services

The Platform integrates with the following third-party services:

  • Supabase: Database and authentication services
  • Stripe: Payment processing
  • Google/GitHub OAuth: Optional social login providers

Each third-party service has its own privacy policy governing how they handle your data. We encourage you to review their policies.

10. International Data Transfers

Your data may be processed in countries outside of your country of residence, including countries within the European Union and the United States (for certain service providers). Where data is transferred outside the EU/EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.

11. Children's Privacy

The Platform is not intended for users under 16 years of age. We do not knowingly collect personal information from children under 16. If we discover that we have collected data from a child under 16, we will delete it promptly.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, contact us:

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on the Platform. We will always indicate the date of the latest revision at the top of this page. Your continued use of the Platform after changes become effective constitutes acceptance of the revised policy.