Privacy Policy
Last updated: February 11, 2026
Summary: We collect minimal data needed to run our documentation platform. We never sell your data. You control your information.
1. Information We Collect
Information You Provide
When you create an account or use our services, you may provide:
- Account Information: Email address, name, and password
- Payment Information: Billing details processed by Stripe (we never store full card numbers)
- Content: Documentation, images, and other files you upload
- Communications: Messages you send to our support team
Command-Line Interface (CLI)
The Jamdesk CLI runs entirely on your machine. It does not collect telemetry, analytics, or usage data. The CLI only transmits data to our servers when you explicitly trigger platform features (like deployments), and only the minimum data needed for that action — your documentation content and configuration.
Automatic Collection
When you use our services, we automatically collect:
- Usage Data: Pages visited, features used, actions taken
- Device Information: Browser type, operating system, device identifiers
- Log Data: IP address, access times, referring URLs
- Analytics: Aggregated usage statistics via Google Analytics
2. How We Use Your Information
We use your information to:
- Provide, maintain, and improve our platform
- Process transactions and send related information
- Send technical notices, updates, and security alerts
- Respond to support requests
- Analyze trends and usage to improve the experience
- Detect and prevent fraud or unauthorized activity
- Comply with legal obligations
3. Information Sharing
We do not sell your personal information. We share information only in these circumstances:
Service Providers
We use trusted third-party services to operate our platform:
| Provider | Purpose | Data Shared |
|---|---|---|
| Google Cloud / Firebase | Infrastructure, authentication, database | Account data, content |
| Stripe | Payment processing | Billing information |
| Cloudflare | CDN, security, storage | Content delivery |
| Vercel | Website hosting | Usage analytics |
| Google Analytics | Usage analytics | Anonymized usage data |
| Resend | Transactional email | Email address |
Legal Requirements
We may disclose information if required by law or to:
- Comply with legal process or government requests
- Protect the rights, privacy, or safety of Jamdesk, users, or others
- Enforce our terms of service
Business Transfers
If Jamdesk is involved in a merger, acquisition, or asset sale, your information may be transferred. We will notify you of any such change.
4. Cookies and Tracking
We use cookies and similar technologies to:
- Keep you logged in
- Remember your preferences
- Understand how you use our services
- Improve performance
Types of Cookies
| Type | Purpose | Duration |
|---|---|---|
| Essential | Authentication, security, basic functionality | Session / 1 year |
| Analytics | Usage statistics (Google Analytics) | 2 years |
Managing Cookies
Control cookies through your browser settings. Disabling essential cookies may affect functionality. See our Cookie Policy for details on specific cookies.
Google Analytics
We use Google Analytics to understand how visitors use our site. It collects data anonymously without identifying individuals. Opt out with the Google Analytics Opt-out Add-on.
Global Privacy Control & Do Not Track
We honor the Global Privacy Control (GPC) signal. If your browser sends a GPC signal, we automatically disable all non-essential cookies regardless of your region. We do not currently respond to the older "Do Not Track" (DNT) header, as there is no uniform standard for it. We recommend using GPC instead.
5. Data Security
We use industry-standard security measures:
- Encryption: All data in transit uses TLS/SSL
- Access Controls: Strict limits on employee access to personal data
- Infrastructure: Google Cloud Platform with secure hosting
- Monitoring: Continuous security monitoring and logging
No method of transmission or storage is 100% secure. We cannot guarantee absolute security.
Data Breach Notification
If a data breach affects your personal information, we will:
- Notify affected users within 72 hours of discovery (per GDPR requirements)
- Notify relevant authorities where legally required
- Describe the breach, data affected, and steps we are taking
- Provide guidance on how to protect yourself
6. Data Retention
We keep your information while your account is active or as needed to provide services. After account deletion:
- Account data: Deleted within 30 days
- Content: Removed within 30 days
- Backups: Purged within 90 days
- Logs: Anonymized or deleted within 12 months
We may retain certain information as required by law or for legitimate business purposes.
7. Your Rights
You have the right to:
- Access: Request a copy of your personal data
- Correct: Fix inaccurate or incomplete information
- Delete: Request deletion of your data
- Export: Get your data in a portable format
- Restrict: Limit how we process your data
- Object: Opt out of certain processing
- Withdraw Consent: Revoke previously given consent
To exercise these rights, email legal@jamdesk.com.
8. International Data Transfers
Jamdesk is based in the United States. If you access our services from outside the US, your information may be transferred to and processed in the US or other countries where our providers operate.
We use appropriate safeguards for international transfers, including Standard Contractual Clauses where required.
9. California Privacy Rights (CCPA)
California residents have additional rights:
- Right to Know: What personal information we collect, use, and disclose
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out: We do not sell personal information
- Non-Discrimination: We will not penalize you for exercising your rights
Categories of Information
| Category | Examples | Collected |
|---|---|---|
| Identifiers | Name, email, IP address | Yes |
| Commercial Information | Purchase history, billing | Yes |
| Internet Activity | Browsing history, interactions | Yes |
| Geolocation | General location from IP | Yes |
| Biometric Information | Fingerprints, face recognition | No |
| Sensitive Personal Info | SSN, health data, precise location | No |
California "Shine the Light" Law
Under California Civil Code Section 1798.83, California residents may request information about disclosure of personal data to third parties for direct marketing. We do not share personal information for third-party marketing.
10. Other US State Privacy Rights
Residents of Virginia, Colorado, Connecticut, Utah, and other states with comprehensive privacy laws may have similar rights, including:
- Access: Confirm and access your personal data
- Correct: Fix inaccuracies
- Delete: Remove data you provided or we obtained
- Portability: Get your data in a portable format
- Opt-Out: Opt out of targeted advertising, data sales, and profiling
We do not sell personal data or use it for targeted advertising or profiling. To exercise any of these rights, email legal@jamdesk.com. We will respond within the timeframe required by applicable law (typically 45 days).
11. European Privacy Rights (GDPR)
If you are in the EEA, UK, or Switzerland, you have rights under the GDPR:
Legal Bases for Processing
- Contract: Processing needed to provide our services
- Consent: Where you have given explicit consent
- Legitimate Interest: For security, fraud prevention, and service improvement
- Legal Obligation: When required by law
Your GDPR Rights
In addition to the rights in Section 7, you may lodge a complaint with your local data protection authority.
Data Controller
Even Flow Solutions, LLC is the data controller for information collected through our services.
Data Processing Addendum
For organizations needing a formal data processing agreement, we offer a DPA with Standard Contractual Clauses. Visit our DPA page to learn more or request one.
12. Children's Privacy
Our services are not for children under 13 (or 16 in the EEA). We do not knowingly collect information from children. If you believe a child has provided us with personal data, contact us and we will delete it.
13. Changes to This Policy
We may update this policy. For material changes, we will:
- Post the updated policy here
- Update the "Last updated" date
- Email account holders about significant changes
Continued use after changes means you accept the updated policy.
14. Contact Us
Questions about this policy or our data practices:
- Email: legal@jamdesk.com
- Website: www.jamdesk.com
For data requests (access, deletion, etc.), email us with the subject "Privacy Request" and include your account email.