Privacy Policy

We may collect account and contact information such as name, email address, company name, workspace identifier, role, support messages, and commercial contact details.

We may collect checkout, subscription, entitlement, license, registry-access, and billing status information. Payment details such as full card numbers are handled by the payment provider or Merchant of Record and are not stored by Arconath.

We may collect technical information such as IP address, browser, device, request logs, timestamps, diagnostics, product usage events, API activity, CLI metadata, and security or abuse-prevention signals.

Customer self-hosted runtime data may include release records, service names, deployment metadata, policy results, evidence summaries, connector health, runtime-check output, audit events, and report metadata.

Customer-owned infrastructure credentials, kubeconfigs, private keys, passwords, and tokens should be stored in the customer secret-management system and should not be submitted through public support, checkout, or contact forms.

We use information to operate the website, provide checkout and subscription workflows, issue or validate entitlement, deliver package access, support customers, improve product reliability, prevent abuse, protect security, and comply with legal obligations.

We may use diagnostic and usage information to troubleshoot onboarding, package installation, checkout status, connector behavior, report performance, and public-safe contact requests.

Checkout and payment information is used to create payment sessions, verify successful payment events, activate paid entitlement, manage subscriptions, issue receipts, handle billing questions, and prevent fraud.

A created checkout session does not by itself activate a paid plan. Plan status changes after a verified successful payment event or authorized owner-issued entitlement is recorded.

We may use cookies, local storage, server logs, and analytics tools to keep sessions working, understand public website usage, detect abuse, measure reliability, and improve product experience.

Browser and analytics settings may allow you to limit some tracking. Some operational cookies or storage may be required for login, checkout, or console functionality.

We may share limited information with service providers that help operate hosting, infrastructure, analytics, payment processing, email, support, security, monitoring, registry, and delivery workflows.

Service providers may process information only as needed to provide their services to Arconath, subject to their own legal and contractual obligations.

If you configure connectors or identity providers, Release Passport may exchange data with systems such as Git providers, CI systems, registries, Kubernetes, GitOps tools, log systems, metric systems, incident tools, security scanners, or OIDC providers.

You control the credentials, scopes, and configuration used for customer integrations. Third-party systems are governed by their own privacy practices and terms.

We use reasonable technical and organizational measures intended to protect information against unauthorized access, misuse, loss, and alteration.

No system is perfectly secure. Customers are responsible for securing self-hosted deployments, network access, identity providers, backups, logs, secret stores, and registry credentials under their control.

We retain information only as long as needed to provide services, maintain accounts, process billing, deliver licenses and packages, meet legal obligations, resolve disputes, prevent abuse, and enforce agreements.

Customer self-hosted runtime retention depends on the customer deployment, configured storage, active license, and retention settings.

Information may be processed in countries where Arconath, infrastructure providers, payment providers, or support providers operate.

Where required, we rely on appropriate safeguards, contractual terms, or other lawful transfer mechanisms.

Depending on your location, you may have rights to access, correct, delete, export, restrict, or object to certain processing of personal information.

To make a request, contact support@releasepassport.com. We may need to verify your identity and may retain information where required for security, legal, billing, or operational reasons.

Release Passport is intended for professional and business use. It is not intended for children, and we do not knowingly collect personal information from children.

We may update this Privacy Policy as the product, legal requirements, or operational practices change. The updated date shows when the current version became effective.

For privacy, billing, legal, or support questions, contact support@releasepassport.com. Do not include secrets, private keys, tokens, kubeconfigs, or sensitive release evidence in public support email.