Privacy Policy

Last updated: 25 Feb 2026

Your privacy is important to us.

This Privacy Policy explains how we collect, use, and protect your personal data when you use our service.

This policy is split into sections:

  1. Data We Collect
  2. How We Use Your Data
  3. Data Sharing and Subprocessors
  4. User Rights & Controls
  5. Data Storage & Security
  6. Cookies & Tracking
  7. Legal Compliance
  8. Contact Us

1. Data We Collect

When you use BandTools, we collect the following data:

  • Account Information: Email address, username, name, password and optional website address
  • Newsletter Subscribers: Email addresses of people who subscribe to newsletters created using BandTools
  • Session Data: IP addresses and user agents for security and authentication
  • User Activity: Interaction data tracked via Plausible Analytics (no tracking cookies used)
  • Content Data: Newsletters, attachments, and related files uploaded by users
  • Inbound Emails: Replies to newsletters are temporarily stored for up to 24 hours before being automatically deleted
  • SendTo Emails: Newsletters created from emails using the SendTo feature are temporarily stored for up to 3 days before being automatically deleted

Top

2. How We Use Your Data

We use the collected data to:

  • Send newsletters on behalf of users
  • Manage subscriptions and payments for paid plans
  • Notify users about account activity (e.g. confirmations, subscriber changes)
  • Display public newsletter archives if the user opts in
  • Monitor service usage and improve performance
  • Support and moderate service safety

AI-Assisted Content Moderation

We use automated content moderation tools to help identify potentially harmful or prohibited content in newsletters prior to sending. When users create or submit newsletter content, that content may be securely processed by AI-based moderation services for classification and safety analysis. Content flagged by these systems is not acted on automatically; all flagged content is reviewed by a human reviewer. Users will be notified by email if content is held for review.

Top

3. Data Sharing and Subprocessors

We do not sell or rent your personal data. However, we share data with trusted third-party service providers that help operate, maintain, or improve the BandTools service. These providers act as subprocessors and process data only on our behalf under contractual data protection obligations.

Subprocessors/Service Providers Include:

  • Backblaze B2: For image and database backup storage (EU Central region)
  • Hetzner: For hosting infrastructure in the EU
  • Honeybadger: For error tracking and application performance monitoring
  • Mailgun: For email delivery and receipt of incoming emails (EU region)
  • OpenAI Platform: For AI-based content moderation services
  • Plausible Analytics: For non-cookie-based website analytics

A current list of subprocessors is available upon request.

Each subprocessor is contractually required to process data in compliance with applicable data protection laws. If we engage additional subprocessors in the future, we will update this policy accordingly.

Top

4. User Rights & Controls

  • Unsubscribing: Newsletter recipients can unsubscribe at any time via the unsubscribe link in emails
  • Account Deletion: Users can delete their account and all associated data
  • Access Requests: Users can request access to their data

If you believe information we hold about you is incorrect, you can contact us to update or correct it.

Top

5. Data Storage & Security

  • User data is stored on Hetzner servers in the EU, Mailgun (EU region), and Backblaze B2 (EU Central region) and other subprocessors where applicable
  • All personally identifiable information (PII) is encrypted at rest
  • HTTPS is enforced for secure data transmission
  • We use Honeybadger to monitor application performance and errors. Error data and logs may include metadata such as IP addresses and request context. Logs are securely transmitted and stored by Honeybadger in accordance with their privacy practices

Top

6. Cookies & Tracking

  • Session Cookies: Used for authentication and required functionality
  • No Tracking Cookies: BandTools does not use tracking cookies for advertising or third-party analytics

Top

8. Contact Us

If you have any privacy-related questions or requests, please contact us at support@bandtools.app.

Top

By using BandTools, you agree to this Privacy Policy.

We may update this policy periodically, and we will notify users of significant changes.