Our business model revolves around protecting your privacy and ensuring your digital security. So instead of asking the typical question many companies providing online services ask "How much information can we get from our customers?", we ask the opposite "What minimum information do we absolutely need to run this service securely?".
If you become our client, you will have to provide us Personally Identifiable Information (PII). This PII you voluntarily provide us is securely stored on our network, only accessible to us and never ever shared with any third parties unless ordered to do so by a Swiss court. We have been compliant with the EU's GDPR since our inception, years before GDPR was passed into law. We only use this information to provision your account on our network and to contact you with information related to your subscriptions at Bit Armor like your username and password, payment reminders, updates, special deals, etc.
At Bit Armor, by default, we log nothing. This means we do not log the content of your calls or your chats. This would be a pointless exercise since all that data is heavily encrypted anyway and only the client has the crypto keys.
However, like any online business, we need to log certain technical information in order to maintain our network up and running, prevent fraud and cyber-attacks, and provide the customer with a first rate experience. In absolute contrast to most e-commerce sites out there, our business model is predicated on ensuring your privacy, not collecting information on you. For this reason we believe in minimal logging policies and maximum transparency to our customer. We log the IP address and related technical information for visitors to the site and users of our services as well as signaling data on phone/video calls and messages sent through our network for maintenance and network security purposes and for the period and purposes strictly required by law. Note that we log only signaling data, never call content. We only log this data for 1 week after which it is permanently and securely wiped.
We log payment related information in order to satisfy the anti-fraud requirements of the credit card processor. Any information that is required in addition to your account information to process credit card payments, like your complete address, is passed directly to the credit card processor in encrypted form.
Once the logged data are no longer needed for technical maintenance and support issues all logs are securely wiped from our network. This means they can never ever be retrieved, even by us. Currently we keep these logs only for 1 (one) week.
In short, we do everything that is technically and legally possible to ensure we only hold the bare minimum of technical information needed to securely run our network, provision our customers, and prevent fraud and criminal activity. Your private information is your property and, frankly, it is none of our business. If we don't have a compelling technical reason to collect or log any data, then we simply won't.
Version 1.5, 17 November 2023