Privacy Policy

VoidBat Ltd is a company registered in England & Wales. We build and distribute lightweight Chrome browser extensions for individuals and teams. In this policy "VoidBat", "we", "us" and "our" all refer to VoidBat Ltd.

If you have any questions about this policy or our data practices, please contact us at [email protected].

We are committed to minimal data collection. The categories of personal data we may collect are set out below.

2.1 Data you provide directly

• Account data — email address and password when you create a VoidBat account.
• Billing data — payment card information when you subscribe to a paid plan. Card data is handled exclusively by our payment processor, Stripe, and is never stored on our servers.
• Support data — information you include in emails or contact-form submissions when you get in touch with us.

2.2 Data collected automatically

• Website analytics — anonymised page-view and referral data via privacy-respecting analytics. No personally identifiable information is stored.
• Extension telemetry — aggregate, non-identifiable usage counts (e.g. number of automations run) to help us improve performance. No browsing history, page content, or personal data is ever collected from inside the extension.

2.3 What we do NOT collect

Our extensions do not read, store, or transmit the content of web pages you visit, passwords, form data, browsing history, or any other sensitive information. This is a core design principle, not just a policy.

• To create and manage your VoidBat account.
• To process payments and send you transactional emails (receipts, renewal reminders).
• To respond to your support requests.
• To improve our products using aggregated, anonymised usage statistics.
• To comply with legal obligations, including tax and accounting requirements.

We do not sell your personal data. We do not use your data for advertising or share it with third parties for their own marketing purposes.

• Contract — to deliver the services you have signed up for.
• Legitimate interests — to operate, secure, and improve our platform, where those interests are not overridden by your rights.
• Legal obligation — to meet statutory requirements such as financial record-keeping.
• Consent — where we rely on consent (e.g. marketing emails), you can withdraw it at any time.

Our website uses strictly necessary cookies to keep you signed in and to protect against cross-site request forgery. We do not use tracking or advertising cookies. You can review and clear cookies through your browser settings at any time.

We share your data only with trusted sub-processors who help us run the service:

• Stripe — payment processing (UK/EU data-processing agreement in place).
• Cloud infrastructure provider — hosting and database services within the UK/EEA.
• Email delivery — transactional email sending (receipts, password resets).

All sub-processors are contractually bound to process your data only on our instructions and in accordance with applicable data protection law.

We retain your account and billing data for as long as your account is active and for up to 7 years thereafter to satisfy UK tax and accounting obligations. Support correspondence is retained for 2 years. Anonymised analytics data has no fixed retention limit.

Under UK GDPR you have the right to:

• Access the personal data we hold about you.
• Correct inaccurate or incomplete data.
• Request erasure of your data (subject to legal retention obligations).
• Restrict or object to certain types of processing.
• Receive your data in a portable, machine-readable format.
• Withdraw consent at any time where processing is consent-based.

To exercise any of these rights, email [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).

We implement appropriate technical and organisational measures to protect your data, including TLS encryption in transit, encrypted storage at rest, access controls, and regular security reviews. However, no system is completely secure; please use a strong, unique password for your VoidBat account.

Our services are not directed at children under 13 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately and we will delete it.

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify registered users by email. Continued use of our services after the effective date constitutes acceptance of the revised policy.

VoidBat Ltd
Registered in England & Wales
Email: [email protected]