Privacy
Privacy policy
Last updated May 5, 2026
Bitsmith is built by Hungrimind. We try to collect as little as we can while still running a usable product. This page explains what we collect, why, who has access, and how to reach us.
What runs on your server
The Bitsmith software you install on your own hardware is the centre of the product. It does not phone home. It does not send us telemetry, the contents of your files, the list of apps you run, or how you use the UI.
The only thing the installed software talks to us about is your license: a once-a-day check-in to confirm the license is still valid. That request includes your installation ID, claim token, and a hardware fingerprint so we can detect if the same license is being used on multiple machines.
What we store about your account
When you buy a license through bitsmith.app, we store:
- The email address you used at checkout
- A Stripe customer ID linking you to your purchase
- Your license keys, status, and which server has claimed each one (server name, hardware fingerprint hash, last-seen time)
- Short-lived sign-in tokens and session cookies (sign-in tokens expire in 15 minutes; sessions expire after 30 days)
We don't store your name, address, payment card, or anything else from checkout — Stripe handles all of that on their infrastructure.
Third parties
We use the following services to run Bitsmith:
- Stripe — payment processing and customer record
- Cloudflare — site hosting, DNS, and the email delivery for sign-in links
- Turso — database hosting for the account service
Each of these has their own privacy practices. We share only what's needed for them to do their job.
Analytics
The marketing site (bitsmith.app) does not load any third-party analytics, ad networks, or session-replay tools. Cloudflare's standard request logs apply for security and abuse prevention.
How long we keep things
- Sign-in tokens: 15 minutes, then deleted
- Sessions: 30 days from last sign-in, or until you sign out
- License records: as long as the license is active
- Stripe webhook events: kept for de-duplication and audit
Your rights
You can:
- Ask for a copy of the data we hold about you
- Ask us to delete your account (we may retain transactional records as required by tax law)
- Unlink any server from your dashboard at any time
To exercise any of these, email robert@hungrimind.com.
Changes
If we change how we handle data, we'll update this page and bump the "last updated" date at the top. If the change is material, we'll also email anyone with an active license.
Contact
Reach the team at robert@hungrimind.com.