Bito Privacy Statement
Last updated: May 24, 2024
Introduction
At Bito, we take the privacy and security of your information seriously. This privacy statement (“Privacy Statement”) will explain how Bito Inc. (“Bito”, “we”, “our”, “us”) handles your personal data. “Personal Data,” as used in this Privacy Statement, is information that identifies or can reasonably be linked directly or indirectly to an identifiable person. The privacy practices and standards detailed in this Privacy Statement apply to all data subjects globally, unless specifically noted otherwise.
In particular, this Privacy Statement will touch on the following sections:
- · What Personal Data does Bito collect about me?
- · What Personal Data is Not Collected by Bito?
- · How does Bito use my Personal Data?
- · With Whom does Bito share my Personal Data?
- · How does Bito Secure my Personal Data?
- · Data retention
- · What are my rights and choices regarding Personal Data?
- · California Privacy Rights
- · Other important privacy information
This Privacy Statement applies to the Bito websites (“Websites”) and Bito.ai software products and services; collectively “Services.”
Information You Provide Directly
What Personal Data does Bito collect about me?
We collect the Personal Data you provide to us, for example:
Account Information: When you register for and use an account with Bito, we collect information that identifies you such as your name, username, email address, password and Git handle. This is collected for free and paid users of the SaaS product.
Profile Information: We collect information that you voluntarily provide in your user profile. This may include your organization name, and language preferences. This is collected for free and paid users of the SaaS product.
Payment Information: If you purchase a paid subscription from Bito, we will collect payment information from you that may include your name, billing address and credit card or bank information. We may also use your credit card information to verify your identity and prevent abuse of our Services. Please note that Bito does not directly process or store your entire credit card number, but we do direct that information to our third-party payment processors for processing. This is collected for paid users of the Self-managed and SaaS products.
Marketing Contact Information: If you request Bito to contact you, or sign up for marketing materials or events, Bito may collect information such as name, address, email address, telephone number, company name, and size of company. This may be collected through the Website as well as through the use of the Services.
Content you provide through the use of the Services: Examples of content we collect and store include but are not limited to: the summary and description added to a workspace, metadata related to your requests through the Services such as type of question, time and date of question, and length of question and answer.
Customer Support and Professional Services: If you contact Bito customer support, we will collect information about you related to your account and to the requests you are making or the services being provided. Customer Support information is collected through the Website, such as at Bito Docs, and Bito Support.
Call Recordings: We may record and transcribe sales calls hosted on various videoconferencing technologies to enable our sales and support teams to share conversational insights, create training and presentations, and improve their internal processes.
Other Content You Submit: We may also collect other content that you submit to our Services. For example: feedback, comments and blog posts, or when you participate in any interactive features, surveys, contests, promotions, prize draws, activities or events. When you participate in interactive channels, we may collect and process information for demographic analysis. Such collection is not tied to any specific products, but may be collected through the Websites.
Information About Your Use of the Services We Collect Automatically :
We may collect certain Personal Data automatically through your use of the Services, for example
Device Information and Identifiers: When you access and use our Services, we automatically collect information about your device, which may include: device type, your device operating system, browser type and version, language preference, IP address, hardware identifiers, and mobile IDs. This information may be collected through any use of the Services.
Subscription Data: We may automatically collect information about the number of active users, licensing timetables, historical user count, and IP address.
Services Usage Data: We collect metrics regarding activity and feature usage that provide insights into the success of features. We also collect metrics tracking how value is delivered through the Services and provide insights into optimal customer implementation.
Events Data: In addition to Services Usage Data, Bito also uses event analytics, such as browsing duration, page clicks and page views, in a pseudonymized form to gain insights into end-to-end user behavior.
Website Usage Data: When you visit our Website, we automatically log information about how you interact with the site, such as the referring site, date and time of visit, and the pages you have viewed or links you have clicked.
Cookies and Similar Tracking Technologies: Bito uses cookies and similar technologies to provide functionality, such as storing your settings, and to recognize you as you use our Services. In addition, we use cookies and similar technology to gather information to provide advertising which is tailored to you based on your online activity.
Email marketing: When we send you emails, they may include technology such as a web beacon, that tells us your device type, email client, and whether you have received and opened an email, or clicked on any links contained in the email.
Buttons, tools, and content from other companies: The Services may include links or buttons to third-party services such as Twitter and LinkedIn. We may collect information about your use of these features. In addition, when you see or interact with these buttons, tools, or content, some information from your browser may automatically be sent to the other company. Please read that company’s privacy statement for more information.
Information from Third-Parties and Partners
We may collect Personal Data from other parties in the following ways:
Vendors and Partners: We may receive information about you from third-parties such as vendors, partners, or affiliates. For example, we may supplement the data we collect with demographic information licensed from third-parties in order to personalize the Services and our offers to you. Likewise, our sales, marketing, and recruiting teams may receive access to third-party databases containing information to enrich business contacts and other corporate data, or we may receive social listening data from companies that monitor public posts.
Third-Party sign-in services: Bito may allow you to sign up for/in to our Services using third-party accounts. When you give permission for this to happen, Bito will receive information about you from your third-party account, such as name, email address, location and demographic information.
Other users of the Services: Other users of the Services may provide information about you when they submit issues and comments, or we may receive information when you are designated as a representative or administrator on your company’s account.
When you are asked to provide personal data, you may decline. And, where possible, you may use web browser or operating system controls to prevent certain types of automatic data collection. But if you choose not to provide or allow information that is necessary for certain products or features, those products or features may not be available or function correctly.
What Personal Data is Not Collected by Bito?
Bito does not intentionally collect sensitive Personal Data, such as social security numbers, genetic data, health information, or religious information. Although Bito does not request or intentionally collect any sensitive Personal Data, we realize that users might provide this data in a request to the Bito AI service.
Bito does not intentionally collect the Personal Data of individuals that are provided in a request.
If you are a child under the age of 18, you may not have an account. With the exception of Educational Licenses, Bito does not knowingly collect information from, or direct any of our Services to, children under 13. If we learn or have reason to suspect that a user is under the age of 13, we will close the child’s account.
How Does Bito use my Personal Data?
Bito uses your Personal Data for the following purposes:
- To create your account, identify and authenticate your access to the Services and provide you with the Services you have requested;
- To process your payment for the Services you have purchased;
- To understand how our Services are used and to improve our Services;
- To provide personalized experiences;
- To conduct user research and development;
- To send you important information about the Services;
- To send you information you have requested;
- To send you advertising, marketing content, offers, promotions, newsletters, surveys or other information;
- To provide you a forum to comment on or discuss the Services;
- To create digital productions and manage events;
- To provide trainings and learning opportunities;
- To enable partners to register and track deals;
- To provide workload and code review recommendations through machine-learning;
- To respond to your requests for customer support;
- To improve the security of and troubleshoot our Services, as necessary to perform the contract governing your use of our applications or to communicate with you;
- To detect, prevent, or otherwise address fraud and abuse to protect you, Bito, and third-parties;
- To enforce the legal terms that govern our Services;
- To comply with our legal obligations;
- To protect the rights, safety and property of Bito, you, or any third-party; and
- For other purposes, for which we obtain your consent.
Legal Basis for the Processing of your Personal Data
When our processing is subject to international laws, including but not limited to the General Data Protection Regulation (“GDPR”) that governs individuals located in the European Economic Area (“EEA”), we collect and process your Personal Data using one or more of the following legal bases set out by applicable law:
Performance of a contract: We use your Personal Data to provide the Services you have subscribed to, and to complete and administer the contract you have entered into with Bito, which includes the Terms of Service the Website Terms of Use and any agreement to process payment information.
Legitimate Interests: We use your Personal Data for our legitimate interests, such as to provide you with relevant content, communicate with business leads, improve our products and services, and for administrative, security, fraud prevention and legal purposes. You may object to the processing of your Personal Data for these purposes at any time.
Consent: We may use your Personal Data, with your consent, for specific purposes such as marketing, surveys, call recordings, and research. You may withdraw your consent for the specific purpose or object to the processing of your Personal Data at any time.
Compliance with a Legal Obligation: We may use your Personal Data in connection with legal claims, regulatory compliance, and audits.
More Information about Cookies on our Website:
“Cookies” are data files that are stored on your browser or device and are used to remember user preferences and behaviors over time. Cookies allow us to recognize your device and remember information, such as your preferred language and other general settings.
Cookies set by the website owner (in this case, Bito) are called “first party cookies”. Cookies set by parties other than the website owner are called “third party cookies”. Our Website use both first party and third-party cookies. For more information about specific cookies on this site, please see the Cookie Notice.
First Party Cookies: First party cookies on our Website are used for a variety of reasons, including purposes which may be strictly necessary for our Websites to function properly. Because these cookies are strictly necessary to deliver our Website, we do not seek consent for such uses.
Third Party Cookies: Our Website may contain content, pixels or cookie syncs from third parties, as outlined below. Note also that, in jurisdictions where consent is required for the placement of cookies, the appearance of any third parties on our Website is subject to these consents being obtained by or on behalf of these third parties. We do not control these third parties, and you should refer to the privacy statements of our partners and service providers to find out how they use cookies on our Websites and any data derived from such cookies.
Our Website may contain content or pixels from service providers providing certain services on our behalf, as well as content, pixels or cookie syncs. These third parties may collect data about your web viewing behavior on our Website and combine this data with information collected from other websites over time for purposes that include targeted advertising. Most advertising networks offer you a way to opt-out of targeted advertising. If you would like more information, please refer to the YOUR CHOICES section below.
You can remove or manage cookies by following directions provided in your browser or device’s “help” or “preferences” areas. Note: if you reject cookies, you may still use our Website, but some functionalities and areas of our Website may be limited. As the means by which you can refuse cookies through your web browser controls vary from browser-to-browser, you should visit your browser’s help menu for more information. You may also seek additional information here.
Other Technologies: Our vendors may employ other tracking technologies like clear gifs (sometimes called “web Beacons” or “tracking pixels”), that are pieces of code that can be embedded on websites and can be used to learn how you interact with that website. Clear gifs help us better manage content on our Website by informing us what content is effective. We also use clear gifs in our HTML-based emails to let us know which emails have been opened by recipients. This allows us to gauge the effectiveness of certain communications and the effectiveness of our marketing campaigns. In many instances, these technologies are reliant on cookies to function properly, and so declining cookies will impair their functionality.
Social Media: Our Website may include social media features, such as sharing buttons for Twitter, LinkedIn, and Facebook on our blog. These features may allow the social media provider, like LinkedIn, to collect certain information, such as your IP address, cookies and page you are visiting. We may also communicate information to you about our products and services using social media platforms. Your interactions with social media, these features and data collection enabled by such social media features are governed by the privacy policy of the social media provider offering them. Please note that links to social media platforms or content from our Website does not mean that we endorse the linked social media platform and/or content.
Your choices:
Industry opt-out pages: The online advertising industry provides websites from which you may opt out of interest-based advertising from companies that participate in self-regulatory programs. The US-based opt out pages are www.aboutads.info/choices and www.networkadvertising.org/choices. The European based page is www.youronlinechoices.com. In Canada, use youradchoices.ca/choices.
For mobile apps: You can opt out of our vendors using information about your usage of mobile apps that are targeted to your interests by using your device settings, for most devices. We are not able to directly access the Mobile App Opt Out on devices that offer it. To learn how to use the mobile app opt out, consult your device instructions. To find information on Opting out on Mobile Devices please visit http://www.networkadvertising.org/mobile-choice.
Cookies: For more information about opting out of cookies on our Website or otherwise blocking or deleting cookies, please refer to our Cookie Notice.
Adherence to Do Not Track Signals (“DNT”): DNT is a privacy preference that you may set in certain browsers or may be preset in certain instances. Please note that Bito does not currently honor DNT signals sent by browsers.
Global Privacy Control: Similar to DNT signals, “Global Privacy Control” (GPC) is a privacy preference you can set in your web browser to notify websites that you do not want your Personal Data shared with or sold to independent third-parties without your consent. Bito honors GPC in those jurisdictions where its recognition is required by applicable law.
With Whom does Bito share my Personal Data?
We may share each of the categories of Personal Data we collect with the types of third-parties described below, for the following business purposes:
Sharing with Users and the Public: We may share your Personal Data with other users of the Services and with the public if you choose to make your SaaS Profile public. You have control over what information is public. To change your settings, go to User Settings in your account.
Sharing with Managed Accounts and Administrators: If you have created a Bito account with your corporate email address, we may share your Personal Data with your Company if your Company enters into a commercial relationship with Bito. If this happens, then your use of the software and your account is subject to the terms and any data protection agreement between your Company and Bito.
In the event you change the email address on your account from a corporate email address to a personal email address and, thereafter, your Company enters into a commercial relationship with Bito, your Personal Data related to that account will not be shared with your Company. Bito will not link an account to a Company based on retroactive use of a corporate email.
Sharing with Service Providers: We share your Personal Data with our service providers. These are companies who provide services on our behalf, such as hosting our Services, marketing, advertising, social, analytics, support ticketing, credit card processing, security and other such similar services. These companies are subject to contractual requirements that govern the security and confidentiality of your information.
For example, we use analytics providers, such as Google Analytics, to help us understand the operation and performance of our Services. To learn about how Google uses and shares data it collects through its services, please visit https://www.google.com/policies/privacy/partners/. In addition, please visit our Sub-Processors page to see the list of our Sub-Processors that we use in order to provide customer support and host the Services.
Sharing with Partners: Bito works with third-parties who provide sales, consulting, support and technical services for our Services. Where permitted and with your consent (if required), we may share your data with these partners and resellers.
Sharing for Fraud and Prevention Abuse: We may share your information when we have a good faith belief that the disclosure is necessary to prevent fraud, abuse of our services, defend against attacks, and to protect the safety of Bito and our users.
Law Enforcement: Bito may disclose Personal Data or other information we collect about you to law enforcement if required in response to a valid subpoena, court order, search warrant, a similar government order, or when we believe in good faith that disclosure is necessary to comply with our legal obligations, to protect our property or rights, or those of third-parties or the public at large.
Merger or Acquisition: We may share your Personal Data if we are involved in a merger, sale, or acquisition of corporate entities or business units. If any such change of ownership happens, we will ensure that it is under terms that preserve the confidentiality of your Personal Data, and we will notify you on our website or by email before any transfer of your Personal Data.
Sharing Personal Data across national borders
Our Services are hosted in the United States and information we collect will be stored and processed on our servers in the United States. Our employees, contractors, affiliated organizations, service providers, and sub-processors that process Personal Data may be located in the United States or other countries outside of your home country. If you reside in the EEA, United Kingdom, or Switzerland, and we transfer information about you to a jurisdiction that has not been found by the European Commission to have adequate data protections, we will use available safeguards and legal mechanisms to help ensure your rights and protections, including using Standard Contractual Clauses or obtaining your consent.
How does Bito Secure my Personal Data?
We work hard to protect your Personal Data. We employ administrative, technical, and physical security controls where appropriate, to protect your information.
Data Retention
- Relationship and Usage Meta Data: This includes all data related to the customer’s interaction with Bito, such as address, billing amounts, user account data (name and email), and usage metrics (number of queries made, time of day, length of query, etc.). This category of data is retained indefinitely for ongoing service improvement and customer support.
- Bito Business Data: Includes customer-created templates and settings. This data is terminated 90 days after the end of the business relationship with Bito.
- Confidential Customer Business Data: This includes code, code artifacts, and other organization-owned data such as Jira, Confluence, etc. This data is either stored on-prem/locally on the customer’s machines, or, if in the cloud, is terminated at the end of the business relationship with Bito.
- AI Requests: Data in an AI request to Bito’s AI system. AI requests are neither retained nor viewed by Bito. We ensure the confidentiality of your AI queries; Bito and our LLM partners do not store your code, and none of your data is used for model training. All requests are transmitted via HTTPS and are fully encrypted.
Bito reserves the right to delete inactive accounts, projects, namespaces, and associated content. Bito may deem an account, project, or namespace inactive based on various criteria, including, but not limited to, the account creation date, the last time there was a valid log-in, and the date of the last contribution. If we plan to delete your account or projects, we will provide advance notice by sending a message to the email address registered to your account. Bito encourages you to utilize your account on occasion to avoid the risk of being deemed inactive.
What are my rights and choices regarding Personal Data?
You have the right to access, correct, restrict or delete your Personal Data. While these rights may vary by jurisdiction, Bito provides you with the same rights and choices, no matter where you live. We provide these rights free of charge unless your requests are manifestly unfounded and excessive.
You may exercise your choices and rights as follows:
To opt out of email marketing: You may opt-out of email marketing by clicking the “unsubscribe” link located at the bottom of any marketing email you receive and unsubscribing. You may continue to receive transactional email messages about your account and the Service after you have unsubscribed.
Request a copy of your information: You may request a copy of the Personal Data that Bito has about you by emailing Bito at legal@bito.ai.
Update your Information: If you already have an account, you may access, update, or alter your user profile information by logging into your account and updating profile settings.
To delete your Account: If you only want to delete your SaaS account, you may do so by contacting Bito at support@bito.ai and requesting your account deletion. If your account is tied to a Company that has entered into a commercial relationship with Bito, you will have to ask your Company administrator to remove your account from that corporate namespace before we can delete it. Once your account is no longer associated with that corporate namespace, Bito will process your deletion request according to the process stated herein.
To inform your Supervisory Authority: In the unlikely event you disagree with our handling of your request, you have the right to file a complaint with the competent supervisory authority in your jurisdiction.
California Privacy Rights
If you are a California resident, please visit the Bito California Privacy Notice for a specific description of your privacy rights and collection practices under the California Consumer Privacy Act.
Statement Changes
Bito may change its Privacy Statement from time to time. When we do, we will update the date at the top of this Statement. If we decide to make a significant change to our Privacy Statement, we will post a notice of the update on the homepage of our Website. We may also provide notification via email of any material changes to our Privacy Statement.
Contact Us
Your information is controlled by Bito Inc. If you have questions or concerns about the way we are handling your Personal Data, please email us with the subject line “Privacy Concern” at legal@bito.ai.
End Of Document