Effective Date: June 17, 2026 Last Updated: June 17, 2026
Databurst Technologies LLC ("Company," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use the Corzova platform and API (the "Service").
Our Privacy Commitment
We do NOT sell your data - Ever, to anyone, for any reason
We do NOT share your data with third parties - Your data stays with us
We do NOT collect data about you from third parties - We only collect what you provide directly
We do NOT use your data for advertising - No tracking, no profiling, no ads
1. Introduction & Scope
This Privacy Policy applies to all information collected through our Corzova platform and related services. By using our Service, you agree to the collection and use of information in accordance with this policy.
This policy does not apply to information collected by third parties or through third-party websites or services that may be linked from our Service.
2. Information We Collect
2.1 Account Information
When you create an account, we collect:
Name and contact information (email address)
Company/organization name
Account credentials (securely hashed passwords)
User role and permission settings
2.2 Workforce Data
Data you input into the system for workforce management:
Employee information (names, contact details, roles)
Time and attendance records
Project assignments and work logs
Billing and invoicing information
Any other data you choose to enter
2.3 Technical Data
Automatically collected for service operation:
Data Type
Purpose
Retention
IP Address
Security, rate limiting, abuse prevention
90 days
API Request Logs
Debugging, performance monitoring
30 days
Authentication Tokens
Session management
Until expiration or logout
Error Logs
Troubleshooting, service improvement
90 days
3. How We Collect Information
We collect information only through the following methods:
3.1 Direct Collection
Information you provide when creating an account
Data you enter through the API or user interface
Communications you send to us (support requests, feedback)
3.2 Automatic Collection
Server logs generated by your API requests
Authentication and session data
Technical information necessary for service delivery
What We Do NOT Collect
We do NOT purchase or obtain data from data brokers
We do NOT collect data from social media platforms
We do NOT use third-party tracking or analytics services
We do NOT collect data from any external sources
4. How We Use Your Information
We use your information solely for the following purposes:
4.1 Service Delivery
Providing and maintaining the Service;
Processing your workforce management data
Authenticating your access to the system
Generating reports and analytics you request
4.2 Service Improvement
Monitoring system performance and reliability
Identifying and fixing bugs or errors
Improving user experience and functionality
4.3 Communication
Responding to your support requests
Sending critical service notifications (outages, security alerts)
Providing account-related information
4.4 Security & Compliance
Protecting against unauthorized access or fraud
Enforcing our Terms of Service
Complying with legal obligations
5. Legal Basis for Processing
We process your personal data based on the following legal grounds:
Legal Basis
When It Applies
Contract Performance
Processing necessary to provide the services you've requested
Legitimate Interest
Security monitoring, fraud prevention, service improvement
Legal Obligation
Compliance with applicable laws and regulations
Consent
Where specifically requested (e.g., marketing communications, if any)
6. No Third-Party Sharing
Our Firm Commitment
We do NOT share, sell, rent, or trade your personal information or data with any third parties. This is a core principle of our service.
6.1 What This Means
Your workforce data is never shared with other companies
We do not sell data to advertisers or marketing companies
We do not share data with data brokers
We do not provide data to analytics or tracking companies
6.2 Limited Exceptions
The only circumstances where we may disclose information:
Legal Requirement: When required by law, court order, or government request
Safety: To protect the safety of our users or the public in emergency situations
Business Transfer: In connection with a merger or acquisition (with notice to you)
With Your Consent: When you explicitly authorize us to share specific information
Even in these limited cases, we will share only the minimum information necessary and will notify you when legally permitted.
7. Data Retention
7.1 Active Account Data
We retain your data for as long as your account is active and as needed to provide you services.
7.2 After Account Closure
Account Information: Deleted within 30 days of account closure
Workforce Data: Deleted within 30 days, or exported to you upon request
Backup Data: Removed from backups within 90 days
Audit Logs: Retained for up to 1 year for security and compliance purposes
7.3 Data Export
You may request an export of your data at any time. We will provide your data in a commonly used, machine-readable format within 30 days of your request.
8. Data Security
We implement robust security measures to protect your data:
8.1 Technical Safeguards
Encryption in Transit: All data transmitted using TLS 1.2 or higher
Encryption at Rest: Sensitive data encrypted using AES-256
Password Security: Passwords hashed using industry-standard algorithms
Token Security: OAuth tokens encrypted and securely stored
Access Controls: Role-based access with principle of least privilege
8.2 Operational Safeguards
Regular security assessments and monitoring
Employee access limited to those who need it
Incident response procedures in place
Regular backups with secure storage
8.3 Infrastructure
Hosted on Google Cloud Platform with SOC 2 compliance
Database access restricted to private networks
DDoS protection and rate limiting
Regular security updates and patching
9. Your Rights
You have the following rights regarding your personal data:
Right to Access
Request a copy of all personal data we hold about you.
Right to Correction
Request correction of inaccurate or incomplete data.
Right to Deletion
Request deletion of your personal data ("right to be forgotten").
Right to Portability
Receive your data in a portable, machine-readable format.
Right to Restrict
Request limitation of processing in certain circumstances.
Right to Object
Object to processing based on legitimate interests.
To exercise any of these rights, contact us at privacy@databurst.dev. We will respond within 30 days.
10. Cookies & Tracking Technologies
10.1 What We Use
We use only essential cookies necessary for the service to function:
Authentication Cookies: To keep you logged in securely
Session Cookies: To maintain your session state
Security Cookies: CSRF tokens to prevent cross-site request forgery
10.2 What We Do NOT Use
No third-party analytics cookies (Google Analytics, etc.)
No advertising or tracking cookies
No social media tracking pixels
No cross-site tracking of any kind
10.3 Do Not Track
We honor Do Not Track (DNT) signals. Since we do not track users across third-party websites, DNT settings do not change our behavior - we simply don't track you regardless of your settings.
11. International Data Transfers
Our servers are located in the United States. If you access our Service from outside the United States, your information will be transferred to and processed in the United States.
11.1 Safeguards
For users in the European Economic Area (EEA), United Kingdom, or other regions with data transfer restrictions:
We rely on Standard Contractual Clauses approved by the European Commission
We implement additional technical and organizational measures to protect your data
12. Children's Privacy
Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@databurst.dev. We will promptly delete such information.
13. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
13.1 Your CCPA Rights
Right to Know: What personal information we collect, use, and disclose
Right to Delete: Request deletion of your personal information
Right to Opt-Out: Opt-out of the sale of personal information
Right to Non-Discrimination: Equal service regardless of exercising privacy rights
13.2 Sale of Personal Information
We do NOT sell your personal information. We have never sold personal information and have no plans to do so. Therefore, there is no need to opt-out of sales.
13.3 Exercising Your Rights
To exercise your CCPA rights, contact us at privacy@databurst.dev or call us at our main business number. We will verify your identity before processing your request.
14. European Privacy Rights (GDPR)
If you are in the European Economic Area (EEA) or United Kingdom, you have rights under the General Data Protection Regulation (GDPR):
14.1 Your GDPR Rights
All rights listed in Section 9 (Your Rights)
Right to lodge a complaint with a supervisory authority
Right to withdraw consent at any time (where consent is the legal basis)
14.2 Data Controller
Databurst Technologies LLC is the data controller for personal data collected through the Service.
14.3 Supervisory Authority
You have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.
15. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by:
Posting the new Privacy Policy on this page with an updated "Last Updated" date
Sending an email notification to your registered email address for significant changes
Displaying a prominent notice within the Service
We encourage you to review this Privacy Policy periodically. Your continued use of the Service after changes are posted constitutes acceptance of those changes.