Privacy Policy

We use the collected information to provide, maintain, and improve our log aggregation services. This includes processing and analyzing log data to provide real-time insights, generating alerts and notifications based on predefined criteria, and facilitating collaborative log analysis within organizations.

Your account information enables us to authenticate users, manage organization memberships, and provide personalized experiences. We use billing information solely for subscription management and payment processing through secure third-party payment processors.

Technical and usage data helps us optimize platform performance, identify and resolve system issues, develop new features based on user needs, and ensure the security and integrity of our services. We may use aggregated and anonymized data for research and development purposes.

Communication preferences allow us to send important service notifications, security alerts, billing updates, and optional marketing communications about new features and platform improvements. You can control these communication preferences through your account settings.

For legal compliance and security purposes, we may use information to detect and prevent fraudulent activities, investigate security incidents, comply with legal obligations, and protect the rights and safety of our users and organization.

Within your organization, log data and API keys are shared among authorized team members based on assigned roles and permissions. This collaborative sharing is fundamental to our platform's functionality and is controlled by organization administrators through our role-based access control system.

We engage trusted third-party service providers to support our operations, including cloud hosting providers for data storage and processing, payment processors for billing management, authentication services, and monitoring tools for platform security. These providers are contractually bound to protect your information and use it only for specified purposes.

We may disclose information when required by law, such as in response to court orders, subpoenas, or other legal processes. We will provide notice of such requests when legally permitted and will challenge overly broad or inappropriate requests to protect user privacy.

In the event of a business transaction such as a merger, acquisition, or sale of assets, user information may be transferred as part of the transaction. We will provide notice of any such change in ownership or control of personal information.

We may share aggregated, anonymized, or statistical information that does not identify individual users for research, analytics, or business development purposes. This information cannot be used to identify specific individuals or organizations.

We implement comprehensive security measures to protect your information against unauthorized access, disclosure, alteration, and destruction. This includes industry-standard encryption for data in transit and at rest, secure API authentication mechanisms, and regular security audits and penetration testing.

Our infrastructure includes secure data centers with physical access controls, network security monitoring, intrusion detection systems, and automated backup procedures. All API keys and authentication tokens are encrypted and stored using secure hashing algorithms.

Access to user data is restricted to authorized personnel who require it for legitimate business purposes. Our team members undergo security training and are bound by confidentiality agreements. We maintain detailed audit logs of all system access and data processing activities.

While we implement robust security measures, no system is completely secure. We encourage users to follow security best practices, including using strong passwords, enabling two-factor authentication, and promptly reporting any suspected security incidents.

In the event of a data breach that may affect your personal information, we will notify affected users and relevant authorities as required by applicable laws, typically within 72 hours of discovering the incident.

We retain your personal information and log data for as long as necessary to provide our services and fulfill the purposes outlined in this privacy policy. Account information is maintained while your account remains active and for a reasonable period afterward to facilitate account reactivation if desired.

Log data retention periods are configurable based on your subscription plan and organizational requirements. You can set custom retention policies ranging from days to years, and data is automatically deleted according to these settings unless legal obligations require longer retention.

When you delete your account or terminate your subscription, we will delete your personal information and log data according to our standard deletion procedures, typically within 90 days. Some information may be retained longer for legal compliance, security purposes, or legitimate business interests.

Backup copies of data may persist in our systems for additional periods as part of our disaster recovery procedures, but these backups are securely stored and not accessible for normal operations.

You have several rights regarding your personal information, subject to applicable laws and regulations. These include the right to access, correct, update, or delete your personal information, as well as the right to data portability and restriction of processing in certain circumstances.

You can access and modify most of your account information through your profile settings. For organization-level changes or data deletion requests that cannot be completed through the interface, you can contact our support team or designated privacy officer.

You can opt out of marketing communications at any time by clicking unsubscribe links in emails or updating your communication preferences in your account settings. Note that you will continue to receive essential service communications related to your account and subscriptions.

For users in jurisdictions with enhanced privacy rights (such as GDPR, CCPA, or similar regulations), additional rights may apply, including the right to data portability, the right to object to processing, and the right to lodge complaints with supervisory authorities.

To exercise any of these rights, please contact us at privacy@benchwrk.com with specific details about your request. We will respond within the timeframes required by applicable law, typically within 30 days.

We use cookies, web beacons, and similar tracking technologies to enhance your experience, analyze usage patterns, and provide personalized features. Essential cookies are necessary for basic platform functionality, including authentication, session management, and security features.

Analytics cookies help us understand how users interact with our platform, identify popular features, and detect potential issues. Performance cookies enable us to optimize loading times and improve overall system responsiveness.

You can control cookie settings through your browser preferences, but disabling certain cookies may affect platform functionality. We respect Do Not Track signals where technically feasible and legally required.

Third-party services integrated with our platform may set their own cookies or tracking technologies. We encourage you to review the privacy policies of these services to understand their data practices.

Our services may involve transferring your information across international borders to countries with different data protection laws. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses, adequacy decisions, or other legally recognized transfer mechanisms.

When processing data from the European Economic Area, United Kingdom, or Switzerland, we comply with applicable cross-border transfer requirements and implement appropriate technical and organizational measures to ensure data protection standards are maintained.

Our primary data processing occurs in secure facilities located in regions with robust data protection frameworks. We regularly review and update our data transfer practices to ensure ongoing compliance with evolving international privacy requirements.

Our services are designed for business and professional use and are not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16 years of age.

If we become aware that we have collected personal information from a child under 16, we will take immediate steps to delete such information from our systems. Parents or guardians who believe we may have collected information from a child should contact us immediately.

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or service offerings. We will notify users of material changes through email notifications, in-platform announcements, or by posting updated policies on our website.

Continued use of our services after such changes constitutes acceptance of the updated Privacy Policy. We encourage you to review this policy regularly to stay informed about how we protect your information.

For significant changes that may affect your rights or how we use your information, we will provide advance notice and may require explicit consent where required by applicable law.

Our platform may contain links to third-party websites, services, or integrations. This Privacy Policy does not apply to these external services, and we are not responsible for their privacy practices or content.

We encourage you to review the privacy policies of any third-party services you choose to use in connection with our platform. When integrating third-party services, we recommend understanding how they handle and protect your data.