Privacy Policy

Effective Date: May 23, 2026

1. Introduction and Scope

bytesize LLC (“bytesize,” “we,” “us,” or “our”) operates as a technology engineering agency and enterprise software provider. We design, build, and maintain cloud infrastructure networks, enterprise portals, and application software architectures, including our proprietary access management utilities (such as Intry) and institutional deployments.

This Privacy Policy governs the data processing practices for our corporate website (gobytesize.com), our associated subdomains, and the core administration systems we deploy. It explains how we collect, use, disclose, and safeguard user and client data. This policy does not supersede specific Master Service Agreements (MSAs) or Data Processing Agreements (DPAs) executed directly with our enterprise or institutional clients, where bytesize LLC acts strictly as a Data Processor.

2. Information We Collect

We collect information that identifies, relates to, describes, or could reasonably be linked, directly or indirectly, with a specific consumer or device (“Personal Information”).

A. Information Provided Directly by You

  • Communication and Lead Capture: When you interact with our contact portals, submission fields, or investor hubs, we collect your name, corporate email address, corporate telephone number, company name, asset/unit portfolio metrics, and the structural contents of your message.

  • Account Credentials: For authenticated client platforms, we collect identity parameters integrated via our enterprise identity management systems (e.g., Microsoft Entra ID single sign-on tokens).

B. Information Collected Automatically

When you navigate our digital environments, our cloud networks (orchestrated via providers like Cloudflare, Railway, and Fly.io) automatically log telemetry data, including:

  • IP addresses, device hardware models, operating system versions, and unique device identifiers.

  • Browser specifications, access latencies, pages viewed, and routing traffic pathways.

  • Mobile network parameters, carrier identity, and SMS transmission routing states (where applicable to programmatic alert systems).

3. How We Use Your Information

bytesize LLC utilizes the collected data to execute clear operational, commercial, and legal workflows:

  • To host, secure, maintain, and optimize our cloud infrastructure nodes and application services.

  • To process, validate, and respond to commercial inquiries, pilot program configurations, and asset Modernization evaluations.

  • To execute programmatic text messaging alerts, two-factor authentication (2FA) identity checks, and real-time transit telemetry via verified telecommunication pipelines.

  • To enforce security protocols, monitor network perimeter integrity, and detect or block malicious brute-force attempts, bot routines, or unauthorized administrative system access.

  • To comply with statutory state and federal regulatory frameworks, SOC 2 compliance baselines, and legal reporting obligations.

4. Mandatory Mobile Messaging & SMS Privacy Clause

This section governs the strict isolation of telecommunications data collected for automated messaging systems (10DLC and Toll-Free compliance frameworks):

  • Zero Third-Party Sharing: bytesize LLC does not sell, lease, rent, trade, assign, or otherwise share mobile telephone numbers or user opt-in/consent data collected through any public web form, contact portal, or application pipeline with third parties, affiliates, or external brokers for marketing, promotional, or independent commercial purposes.

  • Excluded Data Categories: All data collection and processing activities executed by bytesize LLC strictly exclude text messaging originator opt-in data and consent metrics. This information is kept entirely isolated within your specific operational tenant environment and will not be disclosed to any outside entities under any circumstances.

  • Purpose-Bound Routing: Mobile numbers collected specifically for transactional alerts, access overrides, or authentication links are utilized solely to execute those explicit system utilities via our programmatic carrier pathways (e.g., Telnyx or Twilio).

5. Data Sharing and Disclosure

We do not sell, monetize, or disclose your Personal Information to data brokers. We only disclose data to trusted service providers who require the information to execute technical infrastructure tasks under strict confidentiality mandates:

  • Cloud Infrastructure Providers: Secure, containerized compute and hosting networks (including Railway, Fly.io, and AWS).

  • Identity and Compliance Gateways: Enterprise single sign-on (SSO) and access token handlers (including Microsoft Entra ID).

  • Edge Security and CDN Layers: Network perimeter defenders and routing firewalls (including Cloudflare).

  • Legal and Regulatory Mandates: We will disclose information if required by a valid subpoena, court order, or federal regulatory audit, or when we believe disclosure is necessary to protect physical property security or human safety.

6. Your Rights and Regulatory Protections

A. California Privacy Rights (CCPA/CPRA Compliance)

If you are a California resident, you possess explicit rights regarding your Personal Information under the California Consumer Privacy Act, as amended by the California Privacy Rights Act:

  • The Right to Know: You have the right to request disclosure of the specific categories and pieces of Personal Information we have collected, the business purposes for collection, and the categories of third parties with whom we share it.

  • The Right to Delete: You have the right to request the permanent erasure of your Personal Information, subject to specific regulatory and transactional exceptions (such as maintaining active security logs or contract compliance).

  • The Right to Opt-Out of Sale or Sharing: bytesize LLC does not sell or share your Personal Information for cross-contextual behavioral advertising.

  • The Right to Non-Discrimination: We will not deny services, modify pricing tiers, or degrade application performance if you choose to exercise your privacy rights.

To exercise these rights, submit a formal request to legal@gobytesize.com with the subject line “CCPA Privacy Request.”

B. General Data Protection Regulation (GDPR Compliance)

For users accessing our services from the European Economic Area (EEA), bytesize LLC processes data under the following legal bases: contractual necessity, legitimate operational interest (system security and network performance), and explicit consent. You possess the right to access, rectify, or object to processing, as well as the right to data portability.

7. Data Retention, Sharding, and Security

  • Data Security Architecture: bytesize LLC deploys multi-layered technological controls to safeguard data. This includes enforcing database sharding to prevent cross-tenant data leaks, deploying Cloudflare web application firewalls (WAF) to drop unauthorized traffic, and encrypting data at rest and in transit using industry-standard cryptographic keys.

  • Exposed Vectors & Auditing: We run continuous automated vulnerability scans. Access to development environments requires multi-factor authentication, and unencrypted remote desktop protocols (RDP) are strictly prohibited on our production perimeters.

  • Retention Limits: We retain Personal Information only for as long as necessary to fulfill active commercial agreements, preserve system diagnostic history, protect security perimeters, or meet federal tax and statutory lookback requirements.

8. Children’s Privacy

Our technologies, applications, and corporate platforms are engineered exclusively for commercial real estate operators, tech developers, and adult residential tenants. We do not knowingly harvest, scrape, or retain data from children under the age of 13. If we discover an unauthorized collection from a minor, the records will be immediately purged from our data clusters.

9. Changes to This Policy

bytesize LLC reserves the right to modify this Privacy Policy to match changing telecommunication carrier rules, evolving cybersecurity threat landscapes, and state or federal statutory updates. When modifications are executed, the “Effective Date” at the top of this document will be updated. We encourage users to periodically audit this URL to remain informed on our structural security postures.

10. Contact and Corporate Information

To submit data erasure requests, compliance inquiries, or security disclosures, contact our administration office:

bytesize LLC Attn: Legal & Compliance

1954 Airport Road #1047 Atlanta, GA 30341

Email: legal@gobytesize.com