Privacy Policy

Last updated: March 2026

1. Introduction

Drizby is a product of Guidemode Limited ("we", "us", "our"), a company registered in England and Wales (company number 16839248), with its registered office at The Old Post Office, 41-43 Market Place, Chippenham, Wiltshire, SN15 3HR. We are committed to protecting your personal data and complying with the European Union General Data Protection Regulation (EU GDPR). This Privacy Policy explains how we collect, use, store, and protect your information when you use the Drizby platform, including our website at www.drizby.com and the Drizby Cloud service.

2. Data Controller

The data controller responsible for your personal data is:

Guidemode Limited

The Old Post Office, 41-43 Market Place, Chippenham, Wiltshire, SN15 3HR

Email: privacy@guidemode.dev

3. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Account Registration Data: Name and email address provided when you create an account on Drizby Cloud.
  • Usage Analytics & Performance Metrics: Aggregated, anonymised usage data and performance metrics collected only with your explicit consent. This may include feature usage patterns and application performance data.
  • Support Correspondence: Information you provide when contacting us for support, including email content and any attachments.

If you self-host Drizby, your data remains entirely on your own infrastructure. We do not collect any data from self-hosted instances.

4. Purpose and Legal Basis

We process your personal data for the following purposes, each with a corresponding legal basis under the GDPR:

Purpose
Legal Basis
Provide, maintain, and improve the Drizby service
Performance of contract (Art. 6(1)(b) GDPR)
Respond to support inquiries and communications
Legitimate interests (Art. 6(1)(f) GDPR)
Collect usage analytics and performance metrics
Consent (Art. 6(1)(a) GDPR)

5. Sub-Processors

We use the following sub-processors to deliver the Drizby Cloud service:

UpCloud

Cloud infrastructure and server hosting for Drizby Cloud. UpCloud is headquartered in Helsinki, Finland, and processes data within EU data centres. See UpCloud's Privacy Notice for details. DPO contact: privacy@upcloud.com.

Stripe

Payment processing for Drizby Cloud subscriptions. See Stripe's Privacy Policy for details. DPO contact: privacy@stripe.com.

6. Data Transfers

Where personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) as approved by the European Commission.
  • The EU-U.S. Data Privacy Framework, where applicable.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. When data is no longer required, it is securely deleted or anonymised.

8. Data Subject Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten").
  • Right to Restrict Processing: Request that we limit how we use your data.
  • Right to Object: Object to processing based on legitimate interests.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us at privacy@guidemode.dev. We will respond within 30 days.

9. Security Measures

We implement appropriate technical and organisational measures to protect your personal data, including:

  • HTTPS encryption for all data in transit (TLS 1.2/1.3).
  • Access controls and authentication for all systems.
  • Regular security audits and vulnerability assessments.

For more detail, see our Security & Compliance page.

10. Cookies & Tracking

Drizby uses a minimal approach to cookies:

  • Session Cookie (sessionId): A single essential cookie used for authentication. It has a 7-day lifespan with automatic renewal on activity. This cookie is strictly necessary for the service to function and does not require consent.
  • Infrastructure Cookies: Our hosting provider may set cookies for load balancing and security purposes. These are classified as strictly necessary.

We do not use any third-party tracking, advertising, or analytics cookies.

11. Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. If the breach is likely to result in a high risk, we will also notify affected individuals without undue delay.

12. Contact

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: privacy@guidemode.dev

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the "Last updated" date at the top of this page and, where appropriate, provide additional notice (such as via email or an in-app notification). Your continued use of the service after any changes constitutes acceptance of the updated policy.