Privacy Policy
How we handle your data — with the same rigor we bring to execution infrastructure.
Overview
Mindburn Labs is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights.
Data We Collect
When you visit our website, we collect minimal data necessary for operation:
- Contact information: Name, email address, and company name when you voluntarily submit them via our contact form.
- GitHub activity: Public interactions on our repositories (issues, pull requests, discussions).
We do not collect personal information beyond what is technically necessary.
- Usage analytics or behavioral tracking data
- Device fingerprints or persistent identifiers
- Telemetry from HELM or any deployed software
How We Use Data
We use collected data exclusively for operating and improving our services. We never sell personal data.
Third-Party Services
This website is hosted and delivered through the following services:
- DigitalOcean: Hosting provider (App Platform). Subject to DigitalOcean Privacy Policy.
- Cloudflare: CDN and DDoS protection. May set a technical cookie(
__cf_bm). Cloudflare Privacy Policy. - GitHub: Source code hosting and CI/CD. Subject to GitHub Privacy Statement.
Cookies
We use essential cookies only — no tracking cookies, no advertising cookies, no third-party analytics scripts. We use Plausible Analytics, which is cookie-free and GDPR-compliant by design.
HELM Telemetry
HELM OSS does not send telemetry by default. If you opt in to telemetry, we collect anonymous usage statistics only — no API keys, no request content, no PII.
Data Retention
We retain data only as long as necessary for the purposes described. Server logs are rotated every 30 days.
GDPR Rights
If you are in the European Economic Area, you have the right to access, rectify, or delete your personal data.
- Access: Request a copy of your personal data.
- Rectification: Request correction of inaccurate data.
- Erasure: Request deletion of your personal data ("right to be forgotten").
- Portability: Request your data in a structured, machine-readable format.
- Restriction: Request restriction of processing.
- Objection: Object to processing based on legitimate interests.
[email protected] [email protected]. We respond to all GDPR requests within 30 days.
Security
We follow industry best practices for data security, including encryption at rest and in transit, access controls, and regular security audits.
Changes to This Policy
We may update this policy from time to time. Material changes will be communicated via our website and changelog.
Contact
For questions about this privacy policy or your personal data, contact us at:
[email protected]