Back

Privacy Policy

Last updated 21 June 2026

Switchbox is a feature-flag service operated by an independent developer ("we", "us"). This policy explains what personal data we process, why, where it lives, how long we keep it, and the rights you have. We keep it plain-language on purpose — if anything is unclear, reach out via our contact page.

What we collect

  • Account data. When you sign in with GitHub or Google, we receive and store your verified email address, a provider user id, a username/display name, and an avatar URL. Your email is the only directly-identifying information we hold at rest.
  • Workspace & team data. If you create or join a workspace, we store membership records and any email addresses you use to invite teammates.
  • Your configuration. The projects, environments, feature flags, targeting rules, and segments you create. This is your content, not personal data — but note that targeting rule values and segment definitions are published to our CDN in plaintext. If you put an email, user id, or other identifier into a targeting rule, it is delivered to anyone holding that environment's SDK key. Don't put sensitive personal data into rule values.
  • Product analytics. We record anonymous, cookieless usage events (e.g. signing up, creating a flag) to understand how the product is used. Analytics are stored without cookies and without cross-site tracking.
  • Operational telemetry. When your SDK fetches flags from our CDN, we log coarse, non-identifying request metadata (HTTP status, edge location, country, user-agent, response size) keyed only by the opaque SDK key — never by an end user.
  • Error reports. Backend exceptions are captured to help us fix bugs; these may incidentally contain identifiers present in a request.
  • Contact submissions. If you use our contact form, we receive the email and message you send.

How we use it

  • To authenticate you and operate your account and workspaces.
  • To deliver your flag configuration to your applications.
  • To understand product usage and improve Switchbox.
  • To diagnose errors and keep the service reliable.
  • To respond to you when you contact us.

We do not sell your personal data, and we do not use it for advertising.

Sub-processors

We rely on the following service providers to run Switchbox. Each processes data only to provide its part of the service:

  • Neon — primary Postgres database (account, workspace, and configuration data).
  • Fly.io — API server hosting (Amsterdam, EU region).
  • Cloudflare — CDN object storage (R2), edge workers, KV, and request analytics that deliver and observe your flag configs.
  • GitHub and Google — OAuth sign-in identity providers.
  • PostHog (EU Cloud) — cookieless product analytics.
  • Sentry — backend error monitoring.
  • Discord — where contact-form messages and operational alerts are delivered.
  • Better Stack — uptime monitoring and our public status page.
  • Polar — payments and subscription management (only once you subscribe to a paid plan; not used today).

Where your data is processed

Our database and API are hosted in the EU (Amsterdam), and our analytics provider is EU-based. Cloudflare serves your flag configuration from edge locations worldwide so your applications get a fast, nearby response.

How long we keep it

  • Account & configuration: kept until you delete your account (or the data within it).
  • Audit history: retained per your plan (free tier targets a 30-day window).
  • CDN request analytics: retained for 3 months, then discarded automatically.
  • Connection liveness: short-lived, continuously overwritten.
  • Analytics & error reports: kept per our providers' default retention.
  • Contact messages: retained in our Discord history until manually cleared.

Your rights

You can access and export all of your data, and delete your account, at any time from Account settings in the dashboard:

  • Export. Download a complete JSON copy of your account, identities, and all workspace configuration you can reach.
  • Deletion. Deleting your account removes your account record, OAuth identities, and the configuration in workspaces you solely own, and purges the corresponding published configs from our CDN. Where you are the last admin of a shared workspace that still has other members, we ask you to transfer ownership or remove those members first, so we never destroy a team's data on your behalf.

Some sub-processors (e.g. analytics and error monitoring) are purged on request or expire under their retention windows rather than instantly on deletion. To exercise any privacy right, or to ask us to expedite removal from a specific processor, contact us via the contact page.

Cookies & tracking

Switchbox does not use tracking cookies. Our analytics are cookieless and do not follow you across sites, so no consent banner is required. We store a single sign-in token in your browser's local storage to keep you logged in; clearing it (or signing out) removes it.

Changes to this policy

We may update this policy as the product evolves. Material changes will be reflected here with a new "last updated" date.