01Scope
This policy covers the Glintdesk desktop client, mobile apps, web experiences, and associated services (collectively, "Glintdesk"), operated by Towardway Intelligence Computing Limited ("we", "us").
If you are a Team plan administrator, this policy applies to your personal account. The Team Data Processing Addendum governs data you process on behalf of your organization.
02Data we collect
Account data
Email address, display name, password hash, and billing identifiers provided to our payment processors (PayPal and Stripe).
Device data
To route connections we collect device fingerprints, OS version, app version, and a randomly-generated device key. None of this ties to the content of your sessions.
Session telemetry
Connection start/end time, bit-rate, framerate, and error codes - used for diagnostics and capacity planning. Session contents are never collected.
Support data
Any information you voluntarily send to our support channel, including attached logs and screenshots.
03How we use data
- Operate, maintain, and secure Glintdesk.
- Authenticate your account and route connections between your devices.
- Process payments and provide customer support.
- Detect, prevent, and investigate fraud, abuse, and security incidents.
- Improve product reliability through aggregated, non-identifying telemetry.
- Comply with applicable legal obligations.
We do not sell personal information, and we do not use your data to train third-party machine-learning models.
04End-to-end encryption
Every Glintdesk session is protected with AES-256 keys generated on your devices. Our relay servers observe only ciphertext and are incapable of decrypting content, even under legal process.
Key material never leaves your endpoints. If you lose all authorized devices, we cannot recover past session data - this is a deliberate security property.
06Retention
Account data is retained while your account is active and for up to 30 days after deletion to complete our accounting and compliance processes. Connection telemetry is retained for 90 days. Support emails are retained for 2 years.
07Your rights
Depending on where you live, you may have the right to access, correct, export, restrict processing, or delete your personal data. To request deletion of your Glintdesk account and associated user data, use the account deletion page. If you cannot sign in, submit a request through Support.
EU, UK, California, and Hong Kong residents have additional rights under GDPR, UK-GDPR, CCPA, and PDPO respectively. You may lodge a complaint with your local supervisory authority at any time.
08Children
Glintdesk is not directed at children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal information from such children; if you believe we have, please contact us and we will delete it.
09International transfers
Glintdesk is operated from Hong Kong with infrastructure in the United States, Germany, Singapore, and Japan. When we transfer personal data across borders we rely on appropriate safeguards including the EU Standard Contractual Clauses where applicable.
10Changes
We will post any material changes to this policy at least 30 days before they take effect and, where we hold your contact information, will notify you by email. The "effective date" at the top of this page always reflects the latest version.
11Contact
Privacy questions: submit a request through Support.
Mailing address: Towardway Intelligence Computing, Room 1213, 12/F Tower A, Hunghom Commercial Centre, 39 Ma Tau Wai Road, Hung Hom, Hong Kong.