dendrobundle

Privacy Policy

Last updated: June 9, 2026

dendrobundle (dendrobundle.com) is a bundle-size monitoring service. This policy describes what personal data we hold, why we hold it, and your rights. Where we write "we", "our", or "dendrobundle" we mean the operator of this service reachable at me@tomfordweb.net.

1. Data we collect and hold

Account data

When you register we store your name, email address, and a bcrypt-hashed password. We never store your plaintext password and we cannot recover it.

Session and security data

When you sign in, Better-Auth creates a session record containing your IP address, user-agent string, session creation time, and expiry timestamp. This data is stored in our database for the life of the session. We use it to detect suspicious logins and to enforce session expiry.

Customer content (confidential)

The core product stores the data you push via /api/push: project names, commit SHAs, branch names, bundle-size measurements, and asset and module names (which typically include source-file paths from your build output). This data is your confidential customer content. We:

  • Store it solely to operate the service for your account.
  • Never sell it, share it with third parties, or use it to train machine-learning models.
  • Delete it when your account is deleted (all project data cascades with the account).

Email audit log

We maintain a log of every email sent by the system (transactional alerts, digest summaries, broadcast messages). Each log row records the email kind, subject, delivery status, and the associated user ID. When you delete your account, the user-ID column in the email-log is set to null; the rows themselves are retained for operational auditing. No personally identifiable content (to-address, name) is stored in the log beyond the user reference.

Marketing preference

We store a boolean (marketingOptIn) against your account reflecting whether you have consented to receive product-update emails. This flag defaults to false and is only set to true when you explicitly tick the opt-in checkbox at registration or in your account settings.

Product analytics (consent-gated)

With your consent we use Google Tag Manager and Google Analytics 4 to understand how the product is used. When you accept analytics in the cookie banner, GA4 collects usage events (pages viewed, navigation, feature interactions), an approximate location derived from a truncated IP address (coarse region/country only — Google truncates the IP before storage), and coarse device/browser information (device type, browser, operating system, screen size). We use this solely to measure and improve the product. We do not sell this data, use it for advertising, or attempt to identify you personally from it, and we never link analytics data to your bundle content. Until you accept, analytics storage stays denied (Google Consent Mode v2) and no analytics cookies are set — see the cookie policy for the specific cookies and lifetimes.

2. Legal bases (GDPR Art. 6)

  • Contract performance (Art. 6(1)(b)) — account data, customer content, transactional email (build alerts, size-jump warnings, digest).
  • Legitimate interests (Art. 6(1)(f)) — IP address and user-agent stored in sessions for security and fraud-prevention purposes, and the same technical fields transmitted to our error monitor (Sentry) when a fault occurs, for service reliability and debugging.
  • Consent (Art. 6(1)(a)) — marketing email (product updates, tips), and product analytics (Google Analytics 4) for visitors in the EEA/UK. You may withdraw marketing consent at any time via your account settings or the unsubscribe link in any marketing email, and you may withdraw analytics consent at any time via the "cookie settings" control in the site footer (which re-opens the consent banner) — declining keeps Google Consent Mode set to denied and no analytics cookies are set.

3. Service providers (sub-processors)

  • Postmark (ActiveCampaign) — transactional and marketing email delivery. Your email address and name are transmitted to Postmark when we send you email. Postmark may record delivery events (opens, bounces) per their own privacy policy.
  • Stripe — payment processing. When billing activates for paid tiers, payment data is handled by Stripe under their privacy policy. We do not store full card numbers.
  • Database hosting — we use a managed MySQL-compatible database service to store all data described in this policy.
  • Sentry (Functional Software, Inc.) — application error monitoring. When an unexpected error occurs in your browser or on our server, technical diagnostic data is transmitted to Sentry to help us detect and fix faults. This may include your IP address, user-agent string, the URL or API route where the error occurred, and a stack trace (which can reference bundle file paths). We configure Sentry to not attach your account email or cookies to error events, and we never use this data for marketing or profiling.
  • Google (Google Ireland Ltd.) — product analytics via Google Tag Manager and Google Analytics 4, loaded only after you accept analytics cookies. GA4 then receives usage events, a truncated IP address (used for coarse region only), and coarse device/browser information. We have IP-anonymisation behaviour relied upon by default in GA4, do not enable Google Signals or advertising features, and do not use this data for advertising. Google processes it as our processor under their terms. We do not use Meta Pixel or any advertising-network tracking.

4. Your rights

If you are in the EEA, UK, or California, you have the following rights. You can exercise most of them directly from your account settings page.

  • Access and portability — download a JSON export of all data we hold about you.
  • Erasure — delete your account and all associated project data permanently.
  • Marketing objection — opt out of marketing emails at any time.
  • Correction — contact us to correct inaccurate information.

For requests that cannot be completed through the UI, email me@tomfordweb.net. We will respond within 30 days.

5. Retention

  • Account and product data — retained until you delete your account.
  • Sessions — expire automatically per the session expiry timestamp; deleted on sign-out.
  • Snapshots and assets — subject to per-tier retention limits (visible on the pricing page).
  • Email audit log rows — retained indefinitely for operational integrity; your user ID is set to null upon account deletion so rows are no longer linked to you.
  • Analytics — GA4 event data is retained for up to 14 months under our Google Analytics data-retention setting, then automatically deleted by Google. Analytics cookies in your browser expire per the lifetimes listed in the cookie policy.

6. Security

Session cookies are httpOnly and Secure. Passwords are hashed with bcrypt before storage. We do not log or transmit plaintext credentials.

7. Changes to this policy

We may update this policy as the product evolves. Material changes will be communicated by email to users with a verified email address. The "Last updated" date at the top of this page reflects the most recent revision.

8. Contact

For privacy questions or to exercise rights that aren't available in the UI, contact me@tomfordweb.net.