HuntCode
Legal

Privacy Policy

This Policy was last updated on Monday, February 16th, 2026.

Welcome to HuntCode and our website at huntcode.com (the "Website"). At HuntCode, we are committed to protecting and respecting your privacy.

This Privacy Policy sets out the basis on which we will process any Personal Data that we may collect about you when you visit or interact with our Website or use our related services, applications, and products (collectively, the "Services"). It also explains how we protect your privacy and your rights in relation to our use of your Personal Data.

What is personal data?

"Personal Data" means any information relating to an identified or identifiable individual or natural person. This includes, in particular, information such as your name, date of birth, postal address, telephone number, and email address, and may also include online identifiers such as your IP address.

Data is considered anonymous where it does not relate to an identified or identifiable individual, or where the data has been rendered anonymous in such a way that the individual is not or is no longer identifiable.

What is processing?

"Processing" means any operation or set of operations performed on Personal Data, whether or not by automated means. This includes, for example, the collection, recording, organization, structuring, storage, use, disclosure, analysis, or deletion of Personal Data.

What law applies?

We process Personal Data in accordance with applicable data protection and privacy laws. This includes, where relevant, U.S. state privacy laws such as the Tennessee Information Protection Act ("TIPA"), as well as, where applicable, the EU General Data Protection Regulation ("GDPR").

Who is the data controller?

A "data controller" is a person or organization who alone or jointly determines the purposes for which, and the manner in which, Personal Data is or will be processed.

In this sense, HuntCode, Inc., a Delaware corporation ("HuntCode", "we", "us", "our"), is the data controller. If you have any questions about this Privacy Policy or our data processing practices, you may contact us by email at admin@huntcode.com with "Data Protection" in the subject line.

What are the legal bases for processing personal data?

We rely on one or more of the following legal bases to process your Personal Data, as applicable:

  • you have given your consent;
  • the processing is necessary for the performance of a contract with you or to take steps at your request prior to entering into a contract;
  • the processing is necessary for compliance with a legal obligation; or
  • the processing is necessary for our legitimate interests, provided that such interests are not overridden by your rights and interests.

What personal data do we collect from you?

We may collect and process the following Personal Data about you when you use our Website:

a) Personal Data that you give us:
This is information that you voluntarily provide to us by filling in forms on our Website or by corresponding with us. It may include, for example, your name and email address, and any other information you choose to provide. This data is collected and processed for the purposes of contacting you, responding to your request, and, where applicable, initiating or performing a contractual relationship. Such data is retained only for as long as necessary to fulfill these purposes, unless a longer retention period is required or permitted by law. The legal basis for processing is one or more of the following, as applicable: our legitimate interests, the provision or initiation of a contract, and your consent.

b) Personal Data that our Website and other systems collect about you:
If you visit our Website, certain information is automatically collected about your device and your interaction with the Website. This may include the Internet Protocol (IP) address used to connect your device to the Internet, browser type, operating system, referring URLs, timestamps, and information about the pages you visit. We process this information to operate, maintain, secure, and improve the performance and reliability of our Website, as well as to prevent abuse and ensure system security. The legal basis for this processing is our legitimate interests.

We use the hosting services of AWS (Amazon) for hosting and displaying our Website. Amazon processes data on our behalf, which means that Personal Data collected through our Website may be processed on Amazon's servers. The legal basis for this processing is our legitimate interests and, where applicable, the initiation or performance of a contract.

c) Cookies
We use cookies that are strictly necessary for the operation of our Website. These cookies enable core functionality such as security, authentication status, and proper display of content based on whether a user is signed in.

Because these cookies are strictly necessary, they do not require your consent under applicable data protection and privacy laws. We do not use cookies for advertising, profiling, or cross-site tracking purposes.

If we introduce non-essential cookies in the future, we will update this policy and, where required by law, obtain your consent before using such cookies.

d) Analytics
For business, security, and operational purposes, we analyze aggregated and anonymized information relating to web and server traffic patterns, Website interactions, and usage behavior in order to operate, maintain, secure, and improve our Website and Services. Such analytics are performed using privacy-focused measurement tools that do not use cookies and do not track individual users across Websites.

In addition, we operate security and infrastructure monitoring systems, including web application firewalls and server logging tools, which may process technical information such as IP addresses, user agent strings, timestamps, and request metadata for the purposes of security monitoring, abuse prevention, system reliability, and incident response. This information is not used for advertising, profiling, or behavioral tracking.

Where such technical information constitutes Personal Data under applicable law, it is processed on the basis of our legitimate interests in maintaining the security, integrity, and availability of the Services and is retained only for as long as reasonably necessary.

We may collect and process the following Personal Data about you when you use our Services:

a) Contacting us
You can contact us in various ways, and certain Personal Data is processed in the course of doing so. You provide us with most of the data that we process when you contact us, such as your name and email address. This data is collected and processed for the purposes of responding to your inquiry, communicating with you, and, where applicable, initiating or performing a contractual relationship. Such data is retained only for as long as necessary to fulfill these purposes, unless a longer retention period is required or permitted by law. The legal basis for processing is one or more of the following, as applicable: our legitimate interests, the provision or initiation of a contract, and your consent.

b) Contracting with us and using our Services
We process the Personal Data that arises when you use our Services in order to provide our contractual services. In particular, this includes our support, correspondence with you, invoicing, fulfillment of our contractual obligations, accounting, and tax obligations. Accordingly, the data is processed on the basis of the fulfillment of our contractual obligations and our legal obligations. The legal basis for processing is the provision or initiation of a contract and, where applicable, your consent.

c) If you create an account
If you register for an account, we collect the information provided through our registration form, which currently consists of your email address and selected password. Your password is transmitted and stored in encrypted form so that it cannot be read by third parties. For the purpose of logging in to our Services, you will provide your email address and password.

As part of our account security measures, we may check user-selected passwords against databases of known compromised credentials using privacy-preserving techniques. This process does not involve transmitting your full password and is intended to help prevent the use of passwords that have appeared in known data breaches.

To protect our Services from automated abuse, we use security verification tools such as Cloudflare Turnstile. These tools may process technical information such as IP address, browser characteristics, and interaction signals solely for the purpose of verifying that requests are made by humans and maintaining the security of our Services.

We retain your account information for as long as you maintain an active account with us or as otherwise necessary to provide our Services, comply with legal obligations, or resolve disputes. The legal basis for processing is the provision or initiation of a contract and, where applicable, your consent.

d) If you buy a subscription
If you take out a subscription, your payment information will be processed by our third-party payment service provider, Lemon Squeezy. Payment data is processed directly by Lemon Squeezy in accordance with their applicable privacy and security practices, and we do not store or have direct access to your full payment card details. The legal basis for processing payment data is the establishment and performance of the contract.

e) Administrative Tasks
Lastly, we process Personal Data in the context of administrative tasks, as well as the organization of our operations, financial accounting, and compliance with legal obligations, such as archiving. In this regard, we process the same categories of Personal Data that are processed in the course of providing our contractual services. The purpose and our interest in such processing lie in the administration, financial accounting, office organization, and archiving of data, i.e., tasks that support the maintenance of our business activities, the performance of our obligations, and the provision of our Services. The legal basis for this processing is the provision or initiation of a contract, compliance with legal obligations, and, where applicable, our legitimate interests or your consent.

Change of purpose

We will only use your Personal Data for the purposes for which we collected it as detailed above, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your Personal Data for an unrelated purpose, we will notify you, and we will explain the legal basis which allows us to do so.

Data sharing

In certain cases, it is necessary to disclose Personal Data to third parties in the course of providing our Services. In this respect, there are different recipient organizations and categories of recipients.

Internal
If necessary, we share your Personal Data within HuntCode. Access to your Personal Data is restricted to authorized employees and contractors who require such access in order to perform their job functions, such as providing our products or Services or responding to inquiries.

External bodies
Personal Data may be disclosed to our service providers and partners in the following circumstances:

  • In the context of performing or fulfilling a contract with you;
  • To communicate with you;
  • To operate, maintain, secure, and provide our Website and Services; and
  • To governmental authorities or institutions where required by law or reasonably necessary.

International transfers
We may transfer or disclose your Personal Data to recipients located in countries outside your jurisdiction where necessary for the purposes described in this Privacy Policy. Where such transfers occur, we implement appropriate safeguards, including contractual protections and technical and organizational measures, to ensure an adequate level of data protection in accordance with applicable law.

How long do we keep your personal data?

We retain Personal Data only for as long as necessary to fulfill the purposes for which it was collected, including to provide our Services, comply with legal obligations, resolve disputes, and enforce our agreements. Where appropriate, Personal Data may be deleted or anonymized.

  • where it is no longer necessary to retain the Personal Data for the purposes for which it was collected;
  • where the Personal Data is determined to be inaccurate and cannot be corrected; or
  • where you withdraw your consent, and no other legal basis for processing applies.

In some cases, legal, regulatory, or contractual obligations may require us to retain Personal Data for specified periods. We may also retain Personal Data for longer periods where necessary in connection with legal claims, audits, or dispute resolution, to the extent required or permitted by law.

Data security

Our Website and Services use SSL or TLS encryption to help ensure the security of data processing and to protect the transmission of confidential information, such as login credentials and other account-related information. We have also implemented appropriate technical and organizational security measures, such as encryption and access controls based on the principle of least privilege, to help protect Personal Data processed through our Website and Services against unauthorized access, loss, or misuse.

Marketing

Where you have provided your consent, we may process your Personal Data for marketing and promotional communications. Such communications, if any, are typically delivered by email and may include product updates, service-related announcements, or other information we believe may be of interest to you. Marketing communications may be managed by us directly or by service providers acting on our behalf. You may opt out of receiving marketing communications at any time by using the unsubscribe mechanism included in such messages.

Linked sites

For your convenience, our Website may contain hyperlinks to third-party Websites. We are not responsible for the privacy practices of Websites or organizations that are not owned or controlled by us, and this Privacy Policy does not apply to them. When you follow a link and leave our Website, the third-party site you visit may collect information about you in accordance with its own privacy practices.

We do not endorse any linked Websites, their products, services, or content. We encourage you to review the privacy policies of any third-party Websites you visit to understand how your information may be collected, used, and protected.

Social media

We maintain a presence on social media platforms based on our legitimate interests. If you contact or interact with us through social media, your Personal Data may be processed by both us and the relevant social media platform in accordance with our respective privacy practices. The Personal Data we receive through such interactions is used solely to respond to your inquiry or communication. The legal basis for this processing is our legitimate interests and, where applicable, your consent.

Your rights and privileges

Privacy rights
Subject to applicable law, you may have the following rights:

  • The right to access;
  • The right to rectification;
  • The right to erasure;
  • The right to restrict processing;
  • The right to object to processing;
  • The right to data portability;

Update your information and withdraw your consent
If you believe that the information we hold about you is inaccurate, wish to request its rectification or deletion, or object to processing based on our legitimate interests, please contact us.

Access request
If you wish to make a Data Subject Access Request, please contact us. We will respond to requests regarding access and correction as soon as reasonably possible and within the timeframes required by applicable law. If we are unable to respond to your request within the applicable timeframe, we will inform you of the reason for the delay and the expected timeframe for our response. If we are unable to provide you with any Personal Data or to make a requested correction, we will explain the reason for our decision.

What we do not do

  • We do not knowingly request Personal Data from minors and children;
  • We do not process special category or sensitive Personal Data, as defined under applicable law, without obtaining prior specific consent;
  • We do not use automated decision-making, including profiling; and
  • We do not sell your Personal Data.

Who is the competent data protection authority?
The competent supervisory authority depends on your place of residence. In the United States, this is generally the Attorney General of the state in which you reside. Users may also have the right to lodge a complaint with a data protection or consumer protection authority in their jurisdiction. We would, however, appreciate the opportunity to address your concerns before you contact any supervisory authority.

Data Breaches and Notification
Databases or records containing Personal Data may be breached accidentally or through unlawful intrusion. Where required by applicable law, and upon becoming aware of a qualifying data breach, we will notify affected individuals whose Personal Data may have been compromised and provide information regarding the nature of the breach and the measures taken to address it. Notifications will be made in accordance with applicable legal requirements and timelines.

USA Specific Provisions

The following applies to users located in the United States. While privacy and consumer data protection laws in the United States vary by state and there is currently no single federal data protection framework equivalent to the EU’s GDPR, we are committed to complying with applicable state privacy and consumer protection laws that apply to you based on your place of residence.

As of the date of this Privacy Policy, several U.S. states have enacted comprehensive privacy and consumer data protection laws, including, but not limited to, California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Montana, Oregon, Texas, Utah, and Virginia. In light of the similarities among these laws, we generally apply a uniform approach to privacy rights across the United States, providing all users with the same rights and protections described in this Privacy Policy. Where ambiguity exists or where state laws differ, we apply the most stringent applicable standard in order to ensure a high level of protection for your Personal Data.

Further, the following also apply:

  • i) "Shine the Light"
    California's "Shine the Light" law (California Civil Code Section 1798.83) permits California residents, in certain circumstances, to request information regarding a business's disclosure of Personal Data to third parties for the third parties' direct marketing purposes. Where applicable, you may make such a request using the contact details provided in this Privacy Policy.
  • ii) COPPA (Children's Online Privacy Protection Act)
    The Children's Online Privacy Protection Act (COPPA) provides parents with control over the collection of Personal Data from children under the age of 13 and is enforced by the U.S. Federal Trade Commission. Our Website and Services are not directed to children under the age of 13, and we do not knowingly collect Personal Data from children under 13. If we become aware that Personal Data from a child under 13 has been collected without verified parental consent, we will take appropriate steps to delete such information.
  • iii) CAN SPAM Act
    The CAN-SPAM Act sets rules for commercial email communications, establishes requirements for commercial messages, and provides recipients with the right to opt out of receiving marketing emails. In compliance with CAN-SPAM, our marketing communications include a clear and accessible unsubscribe mechanism. If you no longer wish to receive promotional or marketing emails from us, you may follow the unsubscribe instructions included in those messages or contact us directly, and we will honor your request promptly. You may continue to receive transactional, security, or service-related communications where permitted or required by law.
  • iv) Telephone Consumer Protection Act (TCPA)
    Where applicable, and only where you have provided the required prior express consent, we may send SMS marketing communications. If you receive such messages, you may opt out of further marketing communications at any time by replying "STOP" in accordance with the instructions provided in the message. Any processing of Personal Data for SMS marketing purposes is carried out on the basis of your consent and in compliance with applicable TCPA requirements. You may continue to receive non-marketing, transactional, or service-related messages where permitted or required by law.
  • v) Controls For Do-Not-Track Features
    Most web browsers and some mobile operating systems and applications include a Do-Not-Track ("DNT") feature that allows you to signal your preference not to have information about your online browsing activities tracked. At this time, there is no uniform industry standard for recognizing or responding to DNT signals. As a result, our Website does not currently respond to DNT browser signals or other mechanisms that automatically communicate your tracking preferences. If an applicable standard for online tracking is adopted in the future, we will update this Privacy Policy accordingly.
  • vi) Right to complain
    You have the right to lodge a complaint regarding our processing of Personal Data with the appropriate supervisory or regulatory authority responsible for data protection or consumer protection in your jurisdiction. In the United States, this is generally the Attorney General or a similar authority in your state of residence. We would, however, appreciate the opportunity to address your concerns directly before you contact any supervisory authority.

Canada and Mexico specific provisions

Canada and Mexico have enacted comprehensive data protection laws that are broadly aligned with principles reflected in the EU General Data Protection Regulation (GDPR), including the Personal Information Protection and Electronic Documents Act ("PIPEDA") in Canada and the Federal Law for the Protection of Personal Data in the Possession of Private Parties ("LFPDPPP"), as supplemented by its implementing regulations, in Mexico. In light of the similarities among these frameworks, we apply a consistent and high standard of privacy protection to users located in Canada and Mexico, as described in this Privacy Policy. Where differences or ambiguities arise, we apply the most stringent applicable standard to help ensure the protection of your Personal Data.

With respect to the right to lodge a complaint, Canada's national supervisory authority is the Office of the Privacy Commissioner (www.priv.gc.ca). In Mexico, following constitutional reforms effective in 2025, the authority responsible for the enforcement of data protection and transparency laws is the Ministry of Anticorruption and Good Governance (Secretaría Anticorrupción y Buen Gobierno). Users located in Mexico may exercise their rights or lodge complaints with the competent authority in accordance with applicable law.

Help and complaints

If you have any questions, concerns, or complaints regarding this Privacy Policy, our data protection practices, or your Personal Data, you may contact us by email at admin@huntcode.com with "Data Protection" in the subject line.

Changes

This Privacy Policy was first issued on Sunday, November 3rd, 2024. We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or other operational reasons. The effective date stated above reflects the most recent version. Prior versions of this Privacy Policy may be made available for reference on our Website.

View previous policies