Alyndo
Privacy

Privacy Policy

How Alyndo collects, uses, and protects personal data — GDPR-compliant by design.

Last updated: 1 May 2026

1. Who we are

Alyndo is a product operated by Byte IT, a Croatian business based in the Zagreb area (Jastrebarsko). In this policy "Alyndo", "we" and "us" refer to Byte IT acting under the Alyndo brand. We provide a multi-tenant CRM platform under the alyndo.com domain. We act as a data processor for our customers' data and as a data controller for visitor and lead data collected on this marketing website.

2. What data we collect

We collect only the data we need to operate the service and to talk to you. That includes:

  • Account information — name, work email, company, role.
  • Usage data — pages viewed, features used, performance and error telemetry.
  • Communications — emails, support tickets, and chat messages you send us.
  • Marketing data — the content of forms you submit on this website (e.g., demo requests).

3. How we use it

We use personal data to provide the service, secure it, communicate with you about it, and improve it. Specifically:

  • Operate, maintain, and secure the Alyndo platform.
  • Authenticate users and prevent abuse.
  • Send service notifications and respond to support requests.
  • Send marketing communications you've opted into (you can opt out anytime).
  • Comply with legal obligations (e.g., tax records, lawful requests).

4. Legal basis (GDPR)

We rely on one of the following legal bases for each processing activity: performance of a contract, our legitimate interests (e.g., service security), your explicit consent (e.g., marketing emails), and legal obligations.

5. Sharing your data

We do not sell personal data. We share data only with carefully chosen sub-processors that help us operate the service — cloud hosting (Hetzner, EU), email delivery, error tracking, and analytics. A current list is available on request.

6. Data retention

We keep account data while your account is active and for up to 12 months after cancellation, to handle disputes and meet legal obligations. Marketing data we collect on this website is kept for up to 24 months unless you ask us to delete it sooner.

7. Your rights

Under GDPR, you can: access the data we hold about you, correct it, ask us to delete it, restrict or object to processing, and request a portable export. Email info@alyndo.com and we'll respond within 30 days.

8. International transfers

We host customer data in the EU. Where we use sub-processors outside the EU, we rely on Standard Contractual Clauses and additional safeguards to protect your data.

9. Security

All data is encrypted in transit (TLS 1.2+) and at rest. Production access is restricted to a small set of engineers, logged, and reviewed. We run regular penetration tests and publish a security overview on request.

10. Changes to this policy

We update this policy from time to time. Significant changes will be announced by email and on this page. The latest version always lives at /privacy.

Questions?
Contact our Data Protection Officer at info@alyndo.com.