LoginBook Technical Discussion
Operational Compliance

Privacy Policy

Effective Date: May 28, 2026Operated by Buggu Labs, India

This Privacy Policy explains how RuntimeHQ collects, uses, stores, and protects information when organizations use the RuntimeHQ platform, website, APIs, SDKs, and operational support systems.

Scope of Policy

This Privacy Policy applies to theRuntimeHQ.com, the RuntimeHQ control dashboards, operational APIs, customer-facing SDKs, technical onboarding channels, and active SRE support workflows.

Exclusion Note: This policy does not govern third-party customer applications or backend architectures that independently consume RuntimeHQ outputs.

Information We Collect

RuntimeHQ processes several technical, administrative, and operational datasets to maintain secure edges and rapid incident propagation flows:

1. Organizational & Admin Details

  • Organization and company names
  • System administrator and operator names
  • Corporate work email addresses
  • Operational session contact parameters
  • Cryptographic credential tokens & metadata
  • Runtime configurations and app IDs

2. Operational State Logs

  • Runtime severity state values
  • Customer outage or maintenance banner strings
  • Incident tracking reference logs
  • Maintenance window timing arrays
  • Administrative audit-trail records
  • Applicable application routing targets

3. Technical Edge Metadata

  • Operator routing IP addresses
  • Agent browser or terminal user-agents
  • Request HTTP header footprints
  • Administrative authentication logs
  • Operational action histories

4. Usage Analytics

  • Google Analytics tracking integration
  • Web discovery and journey behaviors
  • Documentation engagement rates
  • Technical resource and SDK usage metrics

Information We Do Not Intentionally Collect

Our engineering systems are designed to minimize data collection. RuntimeHQ does not require nor intentionally process:

End-User PIIPayment DetailsSensitive InfoHealth RecordsBiometric Keys
SRE Responsibility Checklist: Customer incident managers must ensure that sensitive personal identifiers are excluded from administrative logs, incident banners, and public operational notes.

How We Use Information

We process, map, and store collected technical details exclusively to sustain and secure operational workflows:

• Operating live state edge engines
• Authenticating administrative consoles
• Enforcing strict immutable audit histories
• Resolving SRE operational support tickets
• Auditing platform security indicators
• Communicating downtime warnings

✓ RuntimeHQ does not sell, lease, or distribute customer information to external advertising systems.

Authentication & Session Management

RuntimeHQ deploys session management mechanisms, session cookies, local browser storage states, and cryptographic credential validations to protect dashboard access, sustain operator authorization statuses, and enforce platform-wide SRE boundary protections. Disabling session assets inside browsers may prevent active system controls from loading correctly.

Infrastructure & Subprocessors

1. Infrastructure Data Hosting

By default, RuntimeHQ processes and stores operational database targets using secure enterprise infrastructure providers located in the United States (unless regional boundaries are designated under dedicated enterprise SLA plans). Primary cloud assets are provided by:

Amazon Web Services (AWS)
Cloudflare Edge Engine

2. Trusted Subprocessors

We coordinate with subprocessors to run infrastructure, analytics, and billing pipelines:

SubprocessorPurposeLocation
Amazon Web ServicesPrimary Cloud Compute & Secure Database HostingUnited States / Regional Options
CloudflareGlobal Edge State CDN Propagation & Firewall SystemsGlobal Network
RazorpaySubscription Billing & Invoicing EngineIndia
Google AnalyticsMarketing Discovery & Documentation MetricsGlobal Network

3. Subscription Payments

RuntimeHQ relies on Razorpay to execute payment transactions and corporate invoice pipelines. RuntimeHQ never directly hosts, processes, or captures full credit card credentials or payment matrices on our core systems. All billing transactions are bound by Razorpay's security standards.

Retention & Security Protocols

1. Data Retention Guidelines

We maintain active audit history records, state transitions, incident notes, and operational logs to provide complete timelines for compliance and operational transparency. Historic records are stored in high-reliability archival storage formats to preserve timeline integrity.

2. Platform Security Safeguards

We apply comprehensive SRE boundaries to safeguard integration flows:

✓ HTTPS/TLS Encryption✓ AES Encryption-at-Rest✓ Strict IAM Policies✓ API Credentials Scopes✓ Edge CDN Shielding✓ Continuous Threat Logs

Your Privacy Rights

Based on your company's jurisdiction, you may hold rights to review, correct, restrict, or initiate deletion logs for administrative personal datasets. Compliance inquiries, data processing requests (DPAs), and general disclosures can be directed straight to our privacy team:

[email protected]
Compliance Review

Discuss Data Processing Agreements

Connect with our compliance engineers to evaluate regional replication parameters, dedicated storage boundaries, or execute customized enterprise DPA clauses.

Book technical discussion

No sales pitch. Connect directly with our platform SREs to evaluate integration feasibility.

runtimehq-sre-shell
$ echo $SRE_EMAIL
[email protected]
Recommended Context

To help us prepare for our discussion, please share some context on your current outage banner workflow, such as:

  • Hardcoded banner deployments
  • Toggling CMS content manually
  • Editing feature flags during active incidents
Open Mail Client