Privacy Policy

Effective date: March 2026

1. Who We Are

Blitera is a governed link and document access platform currently operated as a controlled beta / Design Partner Program for organization-focused use cases.

During the beta, billing is not active yet, access may be manually reviewed, and features or limits may change as the product is validated with selected users.

2. Data We Collect

We collect only the minimum data required to provide our service:

Account data: Email address and hashed passwords for authenticated users.
Link metadata: Access logs, IP addresses (for geo-restriction analysis), and usage statistics.
Protected content: Files, document metadata, collection metadata, and related access settings when you choose to upload or manage them through the Service.
Operational data: Account activity, API key activity, support requests, security events, and quota or usage signals needed to operate and protect the Service.

We do not sell, rent, or trade your data.

Please do not upload highly sensitive production documents during the beta unless this has been agreed directly with Blitera.

3. How We Use Your Data

Your data is used exclusively to operate the service, ensure the security of your shared links, and improve the platform.

4. Cookies & Tracking (Zero Tracking Policy)

Blitera takes privacy seriously. We only use strictly necessary cookies to ensure the security and core functionality of the platform for authenticated users:

Cookie Name	Purpose	Duration	Type
session_token	Authentication & Session Management	Session	HttpOnly
csrftoken	CSRF Protection (Security)	Session	Secure
bl_account_id, bl_logged_in, bl_user_email, bl_user_plan	Application UI state for authenticated users	Session	Signal
bl_access_*	Temporary access state for protected shared links when required	Temporary	Functional

We do not use Google Analytics, tracking pixels, or third-party advertising cookies.

For recipients of your shared links: Visitors who access a shared link (e.g., /r/...) are not tracked with analytics or advertising cookies. Some protected flows may use a strictly necessary temporary cookie to remember access during the current interaction.

5. Data Retention

Links, files, documents, and associated logs are retained according to account limits, operational safeguards, and beta policies. When an item expires, is deleted, or an account deletion is completed, Blitera removes the related data according to the applicable deletion workflow and technical safeguards.

6. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the right to access, rectify, erase, and portability of your data.

Right to Erasure (Right to be Forgotten)

When you request account deletion through your profile, your account is immediately deactivated and hidden. We provide a 30-day grace period before permanent erasure.

Recovery: You can cancel the deletion and restore all your data by simply logging back into your account within 30 days.
Permanent Purge: After 30 days, all your data (files, links, keys, and profile) is permanently and irreversibly deleted from our servers.

To exercise your other rights or for any questions regarding your data, please contact our support via our Support Portal.

7. Hosting & Infrastructure

Blitera is designed for Europe-focused use and relies on Microsoft Azure EU infrastructure where configured. During the beta, hosting, operational procedures, and product controls may evolve as the platform is validated.