Skip to main content
Stringhive

Legal

Privacy Policy

Effective May 1, 2026. Questions? Email hello@stringhive.com.

Stringhive is a translation management platform built for developer teams. This policy explains what data we collect when you use the service, how we use it, and what choices you have. We've tried to write it plainly because privacy policies written in legalese help nobody.

The data controller for your personal data is Blendbyte Inc., operating as Stringhive ("we", "us", "our"). If you have questions or want to exercise any of your rights, email us: hello@stringhive.com.

1. What we collect

Account information

When you sign up, we collect your name, email address, and a hashed password. If you create or join a team, we store the team name and your role within it.

Translation content

We store the source strings, translation strings, keys, locales, and any glossary terms you create. This content belongs to you. We store it to provide the service and for nothing else.

Activity and usage data

We keep a log of actions taken on strings (translated, reviewed, approved) so your team has a useful activity history. We also collect basic usage telemetry (pages visited, features used) to understand how the product is being used and where to improve it.

API tokens

We store hashed identifiers for your API tokens so we can authenticate requests. The raw token value is shown to you once at creation and never stored by us.

Billing information

Payments are processed by Paddle, our payment provider, who acts as Merchant of Record. When you subscribe to a paid plan, your payment details are handled directly by Paddle under their own privacy policy. We receive only non-sensitive billing metadata (subscription status, plan tier, transaction IDs). We never see or store your card details.

Machine translation

If you use machine translation, your strings are sent to the provider you have configured (DeepL, Google Cloud Translation, Microsoft Azure Translator, or OpenAI) using your own API credentials. That transmission is governed by those providers' own privacy policies. We don't store the raw response from machine translation providers beyond what's needed to show you the draft in the editor.

Preferences stored locally

Your dark/light mode preference is saved in your browser's localStorage. It never leaves your device.

2. Legal basis for processing

If you are in the European Economic Area or the United Kingdom, we process your personal data under the following legal bases:

  • Contract performance: processing your account data, content, and billing information is necessary to provide the service you signed up for.
  • Legitimate interests: collecting usage telemetry and activity logs to improve the product and maintain service security, where this doesn't override your rights.
  • Legal obligation: retaining certain records where required by applicable law.
  • Consent: sending optional marketing or product update emails, where you have opted in.

3. How we use it

  • To run the platform: storing your hives, strings, translations, and team structure
  • To send transactional emails: workflow notifications, team invitations, and account emails like password resets
  • To process payments and manage your subscription via Paddle
  • To improve the product: understanding which features get used helps us know what to build next
  • To contact you about major changes or anything that directly affects your account

We don't send marketing emails without your consent, and we don't use your translation content for any purpose outside of operating the service.

4. Who we share data with

We don't sell your data. We share data only with the sub-processors needed to run the service:

  • Cloud infrastructure provider: hosts the application and database
  • Transactional email provider: sends account and workflow notification emails
  • Paddle: processes payments and handles tax compliance as Merchant of Record
  • Machine translation providers (DeepL, Google, Azure, OpenAI): receive string content only when you actively trigger a machine translation request using your own API credentials

All sub-processors are required to handle data securely and only for the purpose of providing their service to us. We may also disclose data if required by law, or to protect the rights, property, or safety of Stringhive, our users, or others.

5. International data transfers

Stringhive operates globally. Your data may be stored or processed in countries outside your own, including countries that may not have the same data protection laws as your jurisdiction. Where we transfer personal data of EEA or UK residents outside those regions, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or reliance on adequacy decisions.

By using Stringhive, you acknowledge that your data may be transferred and processed in accordance with this policy.

6. Data retention

We keep your data for as long as your account is active. If you delete your account, we'll remove your personal data and content within 30 days, except where we're legally required to retain it for longer (for example, billing records which Paddle retains under tax law).

Activity logs are retained for up to 90 days on the free plan and up to 12 months on paid plans.

7. Your rights

Depending on where you are, you may have rights including:

  • Access: request a copy of the data we hold about you
  • Correction: ask us to fix inaccurate data
  • Deletion: ask us to delete your account and data
  • Portability: get your translation data in a machine-readable format (export is built into the product)
  • Restriction: ask us to limit how we process your data in certain circumstances
  • Objection: object to processing based on legitimate interests
  • Withdraw consent: where processing is based on consent, you can withdraw it at any time

To exercise any of these, email hello@stringhive.com. We'll respond within 30 days. If you're in the EEA or UK and feel we haven't addressed your concern, you have the right to lodge a complaint with your local data protection authority.

8. Cookies

We use a session cookie to keep you logged in. That's it. We don't use advertising cookies or third-party tracking pixels.

Your dark/light mode preference lives in localStorage, not a cookie.

9. Security

We take reasonable technical and organisational measures to protect your data: encrypted connections (HTTPS), hashed passwords, hashed API tokens, and strict access controls. No system is perfect, but we take this seriously.

If you discover a security issue, please report it responsibly to hello@stringhive.com.

10. Children

Stringhive is not intended for anyone under 16. We don't knowingly collect data from children. If you believe we have, contact us and we'll delete it promptly.

11. Changes to this policy

We'll update this policy as the product grows. If we make meaningful changes to how we handle your data, we'll notify you by email or in the app at least 14 days before the changes take effect.

12. Contact

Got a privacy question or concern? We'd love to hear from you: hello@stringhive.com.