Privacy Policy

Last updated: March 9, 2026

1. Introduction

Positron Labs ("we," "us," or "our") operates the Positron Flux website at positronflux.com and the Positron Flux software-as-a-service platform (collectively, the "Service"). This Privacy Policy explains how we collect, use, share, and protect your personal information when you interact with our Service.

We are committed to protecting your privacy and processing your data in accordance with the General Data Protection Regulation (GDPR), the UK GDPR, and other applicable data protection laws.

2. Information We Collect

Information you provide directly

• Waitlist registration: When you join our waitlist, we collect your name and email address via our form provider (Tally.so).
• Account information: When the Platform becomes available, you may provide your name, email address, organisation name, and other profile details during registration.
• Communications: If you contact us, we retain the content of your messages along with your contact details.

Information collected automatically

• Usage data: We may collect information about how you use the Service, including pages visited, features used, and interaction patterns.
• Device and browser information: IP address, browser type and version, operating system, referring URL, and language preferences.
• Cookies and local storage: We use local storage for theme preferences and cookie consent. See our Cookie Policy for details.

Information from third-party integrations (Platform)

When you connect third-party tools (e.g. GitHub, GitLab, Jira, Azure DevOps) to the Platform, we access and process data from those tools as necessary to provide delivery metrics and insights. This may include commit metadata, pull/merge request data, issue data, and deployment records. We do not access source code content unless explicitly required for a feature you enable.

3. How We Use Information

We use the information we collect to:

• Provide, operate, and maintain the Service.
• Process your waitlist registration and communicate with you about the Service.
• Create and manage your account on the Platform.
• Generate delivery performance metrics and insights.
• Respond to your enquiries and provide customer support.
• Send you important notices, such as changes to our Terms or this Privacy Policy.
• Analyse usage patterns to improve and develop the Service.
• Detect, prevent, and address technical issues and security threats.
• Comply with legal obligations.

4. Legal Basis for Processing (GDPR Article 6)

We process your personal data on the following legal bases:

• Consent (Art. 6(1)(a)): When you submit the waitlist form or accept cookies, you consent to the processing described at the point of collection.
• Contract (Art. 6(1)(b)): Processing necessary to provide the Service under our Terms of Service.
• Legitimate interests (Art. 6(1)(f)): Improving the Service, ensuring security, and understanding usage patterns, where these interests are not overridden by your data protection rights.
• Legal obligation (Art. 6(1)(c)): Where we need to process data to comply with applicable law.

5. Third Parties

We may share your information with the following categories of third parties:

• Tally.so: Our waitlist form provider processes your name and email when you join the waitlist. Tally.so acts as a data processor on our behalf. See Tally.so's Privacy Policy.
• Hosting and infrastructure: We use cloud hosting providers to store and serve the Service. Details of our hosting providers are available upon request.
• Analytics: We do not currently use third-party analytics services.
• Third-party integrations (Platform): When you connect external tools, data flows between those tools and the Platform as necessary to provide the Service.
• Legal requirements: We may disclose information if required by law, regulation, or legal process, or to protect our rights, users, or the public.

6. International Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA) or the United Kingdom. When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses (SCCs) approved by the European Commission.
• Adequacy decisions by the European Commission or UK government.
• Other lawful transfer mechanisms as required by applicable law.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

• Waitlist data: Until the Platform launches and you either create an account or request deletion, whichever comes first.
• Account data: For the duration of your account plus 12 months after account closure.
• Platform usage data: Aggregated and anonymised data may be retained indefinitely for analytical purposes.

8. Your Rights (GDPR Articles 15–22)

Under the GDPR, you have the following rights regarding your personal data:

• Access (Art. 15): Request a copy of the personal data we hold about you.
• Rectification (Art. 16): Request correction of inaccurate or incomplete data.
• Erasure (Art. 17): Request deletion of your data ("right to be forgotten").
• Restriction (Art. 18): Request restriction of processing in certain circumstances.
• Portability (Art. 20): Request your data in a structured, commonly used, machine-readable format.
• Objection (Art. 21): Object to processing based on legitimate interests or direct marketing.
• Automated decisions (Art. 22): Not be subject to decisions based solely on automated processing with legal or significant effects.

To exercise any of these rights, contact us at [email protected]. We will respond within one month, as required by law.

You also have the right to lodge a complaint with your local data protection authority. In Ireland, this is the Data Protection Commission (dataprotection.ie).

9. Children's Privacy

The Service is not intended for children under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

10. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption in transit and at rest, access controls, and regular security reviews. However, no method of transmission over the Internet or electronic storage is completely secure, and we cannot guarantee absolute security.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date above. If we make material changes, we will notify you by email or by posting a prominent notice on the Website. We encourage you to review this policy periodically.

12. Contact / Data Protection Officer

If you have questions about this Privacy Policy or our data practices, please contact us:

• Email: [email protected]