Personal Data Processing Policy
Last updated: May 2026
1. Data Controller
CrystalByte is the data controller responsible for processing your personal data. Contact: info@crystalbyte.am
2. Categories of Personal Data
We process the following categories of personal data: identification data (name, email, phone number), payment data (processed securely via IDBank VPOS), technical data (IP address, browser type, device information), and usage data (interactions with our platform).
3. Legal Basis for Processing
We process your personal data based on: (a) contract performance — to provide services you have subscribed to; (b) legal obligation — to comply with applicable laws; (c) legitimate interest — to improve our services and ensure security; (d) your consent — for marketing communications.
4. Data Retention
We retain your personal data for as long as necessary to provide our services and comply with legal obligations. Account data is retained for the duration of your subscription and up to 3 years after account closure. Payment records are retained for 7 years as required by Armenian tax law.
5. Data Sharing
We share your data only with: IDBank (payment processing), Supabase (secure data storage), Google (analytics), and Resend (transactional email). We do not sell your data to third parties.
6. Data Subject Rights
You have the right to: access your personal data, correct inaccurate data, request deletion of your data, object to processing, and request data portability. To exercise any of these rights, contact us at info@crystalbyte.am.
7. Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.
8. Contact
CrystalByte · info@crystalbyte.am · crystalbyte.am