Privacy Policy

Last updated: June 2026

Short version

We collect the minimum we need to run the service. We do not sell your data. We do not run ads. We do not track you across the web.

What we collect when you sign up

  • Email address (for login and account recovery)
  • Display name (shown in the dashboard)
  • Password hash (Argon2id, we never store or see your plain password)

What we collect when you use ByteTunnel

  • Server metadata: name, hostname, port, player cap, creation date
  • API key hashes (SHA-256, we cannot recover the original key)
  • Tunnel connection logs: when the agent connected/disconnected, agent IP, bytes transferred
  • Player connection metadata: player count, connection timestamps. We do not log player IPs on our side.
  • Bandwidth usage per server for plan enforcement

What we do NOT collect

  • Game data, chat messages, or commands passing through the tunnel
  • Player IP addresses (the edge sees them during connection but does not store them)
  • Browsing behavior, cookies from third parties, or analytics trackers
  • Your Minecraft server files, world data, or plugin configuration

How the tunnel handles data

The edge reads the Minecraft handshake to route connections. After that, it forwards raw bytes between the player and your agent without inspecting or storing the content. The edge keeps a connection open for the duration of a player session and discards all packet data when the session ends.

Where your data is stored

Account data and server metadata are stored in a PostgreSQL database hosted in France (OVH, Roubaix). Edge nodes that handle tunnel traffic are in Amsterdam (VibeGAMES). Tunnel traffic passes through the edge but is not persisted.

Who has access

Only the ByteTunnel team has access to the database and infrastructure. We do not share your data with third parties. If we add payment processing in the future, your payment details will be handled by Stripe and never touch our servers.

Data retention

Account data is kept as long as your account exists. If you delete your account, all your data (servers, API keys, tunnel logs) is permanently deleted from the database. We do not keep backups of deleted accounts beyond our standard 7-day database backup rotation.

Your rights (GDPR)

If you are in the EU, you can request a copy of your data, ask us to correct it, or ask us to delete it. Deleting your account from the dashboard handles the deletion part. For data export or other requests, email info@bytetunnel.gg.

Cookies

We use a JWT token stored in localStorage for authentication. We do not use tracking cookies, analytics cookies, or third-party cookies.

Changes

If we change this policy, we will email registered users and update the date at the top. We will not retroactively weaken your privacy protections without consent.

Contact

Privacy questions: info@bytetunnel.gg