Oneandbit

Privacy Policy

Last updated: May 2026

About Oneandbit

Oneandbit is a product of IOStamp LLC ("we", "us", the "Company"). This Privacy Policy explains how we collect, use, and protect your personal information when you use the Oneandbit website and related services (the "Service").

1. Information we collect

  • Account information. Your email address when you sign up, request an invitation, or join the waitlist.
  • Authentication metadata. Magic-link tokens, session identifiers, and the timestamps of sign-in attempts.
  • Device & usage data. IP address, user-agent string, referrer, and basic interaction logs used for security and rate limiting.
  • Optional waitlist context. Source (e.g. UTM parameters), referrer, and any free-text note you choose to share.

2. How we use information

  • To authenticate you and deliver the Service.
  • To enforce invitation controls, rate limit abuse, and protect the integrity of the Service.
  • To communicate transactional messages (sign-in links, account notifications).
  • To notify you of major product milestones during the pre-launch phase, where you have opted in.

3. Legal bases (EU/UK)

We process personal data on the bases of (i) performance of a contract (delivering the Service you requested), (ii) legitimate interests (preventing abuse, securing the platform), and (iii) consent (for any non-essential communications).

4. Sharing

We do not sell personal information. We share data only with service providers acting on our behalf (e.g. our transactional email provider, our managed database host, our error-monitoring provider), each under confidentiality and data-protection obligations.

5. Data retention

Account data is retained while your account is active. Sign-in attempt logs are retained for a limited period for fraud prevention and are then deleted or anonymized. Waitlist entries are retained until you ask us to remove them or until we close the waitlist.

6. Your rights

Depending on your jurisdiction, you may have rights to access, correct, export, or delete your personal information, and to object to or restrict certain processing. To exercise these rights, email privacy@oneandbit.com.

7. Security

We use industry-standard measures including TLS in transit, encryption at rest where supported by our infrastructure, role-based access controls, and row-level security on sensitive database tables. No system is perfectly secure; you should use a unique sign-in email and be vigilant for phishing.

8. International transfers

Our infrastructure providers may process data in the United States and the European Union. Where required, we rely on standard contractual clauses or equivalent safeguards for international transfers.

9. Changes

We may update this policy. Material changes will be communicated by email or a notice on the Service.

10. Contact

Questions about this policy can be sent to privacy@oneandbit.com.

This page is a placeholder pending review by counsel and will be replaced before public launch.