Privacy Policy

Name: Transcodes
Availability: pricing
Author: Bigstrider Inc.

Last Updated: February 5, 2026

This Privacy Policy describes how Bigstrider Inc. d/b/a Transcodes (“Transcodes,” “we,” “us,” or “our”) collects, uses, discloses, stores, and protects information in connection with:

the website located at transcodes.io and related pages, and
Transcodes-hosted scripts, SDKs, APIs, and authentication/security services embedded or integrated by customers (collectively, the “Services”).

By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, do not access or use the Services.

1. Scope and Roles

This Privacy Policy applies to:

website visitors,
account holders and customer administrators,
end users interacting with customer applications that integrate Transcodes components.

Data Protection Roles

For end-user data processed through customer applications, the customer is typically the controller/business, and Transcodes acts as processor/service provider.
For account, billing, security, and operational data related to our direct relationship with users/customers, Transcodes acts as controller/business.
Customers are solely responsible for providing legally required privacy notices and obtaining required consents for their own end users where applicable.

2. Definitions

Personal Data: Information relating to an identified or identifiable natural person.
Usage Data: Technical and telemetry data (e.g., IP address, device/browser metadata, request paths, timestamps, event logs, diagnostics).
Customer Data: Data submitted to or processed through the Services by or on behalf of a customer.
Sensitive Data: Data subject to heightened legal protections under applicable law.

3. Categories of Data We Collect

Depending on context and configuration, we may collect:

Account and Profile Data

Name, email address, organization, role, profile image, country/region, account identifiers.

Authentication and Security Data

Login events, passkey/WebAuthn metadata, MFA-related events, risk signals, session metadata, anti-abuse indicators, audit logs.

Technical and Usage Data

IP address, device identifiers, OS/browser details, language, referrer, page/event interactions, crash/error diagnostics, performance data.

Commercial and Transaction Data

Billing contacts, subscription details, invoice metadata, and limited payment metadata from payment processors.

Support and Communication Data

Support tickets, communications, feedback, and service-related correspondence.

Cookies and Similar Technologies

Cookies, local storage, pixels, tags, and related tracking technologies.

Information You Voluntarily Provide

Any data submitted via forms, onboarding, support channels, or integrations.

We do not knowingly collect children’s data where prohibited by law.

4. Legal Bases for Processing

Where required by law (including GDPR/UK GDPR), we process Personal Data under one or more of these bases:

performance of a contract,
compliance with legal obligations,
legitimate interests (including security, fraud prevention, service reliability, and improvement),
consent (where legally required),
establishment, exercise, or defense of legal claims.

5. How We Use Data

We use collected data to:

provide, operate, maintain, and improve the Services;
authenticate users and enforce access controls (including passkeys, RBAC, session controls, and logging);
detect, prevent, investigate, and remediate fraud, abuse, and unauthorized access;
process subscriptions, billing, and account administration;
provide support and essential service communications;
perform analytics, diagnostics, monitoring, and quality assurance;
satisfy legal, regulatory, tax, accounting, and compliance obligations;
enforce contractual rights and protect legal interests.

We do not sell Personal Data for monetary consideration.

6. Security and Embedded Scripts

We apply commercially reasonable technical and organizational safeguards, including measures such as encryption in transit, access controls, monitoring, and security logging.

Transcodes delivers embedded scripts/components intended for lawful security and authentication use. We do not intentionally include malicious code designed to damage systems, create unauthorized backdoors, or unlawfully access customer databases.

No system is absolutely secure. The Services are not guaranteed to be uninterrupted, error-free, or immune from all threats.

No Liability; Customer-Controlled Environment

To the fullest extent permitted by applicable law, Transcodes assumes no responsibility and shall have no liability for customer-side implementation, configuration, permissioning, policy decisions, infrastructure, or operational practices.

This includes, without limitation, vulnerabilities or incidents caused by customer code, third-party code, credential compromise, endpoint compromise, network misconfiguration, or other systems outside Transcodes’ reasonable control.

We may disclose data to:

hosting, cloud, analytics, monitoring, communication, and payment vendors acting as service providers/subprocessors;
affiliates and corporate group entities;
legal, accounting, audit, and other professional advisors;
law enforcement, regulators, courts, or authorities where required by valid legal process or law;
counterparties in mergers, acquisitions, financing, reorganization, bankruptcy, or asset transfers.

We require appropriate confidentiality and data-protection obligations where applicable.

8. Third-Party Services Disclaimer

The Services may integrate with third-party tools, plugins, SDKs, payment processors, analytics services, hosting providers, and external platforms. Their data practices are governed by their own policies and terms.

To the maximum extent permitted by law, Transcodes bears no liability for third-party acts, omissions, downtime, breaches, data handling, or security failures outside Transcodes’ direct control.

9. International Data Transfers

Your information may be processed in jurisdictions different from your own. Where legally required, we implement recognized transfer safeguards (including contractual protections and supplementary measures as appropriate).

10. Data Retention

We retain Personal Data only as long as necessary for:

providing the Services,
legitimate operational and security needs,
legal, tax, accounting, audit, and compliance obligations,
dispute resolution and enforcement.

Retention periods vary by data type and legal requirements. We may aggregate or de-identify data for lawful business purposes.

11. User Rights

Subject to applicable law, data subjects may have rights to:

access,
rectify/correct,
delete,
restrict processing,
object,
portability,
withdraw consent (where applicable),
lodge complaints with a competent supervisory authority.

We may verify identity and may deny or limit requests where permitted by law.

12. Cookies and Tracking Technologies

We use cookies and related technologies for:

essential functionality,
security and fraud prevention,
service performance and analytics,
session continuity and preferences.

Where legally required, we request consent for non-essential cookies. Disabling cookies may affect functionality.

The Services may not respond to “Do Not Track” signals unless explicitly stated otherwise.

13. Customer Obligations

Customers represent and warrant that they:

have lawful basis to collect and share data with Transcodes;
provide required notices and obtain required consents;
configure Services in compliance with law and internal policies;
handle end-user rights requests when acting as controller/business.

Customers are solely responsible for their own application behavior, content, and business decisions.

14. Incident Response and Operational Logs

We may collect and use logs (including IP and event metadata) for security monitoring, abuse detection, troubleshooting, incident investigation, legal compliance, and enforcement of platform rules.

To the maximum extent permitted by law, the Services are provided on an “as is” and “as available” basis, without warranties except as expressly required by applicable law or written agreement.

To the fullest extent permitted by law:

Transcodes disclaims liability for indirect, incidental, special, consequential, exemplary, or punitive damages;
Transcodes is not liable for loss of profits, revenue, goodwill, business opportunities, or data arising from or related to privacy/security events not directly caused by Transcodes’ gross negligence or willful misconduct;
any aggregate liability shall not exceed the liability cap set forth in the applicable Terms of Service, Order Form, or other governing agreement.

Except where prohibited by law, Transcodes shall have no liability beyond the contractually agreed limits.

16. Changes to This Privacy Policy

We may update this Privacy Policy at any time. Updates will be posted on this page with a revised “Last Updated” date. Where appropriate, we may provide additional notice through the Services.

Continued use of the Services after an update becomes effective constitutes acceptance of the updated Privacy Policy to the extent permitted by law. Where required, renewed consent will be requested.

17. California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you.
Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions.
Right to Correct: You have the right to request correction of inaccurate personal information.
Right to Opt-Out: You have the right to opt-out of the sale or sharing of your personal information. We do not sell personal information as defined by CCPA.
Right to Limit Use of Sensitive Personal Information: You have the right to limit the use and disclosure of sensitive personal information.
Right to Non-Discrimination: You have the right not to receive discriminatory treatment for exercising your privacy rights.

Categories of Personal Information Collected: As described in Section 3 of this Privacy Policy.

How to Exercise Your Rights: To exercise any of these rights, please contact us at hello@bigstrider.co. We will verify your identity before processing your request.

Do Not Sell or Share My Personal Information: We do not sell or share personal information for cross-context behavioral advertising purposes.

18. Governing Documents and Claims

This Privacy Policy should be read together with the Terms of Service, Data Processing Addendum (if applicable), and any executed commercial agreement. In case of conflict, the governing agreement controls to the extent permitted by law.

Any claim related to this Privacy Policy is subject to the dispute resolution, venue, arbitration, class-action waiver, indemnity, warranty disclaimer, and limitation-of-liability provisions in the governing agreement, except where prohibited by law.

19. Contact

For privacy-related inquiries: hello@bigstrider.co