This privacy policy (the “Policy”) for Software Mansion S.A. ("Company," "we," "us," or "our"), describes how and why we might collect, store, use, and/or share ("process") your information when you use our products and/or services ("Services"), such as when you:
Questions or concerns?
Understanding this Policy will help you comprehend your rights and choices regarding your privacy. If you disagree with our methods and practices, do not access our Services. For any questions or issues, please contact us at legal@swmansion.com If there are any capitalized terms in this Policy that are not defined, then those terms will have the meaning defined in your agreement with us.
The following definitions are used throughout this Privacy Policy:
Software Mansion Software Product. Any software product owned or created by Software Mansion and provided under Software Mansion’ Subscription Agreement, including but not limited to Detour. This may include, but not be limited to, code that extends the functionality of a Software Mansion Software Product (e.g., a “plugin”). Any such code is governed by its own terms and conditions and privacy policy. This also includes any Products provided free-of-charge, such as alpha and beta version and/or early access of Software Mansion Software Products.
Software Mansion Downloadable Software Product. Any Software Mansion Software Product that can be downloaded and installed on a device, offered on Software Mansion Detour Website.
Software Mansion Software as a Service. Any Software Mansion Software Product that is offered as a hosted solution, where the software is installed and maintained by Software Mansion and provided to you as a service, offered on Software Mansion Detour.
Software Mansion Detour Website. www.godetour.dev.
Software Mansion Terms of Use means Software Mansion Subscription Agreement, Software Mansion Terms of Use for a product, or other agreements you have in place with Software Mansion covering Software Mansion Products. Software Mansion Software Products.
Software Mansion Downloadable Software Products and Software Mansion Website may be collectively referred to as "Software Mansion Products".
Personal Data means any data relating to an identified or identifiable natural person.
Usage Data refers to personal information collected from visitors during their interaction with our public-facing website. This may include contact details voluntarily provided through forms, IP addresses, cookies, and other similar identifiers that help us understand and communicate with users, improve our services, and fulfill requests. This data does not imply the creation of an account or require user registration.
All other capitalized terms used in this Privacy Policy shall have the same meaning as defined in article 4 GDPR (such as personal data, controller, processor, data subject, and others), unless defined otherwise in this definition clause.
“Personal information” or “personal data” includes an array of information. In general, we interpret it to mean any information that relates to an identifiable, living individual person. In some jurisdictions, legal distinctions are drawn between “controllers” and “processors” of personal data. Controllers determine the purposes and means of processing personal data, whereas processors are entities that process personal data on behalf of the controller according to their instructions. A processor does not make decisions about personal information; it only processes personal information on behalf of a controller based on the controller's instructions.
If you are a user using Detour, we process your personal information in different ways when you use our Services:
When we process your Customer Account Data and User Data we are acting as a controller. If you are a visitor to our website (by which we mean any website that links back to this Policy in its footer), we collect a minimal amount of data about you (depending on how much you've chosen to share with us). This might be as little as an IP address or a cookie, and it might be your contact information. We also consider this User Data.
When you sign up for an account with us, we ask for certain information like your contact details and billing information to facilitate payment and communication. We also collect some information automatically, like your IP address, when you log in to your account or when your software application built on Detour makes requests to our APIs. We use this to understand who is using our Services and how, and to detect, prevent and investigate fraud, abuse, or security incidents.
Name and contact information. When you sign up for a Detour account with us, you authenticate using your email account. In doing so, we receive certain information about you. The information we receive may vary depending on the email address and your email service provider, but could include your name. We collect this information so we know who you are — this helps us communicate with you about your account(s), recognize you when you communicate with us, bill you correctly, and provide other Services.
Device information and IP addresses. We collect your IP address and other data through tracking technologies like cookies, web beacons, and similar technologies. We also collect IP addresses when you make requests to our APIs and in our server logs. We use this information to understand how customers are using our platform, who those customers are (if they are a company and the IP address is associated with that company), what country they are logging in from (for analytics and export control purposes), and to help improve the navigation experience. You can learn more about cookies in the section titled “Cookies and Tracking Technologies” below.
When you visit our website, we may collect information automatically using tracking technologies, like cookies, and through web forms where you type in your information. We collect this information to provide you with what you request through the web form, to learn more about who is interested in our Services, and to improve navigation experience on our pages. You can learn more about cookies in the section titled "Cookies and Tracking Technologies" below.
On certain parts of our public-facing websites, you may be able to fill out forms to request contact from us, sign up for newsletters, or participate in surveys. The personal information requested on these forms will vary depending on the purpose of the form. We will ask for information that is necessary to fulfill your request, such as your email address if you want to receive a newsletter or your phone number if you want to be contacted by a member of our team. We may also ask for additional information to better understand our customers, such as your use case for Detour, your company name, or your job title. Our team keeps a record of all communication with customers, including contact information and any other details shared during the conversation. This information is used to help us improve our Services, provide training to our team members, and manage our ongoing relationships with customers. It is important to be mindful of what information you share with these teams, as we store a record of these communications. To protect your privacy, it is best to avoid sharing sensitive personal information unless it is necessary for the teams to assist you. We will take appropriate measures to protect any sensitive information that is shared with us.
When you visit Detour website, including web forms, we and our service providers may collect certain information using tracking technologies such as cookies, web beacons, and similar technologies. This information helps us understand how visitors use our websites, which pages and features are most popular, and how we can improve our websites and track the performance of our advertisements. Tracking technologies also help improve the navigation experience on Detour websites. We do not sell this information to third parties. For more information on how we use cookies and other tracking technologies, please see the section titled "Cookies and Tracking Technologies."
Our product facilitates deferred deep linking, a technology that enables users who open the application for the first time after installing it via a promotional or referral link to be directed to a specific in-app destination with associated campaign or referral data linked to their session.
To support this functionality, our system collects and transmits certain identifiers and contextual information between the administrative platform and the application. The data processed during this matching includes, but is not limited to:
This data is used solely for matching the original link or campaign to the relevant user or event, ensuring correct routing and attribution similarly to other industry-standard services.
Due to technical and platform-specific factors such as varying operating system behaviors, privacy configurations, and platform limitations, the matching process may not achieve 100% accuracy. In some cases, links may not be correctly matched or data may be incomplete.
It is important to note that while we provide the linking tool, the responsibility for the correct implementation, secure data transmission, and compliance with applicable data protection laws rests with the user of the product. Users must ensure the product’s library is integrated properly according to the official documentation and that any data exchanged is handled securely and in accordance with legal requirements.
We may use your email address to send you information about other Detour Services or events in which we think you may be interested, if you opt-in to receive such communication. You can opt-out at any time through your marketing preferences page by clicking the “unsubscribe” link at the bottom of any marketing email you receive from us. You can also contact our team to communicate your choice to opt out. Please note that it may take up to three days to remove your contact information from our marketing communications lists, so you may receive correspondence from us for a short time after you make your request. You will not be able to opt out of service emails from us, such as password reset emails, billing emails, or notifications of updates to our terms, unless you delete your account. We may also use publicly-available information about you that we have gathered through services like LinkedIn, or we may obtain information about you or your company from third-party providers. We use this information to help us understand our customer base better, such as your industry, the size of your company, and your company's website URL.
Detour will store your User Data as long as needed to provide you with our Services and to operate our business. If you ask Detour to delete specific personal information from your User Data, we will honor this request unless deleting that information prevents us from carrying out necessary business functions.
We do not sell your personal information or the personal information of your end users. We also do not allow any personal information to be used by third parties for their own marketing purposes. However, we do need to share personal data in order to provide our Services to you, such as to route a call you send through us or to store data you ask us to store. Below are the different scenarios under which we may share your data with third parties:
| Scenario | Transfer Details |
|---|---|
| Third-party service providers or consultants. | We may share your Personal Data with certain third parties which help us provide you with Software Mansion Products or services, or to run our business, for example to providers of data storage and backup services. We may also share your Personal Data with individual representatives of your company. |
| Compliance with Legal Obligations. | To adhere to the requirements of the California Consumer Privacy Act (CCPA), we hereby notify you that Software Mansion will not a) retain, use, sell, or otherwise disclose any Personal Data for any purpose other than to provide the Products and services specified in the Subscription Agreement; or b) retain, use, sell, or disclose such Personal Data outside of the direct relationship between Customer and Software Mansion; or c) use Personal Data other than as described within the Software Mansion Privacy Policy available at www.godetour.dev. |
| Business transfers. | If we go through a corporate sale, merger, reorganization, dissolution or similar event, data we gather from you may be part of the assets transferred or shared in connection with the due diligence for any such transaction. In that situation, and that situation only, we might transfer your data in a way that constitutes a sale under applicable law. If we do, we'll let you know ahead of time, and we will require any acquirer or successor to continue to process data consistent with this Policy. |
Closing Your Account and Deletion. To request closure or deletion of your Detour account, you can navigate to settings and press the "Delete account" button. Please be aware that closure or deletion of your Detour account will result in you permanently losing access to your account and the data in the account. After closure of your account, certain information associated with your account may remain on our servers in an aggregated form that does not identify you or your end users. Similarly, after you close your account, we will retain data — including personal information — associated with your account that we are required to maintain for legal purposes or for necessary business operations until it's no longer needed.
We make every effort for you to be satisfied with our cooperation. Please do remember, that you have numerous rights and privileges which enable you to influence our way of processing your data. In some cases it is possible to prevent us from processing your data whatsoever. These would be as follows:
We may use common information-gathering tools such as cookies, web beacons, pixels and other similar tracking technologies to automatically collect information as you navigate our websites, your account or when you interact with emails we send to you.
A cookie is a small piece of data stored on your device when you visit a website. Cookies allow us to identify your device as you navigate our websites or your account. This makes navigating and interacting with our websites or your account more efficient, easy and meaningful for you.
By themselves, cookies do not identify you specifically. Rather, they recognize your web browser. So, unless you identify yourself specifically to us, like signing into your account, we don't know who you are just because you visited our website. We use persistent cookies. Session cookies are cookies that disappear from your computer or browser when you turn off your computer. Persistent cookies stay on your computer even after you've turned it off. These cookies enable core functionality such as security, network management, and accessibility and are necessary for our websites to function properly.
We use the following cookies:
Strictly necessary
Strictly necessary cookies allow core website functionality such as user login and account management. The website cannot be used properly without strictly necessary cookies.
Performance
Performance cookies are used to see how visitors use the website, eg. analytics cookies. Those cookies cannot be used to directly identify a certain visitor.
Targeting
Targeting cookies are used to identify visitors between different websites, eg. content partners, banner networks. Those cookies may be used by companies to build a profile of visitor interests or show relevant ads on other websites.
Our approach to privacy compliance is a global one. No matter where you are located, we remain committed to abiding by all applicable data protection laws.
Servers or services that contain Personal Data are located mainly in the US and EU, however Personal Data may be subject to cross-border transfers conducted by our third-party providers, including but not limited to Vercel.
If you are from a region that requires a legal basis for processing personal data (such as the EEA or the UK), our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.
However, we will normally collect personal information from you only where we need the personal information to perform a contract with you, to allow you to use the Services, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms, or where we have your consent to do so. In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person, such as in the case where we request personal information from you in the context of a government audit or in response to a request from law enforcement. If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact information provided below.
Broadly speaking, we use User Data to further our legitimate interests to:
For those users that would like more information about our use of User Data, you have the ability to request:
Please be aware that when you ask us for these things, we will take steps to verify that you are authorized to make the request. You must be a resident of California to make this request. The California Code of Regulations defines a "resident" as:
We have collected the following categories of personal information in the past twelve (12) months:
Some countries, other than the EEA, UK, and United States, also have specific privacy notice requirements, and we address those requirements in our general privacy sections above.
We may need to transfer your personal information to our affiliates, contractors, service providers, and to third parties in various countries and jurisdictions around the world. In each case, we take care to use appropriate safeguards to ensure your personal information remains protected.
Data transfers to the United States and elsewhere. When you use our Services, personal information of you may be transferred to the United States, where our analytics processing facilities are located, and possibly to other countries where we or our service providers operate. These transfers will often be made in connection with routing your communications in the most efficient way.
Safeguards for data transfers. Detour employs appropriate safeguards for cross-border transfers of personal data, as required by applicable local law. When transferring personal information outside the EEA, the UK, and Switzerland, we rely on data transfer mechanisms such as the Standard Contractual Clauses.
Transfers from other countries. When we transfer personal information outside countries other than those in the EEA, the UK, and Switzerland, we strive to comply with the cross-border data transfer rules of those countries, such as by cooperating with that country's data protection authority or providing a written agreement to each user that meets the data protection requirements of the country.
We use appropriate security measures designed to protect the security of your personal information both online and offline. These measures vary based on the sensitivity of the personal information we collect, process and store and the current state of technology. We also take measures to ensure service providers that process personal data on our behalf also have appropriate security controls in place. When we transfer data across borders, we also take supplementary measures to ensure that data is protected.
Please note that no service is completely secure. While we strive to protect your data, we cannot guarantee that unauthorized access, hacking, data loss or a data breach will never occur.
To protect the confidentiality of your data you must keep your project's API keys confidential and not disclose them publicly or to unauthorized individuals — this includes accidentally distributing them in a binary or checking them into source control. Please let us know right away if you think your API keys were compromised or misused.
We may collect and use User Data to detect, prevent, or investigate security incidents, fraud, or abuse and misuse of our platform and Services. In addition, we may also use records containing end user personal information to debug, troubleshoot, or investigate security incidents; to detect and prevent spam or fraudulent activity; and to detect and prevent network exploits and abuse. We may anonymize personal information and use it for our legitimate business needs, and, where allowed by law, this may include records containing end user personal information.
If you have a dispute with us relating to our data protection practices, you can raise your concern or dispute by contacting us via email at legal@swmansion.com. For individuals in the EEA, the UK, or Switzerland, you have additional rights to make a complaint to a competent data protection authority or commence proceedings in a court of competent jurisdiction in accordance with applicable data protection laws.
We may change this Policy from time to time, and if we do, the most current version will be available on our website with the date at the top indicating when it was last updated.We will comply with applicable law with respect to any changes we make to this Policy and seek your consent to any material changes if this is required by applicable law.