Privacy Policy

Ressonance is a WebSocket as a Service platform designed to help developers build real time applications with a simple, reliable, and developer friendly infrastructure.

This Privacy Policy explains how Ressonance collects, uses, stores, shares, and protects personal data when you access our website, create an account, use our platform, interact with our APIs, or communicate with us.

Last updated: June 14, 2026

This Privacy Policy explains how Ressonance, referred to as "Ressonance", "we", "us", or "our", collects, uses, stores, shares, and protects personal data when you access our website, create an account, use our platform, interact with our APIs, or communicate with us.

By using Ressonance, you agree to the practices described in this Privacy Policy.

1. Who this Privacy Policy applies to

This Privacy Policy applies to:

Visitors

People who access our website, documentation, blog, landing pages, or public content.

Account users

Developers, founders, operators, companies, and team members who create or access a Ressonance account.

Customers

Individuals or organizations that use Ressonance to create applications, manage channels, send events, use API keys, configure WebSocket connections, or access platform features.

End users of customer applications

People who interact with applications built by our customers using Ressonance infrastructure.

In most cases, Ressonance acts as the data controller for personal data related to website visitors, account users, billing contacts, and platform users.

When customers use Ressonance to transmit data through their own applications, the customer is usually the data controller, and Ressonance acts as a data processor or service provider on behalf of that customer.

2. Data we collect

We collect only the data reasonably necessary to operate, secure, improve, and support Ressonance.

Account information

When you create an account, we may collect:

  • Name
  • Email address
  • Password or authentication credentials
  • Company or organization name
  • Workspace or project information
  • Account preferences
  • Email verification status

Platform and application data

When you use Ressonance, we may collect technical and operational data such as:

  • Application names
  • App identifiers
  • API keys or public connection keys
  • Channel names
  • Event names
  • Connection metadata
  • WebSocket connection activity
  • Message delivery metadata
  • Usage metrics
  • Error logs
  • Rate limit information
  • IP addresses
  • User agent data
  • Timestamps
  • Server logs

Depending on how customers use Ressonance, event payloads may contain personal data. Customers are responsible for deciding what data they send through Ressonance and for ensuring they have the appropriate legal basis and user permissions to process that data.

Billing information

If you subscribe to a paid plan, we may collect billing related information such as:

  • Billing name
  • Billing email
  • Company information
  • Tax information, where applicable
  • Plan and subscription status
  • Payment status
  • Invoice history

Payment card details are processed by our payment provider. Ressonance does not intend to store full credit card numbers on its own servers.

Communication data

When you contact us, request support, join a waitlist, submit feedback, or communicate with our team, we may collect:

  • Name
  • Email address
  • Message content
  • Support requests
  • Technical details shared by you
  • Conversation history

Website and analytics data

When you visit our website, we may collect basic analytics and usage data such as:

  • Pages visited
  • Referring pages
  • Browser type
  • Device type
  • Approximate location based on IP address
  • Session activity
  • Marketing attribution data
  • Cookie or similar technology identifiers

We use this information to understand how people find and use Ressonance, improve our content, and make the platform easier to adopt.

3. Data we do not intentionally collect

Ressonance is a developer infrastructure platform. We do not intentionally request or require sensitive personal data to provide the core service.

You should not send sensitive personal data through Ressonance unless you have a valid legal basis, appropriate safeguards, and a clear business need.

Sensitive personal data may include, depending on applicable law:

  • Health information
  • Biometric data
  • Government identification numbers
  • Financial account details
  • Precise geolocation
  • Data about children
  • Religious or political information
  • Special categories of personal data

Customers are responsible for controlling the content they transmit through Ressonance.

4. How we use personal data

We use personal data to operate, provide, secure, and improve Ressonance.

This includes using data to:

  • Create and manage user accounts
  • Authenticate users
  • Verify email addresses
  • Provide access to the platform
  • Process WebSocket connections
  • Route and deliver events
  • Monitor system health
  • Prevent abuse, fraud, spam, and unauthorized access
  • Debug errors and improve reliability
  • Provide customer support
  • Send service related emails
  • Manage billing and subscriptions
  • Analyze product usage
  • Improve developer experience
  • Maintain audit logs
  • Enforce our terms and policies
  • Comply with legal obligations

We may also use contact information to send product updates, onboarding emails, technical announcements, and relevant information about Ressonance. You may opt out of non essential marketing communications at any time.

5. Legal bases for processing

Depending on your location and applicable law, we process personal data based on one or more of the following legal bases:

Contract

We process data when necessary to provide Ressonance, manage your account, deliver the service, process billing, and fulfill our obligations to you.

Legitimate interests

We process data where necessary for legitimate business interests, such as securing the platform, preventing abuse, improving performance, debugging issues, understanding product usage, and communicating with users.

Consent

We may rely on consent for certain cookies, marketing communications, or optional features where required by law.

Legal obligation

We may process data to comply with tax, accounting, regulatory, security, or legal obligations.

6. Customer data and event payloads

Ressonance allows customers to send real time events through WebSocket infrastructure.

Customers control the content of their event payloads, channel names, event names, and application logic. Ressonance does not decide what personal data customers send through the platform.

Customers should avoid sending unnecessary personal data in event payloads. Where possible, customers should use identifiers, minimize payload content, and avoid transmitting sensitive information.

Ressonance may process customer data only as necessary to provide the service, maintain reliability, secure the platform, troubleshoot issues, comply with legal obligations, or follow documented customer instructions.

7. API keys, secrets, and credentials

Ressonance may generate or store API keys, app keys, secrets, tokens, or other credentials used to authenticate requests and connect applications.

You are responsible for protecting your credentials and limiting access to authorized team members only.

You should not expose private secrets in frontend code, public repositories, logs, support messages, or public documentation.

If you believe your credentials have been exposed, rotate them immediately and contact us if you need support.

8. Cookies and similar technologies

Ressonance may use cookies and similar technologies to:

  • Keep users signed in
  • Maintain secure sessions
  • Remember preferences
  • Analyze website traffic
  • Understand product usage
  • Improve onboarding
  • Measure marketing performance

You can control cookies through your browser settings. Some cookies may be necessary for authentication, security, or core platform functionality.

9. How we share data

We do not sell personal data.

We may share personal data with trusted service providers that help us operate Ressonance, such as:

  • Cloud infrastructure providers
  • Database and hosting providers
  • Email delivery providers
  • Analytics providers
  • Error monitoring tools
  • Payment processors
  • Customer support tools
  • Security and fraud prevention providers

These providers may process data only as necessary to provide services to Ressonance and are expected to protect data appropriately.

We may also disclose data if required to:

  • Comply with applicable law
  • Respond to lawful requests
  • Protect the rights, security, or property of Ressonance
  • Prevent abuse, fraud, or security threats
  • Enforce our terms
  • Complete a merger, acquisition, financing, corporate restructuring, or sale of assets

10. International data transfers

Ressonance may use infrastructure and service providers located in different countries.

This means personal data may be processed outside your country of residence. When we transfer personal data internationally, we take reasonable steps to protect it according to applicable legal requirements.

11. Data retention

We retain personal data only for as long as necessary to provide Ressonance, comply with legal obligations, resolve disputes, enforce agreements, maintain security, and support legitimate business needs.

Retention periods may vary depending on the type of data.

For example:

  • Account data may be retained while your account is active
  • Billing records may be retained as required by tax and accounting laws
  • Security logs may be retained for a limited period to detect abuse and investigate incidents
  • Support communications may be retained to provide continuity and improve support
  • Event and connection logs may be retained for operational, debugging, and security purposes

When data is no longer needed, we will delete, anonymize, or securely retain it according to applicable requirements.

12. Security

We take reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure.

These measures may include:

  • Encryption in transit
  • Access controls
  • Authentication mechanisms
  • Infrastructure monitoring
  • Logging and audit controls
  • Secrets management
  • Rate limiting
  • Security reviews
  • Backup and recovery practices
  • Least privilege access principles

No system is perfectly secure. If you believe you have found a security issue, please contact us immediately at support@ressonance.com.

13. Your privacy rights

Depending on your location and applicable law, you may have rights regarding your personal data, including the right to:

  • Access your personal data
  • Correct inaccurate personal data
  • Request deletion of your personal data
  • Request restriction of processing
  • Object to certain processing activities
  • Request portability of your data
  • Withdraw consent where processing is based on consent
  • Opt out of marketing communications
  • Request information about how your data is used

To exercise your rights, contact us at support@ressonance.com.

We may need to verify your identity before responding to your request.

14. Rights related to customer application data

If you are an end user of an application that uses Ressonance, please contact the owner or operator of that application first.

Ressonance provides infrastructure to our customers. We may not have a direct relationship with end users of customer applications, and we may not be able to identify or delete end user data without instructions from the relevant customer.

If you contact us about data processed through a customer application, we may redirect your request to the customer or work with the customer as appropriate.

15. Marketing communications

We may send emails about product updates, onboarding, technical content, new features, free tier usage, billing, security notices, or other relevant information.

You can unsubscribe from marketing emails at any time by using the unsubscribe link in the email or contacting us.

We may still send transactional or service related messages, such as account verification, billing notices, security alerts, usage alerts, or important platform updates.

16. Children's privacy

Ressonance is intended for developers, businesses, and professional users. It is not intended for children.

We do not knowingly collect personal data from children. If you believe a child has provided personal data to Ressonance, please contact us so we can take appropriate action.

17. Third party links

Our website, documentation, blog, or platform may contain links to third party websites, tools, repositories, integrations, or services.

We are not responsible for the privacy practices of third parties. We encourage you to review their privacy policies before providing personal data to them.

18. Open source and public repositories

Ressonance may maintain open source projects, public repositories, documentation, or community channels.

Information you choose to publish publicly, such as GitHub issues, pull requests, discussions, comments, usernames, or profile information, may be visible to others and may remain publicly available according to the rules of the platform where it was posted.

Do not publish secrets, private keys, tokens, customer data, personal data, or confidential information in public repositories or community spaces.

19. Changes to this Privacy Policy

We may update this Privacy Policy from time to time.

When we make material changes, we may notify users by email, in product notification, website notice, or other appropriate method.

The "Last updated" date at the top of this page indicates when this Privacy Policy was last revised.

20. Contact us

If you have questions, requests, or concerns about this Privacy Policy or how Ressonance handles personal data, contact us at:

Ressonance
Email: support@ressonance.com
Website: https://ressonance.com

For security related matters, contact:
Email: support@ressonance.com