Last updated: May 30, 2026
This Privacy Policy explains how Bitworks LLC (“Bitworks,” “we,” “us,” or “our”) collects, uses, discloses, and protects your personal information when you visit our website at https://bitworks.io (the “Site”) or purchase products from us. We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) for users in the European Economic Area (EEA), UK, and Switzerland.
Bitworks is the data controller responsible for your personal information. Website: https://bitworks.io. Email: [email protected]. For GDPR-related inquiries, you may contact our Data Protection Officer at the same address.
Information you provide directly:
Information collected automatically:
Information from third parties:
We use your personal information to process and deliver orders and payments and manage returns; provide customer service; manage your account; improve the website; send marketing communications with your consent; meet legal, tax, accounting, export-control, and regulatory requirements; detect and prevent fraud and security incidents; and maintain business records.
Cookies are small text files stored on your device that help us provide and improve our services. We use essential cookies (shopping cart, secure login, payment security), functional cookies (preferences, form auto-fill, comment author information stored for one year), analytics cookies (understanding site usage), and marketing cookies (personalized advertising and conversion measurement). Session cookies are deleted when you close your browser; comment cookies last one year; login cookies last two days (or two weeks with “Remember Me”); screen-preference cookies last one year; editor cookies expire after one day. You can control cookies through our consent banner, your browser settings, and our cookie preference center.
When you leave comments, we collect the information shown in the comment form and your IP address and browser user agent string for spam detection. An anonymized hash of your email may be sent to Gravatar (https://automattic.com/privacy/) to display your profile picture. Comments and associated metadata are retained to enable automatic approval of follow-up comments, and approved comments and profile pictures are publicly visible.
If you upload images or files, avoid including embedded location data (EXIF GPS), as visitors can download and extract it. We may scan uploaded files for security purposes. Media files are stored on our servers and may be accessible to website administrators.
Our Site may include embedded content from third-party websites (for example, videos, social media posts, or product demonstrations). Such embeds behave as if you visited the third-party website directly, may collect data about you, use cookies, and track your interactions, and are subject to the privacy policies of those third parties.
We share your information with service providers (payment processors, shipping carriers such as DHL, FedEx, and UPS, cloud hosting, email services, analytics providers, and customer-support tools); when required by law or to comply with legal process, enforce our terms, protect our rights, or prevent fraud; in connection with a merger, acquisition, or sale of assets; and with your consent. We do not sell your personal information to third parties.
Certain products we sell are subject to U.S. and other export-control and sanctions laws, including the Export Administration Regulations (EAR) administered by the U.S. Bureau of Industry and Security (BIS) and sanctions programs administered by the U.S. Office of Foreign Assets Control (OFAC). To comply with these laws and to fulfill business, commercial, or governmental orders and orders for export-controlled products, we collect and process information about the end user, end use, ownership, destination, intended deployment, and related compliance documentation (such as End-User Compliance forms, Data Center Attestation Letters, and responses to requests for information).
We process this information on the basis of legal obligation and our legitimate interest in lawful trade compliance. We may share it with the relevant OEMs, suppliers, freight carriers, and government authorities as necessary to complete compliance screening, obtain required authorizations, and fulfill the order. We may retain compliance records for the period required by applicable export-control and recordkeeping laws. Provision of this information may be a condition of sale; if it is not provided, or if screening cannot be completed, we may be unable to fulfill the order.
As we sell hardware worldwide, your information may be transferred to and processed in countries outside your jurisdiction, including countries that may not provide the same level of data protection. For GDPR compliance, transfers to third countries are protected by appropriate safeguards (such as Standard Contractual Clauses or adequacy decisions), and you may request information about these safeguards by contacting us.
We retain account information until you request deletion or after three years of inactivity; order information for seven years for tax and accounting purposes; marketing data until you unsubscribe or withdraw consent; comments indefinitely unless you request deletion; technical logs for twelve months; and export-compliance records for the period required by applicable law. Payment information is not stored on our servers and is handled by payment processors.
Subject to applicable law, you have the right to access, rectify, and erase your personal data; to restrict or object to processing; to data portability; to withdraw consent; and to lodge a complaint with your local data protection authority. To exercise these rights, contact us at [email protected]. We will respond within one month, extendable by two months for complex requests. Note that certain data, including export-compliance records, may be subject to legal retention requirements that limit erasure.
We implement appropriate technical and organizational measures to protect your data, including SSL/TLS encryption in transit, encrypted storage, access controls on a need-to-know basis, regular security assessments, employee training, and incident-response procedures. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
Our Site and services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children. If we discover we have collected information from a child, we will delete it promptly.
If you request a password reset, your IP address will be included in the reset email for security purposes. Visitor comments and contact-form submissions may be checked through automated spam-detection services, which may involve processing your IP address, email address, and message content. Our Site may contain links to third-party websites whose privacy practices we do not control; please review their policies before providing information.
With your consent, we may send product announcements, special offers, newsletters, and order updates. You can opt out at any time by clicking “unsubscribe” in any marketing email, adjusting your account preferences, or contacting us at [email protected].
In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours as required by GDPR, notify affected individuals without undue delay, and provide information about the nature of the breach and remedial actions.
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will post the updated policy on this page with a new “Last updated” date, notify you of material changes via email or a prominent website notice, and obtain consent for changes that require it under applicable law.
For questions, concerns, or to exercise your rights under this Privacy Policy: Email [email protected], or write to Bitworks LLC, 475 Providence Main St, Suite 403, Huntsville, AL 35806.
By using our Site and services, you acknowledge that you have read and understood this Privacy Policy. For processing activities requiring consent, you will be asked to provide explicit opt-in consent through checkboxes, consent banners, or other clear affirmative actions.