Privacy policy

Privacy policy for RunsOn

1. Scope

  • This Privacy Policy explains how RunsOn collects, uses, and shares personal data when RunsOn acts as a controller.
  • RunsOn is not a conventional hosted CI/CD SaaS. Core workflow execution, runner VMs, caches, logs, queue payloads, and GitHub App credentials normally stay in the customer’s AWS account rather than in a shared RunsOn control plane.
  • This means the main data flows covered by this Policy are limited RunsOn-side flows such as product telemetry sent to runs-on.com, licensing and billing records, website and changelog signups, and ordinary support or procurement correspondence.

2. Product telemetry

  • The Software includes telemetry functionality that sends limited technical metadata to runs-on.com.
  • This telemetry may include the time of the event, platform, architecture, instance type, instance lifecycle, AWS region, RunsOn version, organization or account identifier, boot timing metadata, networking mode, enabled integrations, enabled extras, and pool metadata.
  • This telemetry is used to understand product usage, improve product performance and reliability, support compatibility work, and operate the product.
  • By default, this telemetry does not include repository contents, customer secrets, customer job logs, or runner filesystem contents.
  • RunsOn acts as the controller for this telemetry flow. Cloudflare is used as a RunsOn-side vendor for hosting or delivery of the runs-on.com telemetry path.

3. Commercial, account, and contact data

  • We may collect and use buyer, prospect, and customer contact details, company or organization names, GitHub organization identifiers, GitHub usernames used for licensing or source access, subscription and billing records, invoice or payment-adjacent records, and other account-administration data.
  • We use this information to sell, provision, license, bill, support, and administer the RunsOn product and related services.
  • RunsOn acts as the controller for these activities.

4. Support and procurement communications

  • If you contact RunsOn for support, procurement, onboarding, or other business communications, we may process your emails, meeting notes, attachments, screenshots, logs, and related correspondence.
  • RunsOn acts as the controller for ordinary support and case-management communications handled for RunsOn’s own business purposes.

5. How we share data

  • We share personal data with service providers used to operate RunsOn’s own website, telemetry path, subscriptions, billing, and similar business functions.

6. Security

  • We implement measures designed to protect the limited RunsOn-side data flows described in this Policy.
  • The strongest product-level control is architectural: core workflow execution normally remains in the customer’s AWS account.
  • More detail is available at /security/.

7. Data retention

  • We retain personal data for as long as needed for the purposes described in this Policy, including product operations, licensing, billing, support, legal compliance, and dispute resolution.

8. Your rights

  • Depending on your location and applicable law, you may have rights to access, correct, delete, restrict, or object to the processing of your personal data, and to request data portability.
  • To exercise those rights, contact us using the details below.

9. Changes to this Privacy Policy

  • We may update this Privacy Policy from time to time. If we make material changes, we will update this page and may also provide additional notice where appropriate.

10. Contact

  • If you have questions about this Privacy Policy or our data practices, contact:
    • Email: ops@runs-on.com
    • Address: Cyril Rohr EIRL - 4 rue Michel Gérard, 35235 Thorigné-Fouillard, France.