Legal

Privacy Policy

Last updated: April 8, 2026

1. Introduction

Glimt (“we”, “our”, or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this policy carefully. If you disagree with its terms, please discontinue use of the Service.

2. Information We Collect

We collect information in the following ways:

  • Account information: Name and email address when you register, managed via our authentication provider (Clerk).
  • Usage data: URLs submitted for testing, test configurations, session results, and API usage metrics.
  • Technical data: IP address, browser type, device information, and log data collected automatically when you use the Service.
  • Credentials for testing: Login credentials you optionally save for authenticated test scenarios. These are stored encrypted and used solely to perform the tests you configure.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service.
  • Process and complete test runs you initiate.
  • Send you service-related communications (e.g. billing, security alerts).
  • Improve, personalise, and expand the Service.
  • Monitor and analyse usage to detect abuse or technical issues.
  • Comply with legal obligations.

4. How We Share Your Information

We do not sell your personal data. We may share your information with:

  • Service providers: Third-party vendors who assist in operating the Service (e.g. cloud infrastructure, authentication, analytics), bound by confidentiality obligations.
  • AI providers: Anonymised or pseudonymised interaction data may be sent to AI model providers (such as Anthropic) to generate test session results.
  • Legal authorities: Where required by law, court order, or to protect the rights and safety of our users or the public.

5. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. Test session data is retained for 90 days by default. You may request deletion of your account and associated data at any time by contacting us.

6. Security

We implement industry-standard technical and organisational measures to protect your information. However, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete data.
  • Request deletion of your data.
  • Object to or restrict certain processing activities.
  • Data portability — receive your data in a machine-readable format.

To exercise these rights, contact us at [email protected].

8. Cookies

We use strictly necessary cookies to operate the Service. These cookies are required for authentication and session management and cannot be disabled without breaking core functionality. We do not use advertising, analytics, or tracking cookies.

CookieProviderPurposeDuration
__sessionClerkStores the authenticated session tokenSession
__client_uatClerkTracks client-side authentication state1 year
glimt_cookie_consentGlimtRemembers that you have acknowledged this cookie noticePersistent (localStorage)

You can clear cookies at any time via your browser settings. Removing authentication cookies will sign you out of the Service.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the “Last updated” date. Continued use of the Service after changes constitutes acceptance of the revised policy.

10. Contact

If you have any questions or concerns about this Privacy Policy, please contact us at [email protected].

Terms of Service