RedirectBoss Logo
RedirectBoss
PricingBlogDashboardContactGet Started
Get Started

Privacy Policy

Effective Date: October 20, 2025 | Last Updated: April 21, 2026

1. Introduction

Rust Belt Tools LLC ("we", "us", "our", or "Company") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our RedirectBoss redirect management service ("Service").

2. Information We Collect

2.1 Information You Provide Directly

Account Information:

  • Name and email address (required for account creation)
  • Phone number (optional, only if you opt-in to SMS notifications)
  • Company name and billing address (for paid accounts)
  • Payment information (processed securely by Paddle Market Limited)

Service Configuration Data:

  • Domain names you configure for redirects
  • Redirect rules and destination URLs
  • DNS configuration preferences
  • API usage and integration settings

Communications:

  • Messages you send through our support system
  • Feedback and survey responses
  • Communication preferences and opt-in settings

2.2 Information We Collect Automatically

Usage Analytics:

  • Redirect traffic volumes and patterns
  • Geographic distribution of redirect traffic
  • Device and browser types accessing your redirects
  • Referrer information and user agent strings
  • Service usage patterns and feature adoption

Technical Information:

  • IP addresses and geolocation data
  • Device identifiers and browser fingerprints
  • Log files including access times and error messages
  • Performance metrics and service response times

Website Analytics:

  • Pages visited on our marketing website
  • Time spent on pages and bounce rates
  • Traffic sources and conversion paths
  • A/B testing participation and results

2.3 Information from Third Parties

Payment Processing:

  • Billing and transaction data from Paddle Market Limited
  • Payment method verification and fraud prevention data

DNS and Hosting Providers:

  • Domain verification and ownership data
  • DNS propagation and health check information

3. How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve our Service
  • Process payments and prevent fraud
  • Send you service updates and administrative messages
  • Provide customer support
  • Monitor and analyze usage patterns and trends
  • Detect and prevent security incidents and abuse
  • Comply with legal obligations

4. Information Sharing and Disclosure

We may share your information with:

  • Service Providers: Payment processors (Paddle), analytics providers
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: When you explicitly agree to sharing

We do not sell your personal information to third parties.

5. Data Security

We implement industry-standard security measures to protect your data, including:

  • Encryption in transit using industry-standard TLS
  • Encryption at rest for sensitive data
  • Regular security audits and penetration testing
  • Access controls and authentication requirements
  • Monitoring for suspicious activity

6. Your Privacy Rights

You have the right to:

  • Access your personal information
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data
  • Opt-out of marketing communications
  • Withdraw consent for data processing

To exercise these rights, contact us at privacy@redirectboss.com.

7. Data Retention

We retain your data for:

  • Active accounts: As long as your account is active
  • Terminated accounts: 30 days after termination (for recovery purposes)
  • Legal requirements: Longer periods when required by law
  • Analytics data: Aggregated and anonymized indefinitely

8. Cookies and Tracking

We use cookies and similar technologies for:

  • Authentication and session management
  • User preferences and settings
  • Analytics and performance monitoring
  • Marketing and advertising (with your consent)

You can control cookies through your browser settings.

9. Children's Privacy

Our Service is not intended for children under 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, contact us immediately.

10. International Data Transfers

Your data may be transferred to and processed in the United States and other countries. We ensure appropriate safeguards are in place for international transfers.

11. Third-Party Application Access (OAuth)

RedirectBoss supports third-party application access to your account via the OAuth 2.0 protocol, including integrations with AI assistants such as Claude through our Model Context Protocol (MCP) server. This section explains how that access works and what data is shared.

11.1 Authorization

When you authorize a third-party application, you are explicitly granting that application permission to access your RedirectBoss account on your behalf. Before authorization, you will be shown the application's name and the specific permissions (scopes) it is requesting. Authorization does not occur without your consent.

11.2 Permission Scopes

Authorized applications may request any combination of the following scopes:

  • read:hosts: view the hosts (source domains) configured in your account and their DNS/SSL status
  • write:hosts: add, modify, or delete hosts in your account
  • read:redirects: view the redirect rules configured in your account
  • write:redirects: add, modify, or delete redirect rules in your account

Scopes are displayed on the authorization screen before you grant access. An authorized application may only perform operations permitted by the scopes you approved.

11.3 What Data is Shared

Data shared with authorized applications is limited to your own account data: hosts, redirect rules, DNS status, and SSL certificate status. No other customers' data is ever accessible. Authorized applications do not receive your account credentials, payment information, or personal contact details.

11.4 Tokens and Session Lifetime

Access tokens are issued by our identity provider (Logto), have a bounded time to live, and are scoped to your account only. Tokens are transmitted over TLS and validated on every request.

11.5 Reviewing and Revoking Access

You can review and revoke access for any authorized application at any time from your dashboard under Preferences → Connected Apps. Revocation is enforced immediately: subsequent requests from the revoked application will be rejected.

11.6 Your Responsibility

You should only authorize third-party applications that you trust. An application authorized with write scopes can create, modify, and delete hosts and redirects on your behalf. If you believe an application has been authorized without your consent or is behaving unexpectedly, revoke its access immediately and contact us at support@redirectboss.com.

12. Changes to Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email at least 30 days before taking effect. Continued use of the Service after changes constitutes acceptance.

13. Contact Us

For privacy-related questions or concerns:

Email: privacy@redirectboss.com
Address: Rust Belt Tools LLC, 5830 East 2nd St. PMB 90104, Casper, WY 82609

By using RedirectBoss, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

← Back to Home