Logo
GsmBit
Login Get Started →
Home Privacy Policy
Legal Document

Privacy Policy

How GsmBit collects, uses, and protects your information when you use our Unlocking Management & Automation platform.

Effective: February 24, 2026 ~8 min read GDPR Aligned

1. Overview

Welcome to GsmBit ("we", "us", "our"). We operate an Unlocking Management & Automation platform that provides businesses and resellers with tools for license management, order automation, payment processing, API integrations, and client management.

This Privacy Policy explains what personal data we collect, why we collect it, how it is used and protected, and the rights you have over your data. By accessing or using our platform, you agree to the practices described in this Policy.

If you do not agree with this Policy, please discontinue use of the platform and contact us to close your account.

2. Information We Collect

2.1 Account & Registration Data

  • Full name, business name, email address, and phone number provided at registration
  • Username and encrypted password credentials
  • Billing address and country/region information
  • Profile photo or company logo (optional)

2.2 Platform Usage Data

  • License keys generated, assigned, or transferred through our system
  • API tokens, endpoints accessed, and request/response logs
  • Order history, rental records, and transaction activity
  • Client management activity — adding, editing, or removing clients
  • Support tickets, messages, and live chat transcripts

2.3 Technical & Device Data

  • IP address, browser type, operating system, and device identifiers
  • Pages visited, time on site, referral URLs, and click paths
  • Cookies, session tokens, and local storage data
  • Error logs and diagnostic data to maintain platform stability

2.4 Payment & Financial Data

Payment transactions are processed through our integrated payment gateways. We do not store full credit card numbers or bank credentials. We retain transaction IDs, amounts, currency, timestamps, and payment status for billing and reporting purposes.

3. How We Use Your Information

We use collected data for the following purposes:

3.1 Service Delivery

  • Provision and maintenance of your account and dashboard access
  • Processing license assignments, renewals, and transfers
  • Executing automated orders, rentals, and workflows
  • Delivering API responses and managing authentication tokens

3.2 Business Operations

  • Invoicing, billing, credit balance management, and transaction reconciliation
  • Generating profit reports, usage analytics, and performance dashboards
  • Fraud detection, abuse prevention, and security monitoring

3.3 Communication

  • Sending transactional emails (order confirmations, license alerts, password resets)
  • Responding to support tickets and live chat inquiries
  • Important service announcements and policy updates
  • Promotional communications (you may opt out at any time)

3.4 Platform Improvement

  • Analysing usage patterns to improve features and UX
  • Testing new functionality in staged environments
  • Training internal models to improve automation accuracy

4. Platform & Services Covered

This policy applies to all features and services provided within the GsmBit platform, including:

API Automation

REST API for seamless third-party integrations and automated workflows

Auto Payment Gateway

Multi-gateway automated payment processing for instant transactions

Client Management

Intuitive dashboard to manage clients and monitor usage patterns

Auto Order Process

Streamlined order processing from creation to fulfilment

Auto Tool Rental

Automated rental with scheduling, tracking, and return management

Dedicated Support

24/7 support system with ticketing, live chat, and priority assistance

Smart Price Grouping

Intelligent pricing with automatic tier management and bulk discounts

Code Inventory

Real-time inventory tracking with automatic stock alerts

Profit Reports

Comprehensive analytics with revenue tracking and profit forecasting

5. Data Sharing & Disclosure

We do not sell, rent, or trade your personal data. We may share data only in the following circumstances:

5.1 Service Providers

We engage trusted third-party providers (payment processors, email delivery, cloud hosting, analytics) who are contractually obligated to protect your data and use it solely to perform services on our behalf.

5.2 Reseller Network

If you are an end-user purchasing through an authorized reseller, certain account data may be shared with that reseller to facilitate your service. The reseller is independently responsible for how they handle shared data.

5.3 Legal & Compliance

We may disclose data when required to comply with applicable law, court orders, regulatory requests, or to protect the rights, property, or safety of GsmBit, our users, or the public.

5.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. We will provide notice before your data becomes subject to a different privacy policy.

6. Data Security

We implement industry-standard technical and organisational measures to protect your data against unauthorised access, alteration, disclosure, or destruction:

  • All data in transit is encrypted using TLS 1.2+ (HTTPS)
  • Passwords are stored using bcrypt hashing — never in plain text
  • API tokens are hashed and scoped with minimal-privilege design
  • Database access is restricted to authorised personnel only
  • Regular security audits and vulnerability assessments are conducted
  • Two-factor authentication (2FA) is available for all accounts

Despite our efforts, no system is 100% secure. If you suspect a security issue, please contact us immediately at Support@gsmbit.com.

7. Data Retention

We retain personal data for as long as your account is active or as needed to provide services. Specifically:

  • Account data — retained for the lifetime of your account plus 30 days after deletion
  • Transaction records — retained for 7 years for legal and financial compliance
  • API logs — retained for 90 days, then automatically purged
  • Support tickets — retained for 2 years after closure
  • Marketing data — deleted immediately upon opt-out or account deletion

You may request deletion of your data at any time (subject to legal retention requirements) by contacting our support team.

8. Cookies & Tracking Technologies

We use cookies and similar tracking technologies to operate and improve our platform:

8.1 Essential Cookies

Required for the platform to function. These include session management, CSRF protection, and authentication state. These cannot be disabled.

8.2 Analytics Cookies

Used to understand how users interact with our platform (e.g., pages visited, features used). This data is aggregated and anonymised. You may opt out via your browser settings.

8.3 Preference Cookies

Used to remember your settings and preferences (e.g., language, display options) so you don't need to reconfigure each visit.

You can manage or delete cookies through your browser settings. Blocking essential cookies may impair platform functionality.

9. API & Third-Party Integrations

Our platform provides a powerful REST API allowing you to connect third-party services and automate workflows. When you use API integrations:

  • API request and response payloads are logged for debugging and security monitoring
  • You are responsible for the data you send through the API and must ensure it complies with applicable laws
  • Third-party services connected via our API are governed by their own privacy policies
  • API tokens should be treated as passwords — never share them publicly
  • Revoke compromised tokens immediately from your API Settings dashboard

10. Payments & Financial Data

All payment processing is handled by our integrated payment gateway partners. We support multiple payment gateways for automated, instant transactions. Our practices:

  • We do not store full payment card numbers on our servers
  • Payment gateway providers are PCI-DSS compliant
  • Transaction metadata (amount, currency, status, gateway reference) is stored for billing and dispute resolution
  • Credit balance top-ups and deductions are logged with timestamps for full auditability
  • Refund requests are subject to our Terms of Service

11. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Right of Access

Request a copy of the personal data we hold about you.

Right to Rectification

Request correction of inaccurate or incomplete data.

Right to Erasure

Request deletion of your personal data ("right to be forgotten").

Right to Portability

Receive your data in a structured, machine-readable format.

Right to Object

Object to processing of your data for marketing purposes.

Right to Restriction

Request we limit how we process your personal data.

To exercise any of these rights, contact us at Support@gsmbit.com. We will respond within 30 days. Some requests may be subject to identity verification.

12. Children's Privacy

Our platform is intended for business use by individuals aged 18 and older. We do not knowingly collect personal data from children under 13 (or under 16 in jurisdictions requiring stricter protections). If you believe a child has submitted personal data to us, please contact us immediately and we will delete it promptly.

13. Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will:

  • Update the "Effective Date" at the top of this page
  • Send an email notification to registered account holders
  • Display a notice on your dashboard for at least 14 days

Continued use of our platform after the effective date constitutes your acceptance of the updated Policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please reach out to us:

GsmBit — Privacy Team

Support@gsmbit.com
+862234545666
Street: 科技园武汉大学B6022 City Guangdong /China
Open a Support Ticket