Shiftbright Software — Privacy Policy
Last updated: May 1, 2026
Version: 1.0
This Privacy Policy explains how Shiftbright Software (“Shiftbright”, “we”, “us”, or “our”) collects, uses, stores, and protects information when you use our website:
This Privacy Policy applies to the Shiftbright website only. Separate products, apps, websites, or services operated by Shiftbright Software may have their own privacy policies.
For example, Toosa has its own Privacy Policy:
1. Who We Are
Shiftbright Software is an independent software studio focused on building practical, polished apps, AI chat tools, and digital products.
For privacy-related inquiries, you can contact us at:
For general inquiries:
2. Scope of This Policy
This Privacy Policy applies to information processed through the Shiftbright website, including:
- browsing the website;
- viewing product information;
- clicking links to product websites or external platforms;
- using the contact form;
- contacting us through the communication channels listed on the website.
This Privacy Policy does not apply to separate product websites or services unless they specifically refer to this policy.
For example:
- Presentation Font Embedder may be governed by its own privacy policy on its product website.
- Toosa is governed by its own Privacy Policy at https://toosa.co.il/privacy.
When you leave the Shiftbright website and visit another website or service, that website or service may process information according to its own privacy policy.
3. Information We Collect
We aim to collect only information that is reasonably necessary for operating the website, responding to inquiries, protecting the website, and improving our services.
3.1 Information You Provide
If you use the contact form, we may collect:
| Information | Examples |
|---|---|
| Name | The name you enter in the contact form |
| Email address | The email address you provide |
| Subject | The subject of your message |
| Message content | The content you submit through the contact form |
| Optional context | Any information you choose to include in your message |
Please avoid sending sensitive personal information unless it is necessary for your inquiry.
3.2 Technical and Security Information
When you use the website, we or our service providers may process technical information such as:
| Information | Purpose |
|---|---|
| IP address | Security, abuse prevention, and basic request handling |
| User-Agent | Compatibility, debugging, and security |
| Timestamps | Operational logging and troubleshooting |
| Request metadata | Website operation, security, and diagnostics |
| Cloudflare Turnstile token | Human verification and anti-spam protection |
| Honeypot field signals | Spam and abuse prevention |
| Cloudflare security signals | Security, bot protection, and abuse prevention |
3.3 Email, Social, and Messaging Links
If you contact us through email, Facebook Messenger, LinkedIn, YouTube, or another external platform, the information you provide may be processed by that platform according to its own privacy policy.
4. How We Use Information
We use information for the following purposes:
| Purpose | Examples |
|---|---|
| Responding to inquiries | Reading and replying to messages sent through the contact form |
| Operating the website | Delivering pages, forms, and basic website functionality |
| Security and abuse prevention | Detecting spam, bots, abuse, malicious activity, or misuse |
| Debugging and maintenance | Investigating technical issues and improving reliability |
| Legal and compliance purposes | Preserving records where needed to protect rights or comply with law |
| Product and business communication | Responding to feedback, suggestions, support requests, or partnership inquiries |
We do not sell personal information.
We do not use contact form submissions for unrelated marketing unless you separately and clearly agree to receive such communications.
5. Legal Bases
Where applicable privacy laws require a legal basis for processing, we rely on one or more of the following:
| Legal Basis | When It May Apply |
|---|---|
| Consent | When you voluntarily submit information through the contact form or contact us |
| Legitimate interests | Website operation, security, abuse prevention, diagnostics, and responding to inquiries |
| Contract or pre-contractual steps | When you contact us about a product, service, support request, or potential business relationship |
| Legal obligation | When processing is required to comply with applicable law |
| Legal claims | When information is needed to establish, exercise, or defend legal rights |
6. Contact Form Processing
The contact form on the website may be processed through Cloudflare Pages Functions or similar serverless infrastructure.
To reduce spam and abuse, the form uses:
- Cloudflare Turnstile;
- a hidden honeypot field;
- basic validation and security checks.
Contact form submissions may be forwarded to internal communication tools, such as a Google Chat webhook or similar internal notification channel, so we can review and respond to messages.
7. Service Providers
We may use trusted service providers to operate, protect, host, and maintain the website.
These may include:
| Provider / Category | Purpose |
|---|---|
| Cloudflare | Hosting, security, Turnstile, CDN, email protection, and anti-abuse features |
| Google or Google Chat webhook | Internal notification and handling of contact form submissions |
| Email providers | Sending, receiving, and managing communications |
| Website hosting and infrastructure providers | Hosting and delivering the website |
| Security and logging tools | Protecting the website and investigating errors or abuse |
These providers may process information only as needed to provide their services to us, subject to their own terms and privacy commitments.
We do not sell personal information to third parties.
8. Product Websites and External Links
The Shiftbright website links to separate product websites and external services.
For example, the website may link to:
- Presentation Font Embedder: https://www.presentationfontembedder.com
- Toosa: https://toosa.co.il
- YouTube
- Facebook Messenger
- app stores or product pages
Those websites and services may collect or process information according to their own privacy policies.
For example, Toosa has its own Privacy Policy:
We are not responsible for the privacy practices of third-party websites or external platforms.
9. Cookies and Similar Technologies
The website may use cookies, local storage, or similar technologies where necessary for basic functionality, security, anti-spam protection, or user experience.
For example, Cloudflare may use cookies or similar technologies for security, bot protection, traffic management, email protection, and Turnstile functionality.
At the time of this policy, we do not use contact form submissions for unrelated marketing purposes, and we do not sell personal information.
If we add analytics, advertising, newsletter tracking, or non-essential cookies in the future, we may update this policy and, where required, request appropriate consent.
10. Data Retention
We keep personal information only for as long as reasonably necessary for the purposes described in this Privacy Policy.
| Type of Information | Typical Retention |
|---|---|
| Contact form submissions | As long as needed to respond to the inquiry and maintain reasonable business records |
| General correspondence | As long as needed for the relationship, support, follow-up, or legal recordkeeping |
| Technical logs and security data | Usually for a limited period, commonly around 14–30 days, unless needed longer for security or legal reasons |
| Anti-spam and abuse-prevention signals | As long as needed to protect the website and investigate misuse |
| Legal or security hold data | Longer where needed for a documented legal, security, abuse-prevention, or dispute-related reason |
We may delete, anonymize, or aggregate information when it is no longer needed.
11. International Transfers
We may use cloud, hosting, security, email, and communication providers that process information in different countries.
Where required by applicable law, we rely on appropriate safeguards for international transfers, such as contractual commitments, data processing terms, adequacy decisions, or other lawful transfer mechanisms.
12. Security
We use reasonable technical and organizational measures designed to protect information, including where appropriate:
- HTTPS encryption in transit;
- Cloudflare security and anti-abuse protections;
- Cloudflare Turnstile for human verification;
- restricted access to contact form submissions;
- use of environment variables or secure configuration for secrets;
- minimization of personal data in logs where practical;
- internal access based on need.
No website or online transmission is completely secure, and we cannot guarantee absolute security.
13. Your Rights
Depending on where you live and which laws apply, you may have rights regarding your personal information, including the right to:
- request access to information we hold about you;
- request correction of inaccurate information;
- request deletion of information, where applicable;
- object to certain processing;
- request restriction of processing;
- request a copy of certain information;
- withdraw consent where processing is based on consent.
To exercise privacy rights, contact us at:
We may need to verify your identity before responding. Some requests may be limited where we need to retain information for legal, security, abuse-prevention, or legitimate business reasons.
14. Children
The Shiftbright website is not directed to children under 13 and is not intended to knowingly collect personal information from children.
If you believe that a child has provided personal information through the website, please contact us at:
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time.
When we update it, we will change the “Last updated” date above. If changes are material, we may provide additional notice where appropriate.
Your continued use of the website after an updated Privacy Policy is posted means that you acknowledge the updated policy.
16. Contact Us
For privacy-related inquiries:
For general inquiries:
For legal notices:
For product support: