Privacy Policy

Last updated: 20 March 2026

Who we are

Kitted is developed and sold by Hypericon. References to "we", "us", and "our" in this policy refer to Hypericon. You can contact us at [email protected].

What data we collect and why

Licence purchases

When you purchase a licence we collect your email address. We use this to deliver your licence key and to provide purchase-related support. Your email is stored in our licence database hosted on DigitalOcean (EU region). We do not use it for marketing without your explicit consent.

Payment is processed by Stripe. We never see or store your card number or full payment details — these go directly to Stripe and are subject to Stripe's own privacy policy. We receive only a transaction confirmation and the last four digits of the card used.

Licence activation

When you activate Kitted on a machine, we record a machine identifier derived from hardware properties of that computer. This is used solely to enforce the per-seat licence limit and to allow you to deactivate a seat and move your licence to a different machine. Machine identifiers are stored alongside your licence key in our licence database.

Periodic check-ins

The application periodically contacts our licence server to confirm that your licence is still active. These requests include your licence key and machine identifier. No usage data, telemetry, or personal files are transmitted.

This website

This marketing and documentation site is static and hosted on Netlify. We use Plausible Analytics to understand how visitors use the site. Plausible is a privacy-focused analytics tool: it does not use cookies, does not track you across sites, and does not collect any personally identifiable information. Aggregate, anonymised visit data is stored on Plausible's EU-based infrastructure; see Plausible's privacy policy. Netlify may also collect standard web server access logs (IP address, browser type, page requested) as part of its hosting service; see Netlify's privacy policy.

How we store and protect your data

Our licence database is an SQLite file stored on a DigitalOcean-managed server. Access is restricted to authenticated requests from the application and to Hypericon staff via a private admin token. The server communicates exclusively over HTTPS/TLS. We take reasonable technical measures to protect the data, but no internet transmission is completely secure.

How long we keep your data

We retain your email address and activation records for as long as your licence is active plus a reasonable support period (currently 3 years after last activity). You may request deletion at any time — see "Your rights" below.

Who we share your data with

We do not sell or rent your personal data. We share it only as follows:

  • Stripe — processes your payment. Stripe is a data controller in its own right for payment data.
  • DigitalOcean — hosts our licence server. They process data on our behalf as a data processor.
  • Netlify — hosts this website. They may collect standard server logs.
  • Plausible Analytics — provides anonymised, cookie-free website analytics. No personal data is shared.

We will disclose data if required to do so by law or a court order.

Your rights

Under UK GDPR and applicable data protection law you have the right to:

  • Request a copy of the personal data we hold about you
  • Ask us to correct inaccurate data
  • Ask us to delete your data (subject to any legal retention obligations)
  • Object to our processing of your data
  • Withdraw consent where processing is based on consent

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

Cookies

This website does not use cookies. The desktop application does not use cookies. Plausible Analytics is cookieless by design. If you log in to a future account portal, a session cookie will be set on that subdomain only and will be explained separately at that time.

Children's privacy

Kitted is a business application not directed at children. We do not knowingly collect personal data from anyone under 16.

Changes to this policy

We may update this policy from time to time. The "last updated" date at the top of this page will reflect any changes. Continued use of your licence after a material change constitutes acceptance of the revised policy.

Contact

Questions about this policy? Email [email protected].