Last updated: 2026-01-26
This Privacy Policy explains how Midnightsun Partners LLC ("we", "us", or "our") collects, uses, and protects information in connection with any software, integrations, scripts, tools, or services we provide (collectively, the "Services").
This Policy applies to all integrations and services we operate on your behalf, including services that connect to third-party platforms, systems, or APIs that you authorize.
By using the Services, you agree to the collection and use of information in accordance with this Privacy Policy.
We aim to collect and log only the minimum information necessary to operate, secure, and troubleshoot the Services. The types of information we may process include:
Information necessary to connect to third-party platforms, services, systems, or APIs you authorize, such as:
OAuth tokens, API keys, or similar credentials and related metadata
Integration configuration settings (e.g., entities, fields, mappings, schedules)
Limited account or tenant identifiers required to perform integrations or automations
To operate, secure, and debug the Services, we may collect and log:
Timestamps and event types (e.g., operation started, completed, or failed)
Request or payload identifiers
Payload sizes or metadata
HTTP status codes and request/response headers
Error codes and error messages
While we strive to avoid storing full payloads, limited customer data may occasionally appear in logs when necessary to investigate errors or failures.
The Services operate by reading, writing, or synchronizing data between systems you authorize. Depending on your configuration, this may include business, financial, customer, vendor, transactional, or other operational data stored in those systems.
We do not collect or use this data for our own purposes. We process it solely to perform the integrations, automations, or workflows you configure or request.
We access third-party systems and data only to the extent necessary to provide the Services.
In many cases, we process data strictly on behalf of our customers as a service provider or data processor, and our customers determine the purposes and means of processing.
If you contact us for support, onboarding, or operational communication, we may collect:
Name
Email address
Organization or company name
Information you include in your communications
We use the information we collect to:
Provide and operate the Services
Monitor, maintain, and secure the Services
Investigate and resolve errors, incidents, or failures
Communicate with you regarding operational or support matters
Improve reliability, performance, and usability of the Services (including through aggregated or anonymized analysis)
We do not sell or rent your data and do not use customer data for advertising purposes.
Where applicable (for example, if you are in the EEA or UK), we rely on the following legal bases to process information:
Performance of a Contract - To provide the Services you have requested or configured.
Legitimate Interests - To maintain, secure, and improve the Services, including logging, monitoring, and debugging.
Consent - Where required by law for specific activities. You may withdraw consent at any time where we rely on it.
Compliance with Legal Obligations - Where processing is necessary to comply with applicable legal requirements.
We may share information only in the following limited circumstances:
With service providers or subprocessors that support our infrastructure, subject to contractual confidentiality and security obligations
With third-party platforms you authorize, at your direction
To comply with legal obligations or protect rights, safety, and security
We do not share customer data with third parties for independent marketing or unrelated purposes.
We retain information only for as long as reasonably necessary. Retention periods vary depending on the type of data and the purposes described in this Policy, including:
Providing and maintaining the Services
Meeting legal, accounting, or compliance obligations
Resolving disputes and enforcing agreements
Operational logs and technical records may be retained for limited periods for security and troubleshooting, after which they may be deleted, anonymized, or aggregated.
Backups, security logs, and incident investigation records may persist for a limited time after deletion to ensure system integrity and compliance.
You may request deletion of certain data (subject to our legal obligations and technical limitations) by contacting us at blake@midnightsun.ai.
We implement reasonable technical and organizational measures designed to protect information against unauthorized access, disclosure, alteration, or destruction.
No method of transmission over the Internet or method of electronic storage is 100% secure. While we work to protect your data, we cannot guarantee absolute security.
You are responsible for securing access to any third-party systems you connect, including managing credentials, permissions, and configurations.
We are not responsible for unauthorized access resulting from your failure to secure your accounts or credentials.
Depending on your location and our infrastructure, data may be processed in countries outside your own. Where required, we take steps to ensure an adequate level of protection for data transferred internationally, consistent with applicable data-protection laws.
Where applicable, we rely on lawful transfer mechanisms such as standard contractual clauses or other legally recognized safeguards.
Depending on your jurisdiction, you may have certain rights with respect to your personal data, such as:
Access to your personal data
Correction or deletion
Restriction or objection to processing
Data portability
Requests can be submitted by contacting blake@midnightsun.ai. We may require verification of your identity before fulfilling certain requests and may be unable to act on requests where we process data strictly as a processor on behalf of a customer (in which case you may need to contact that customer or organization directly).
We will respond to requests within a reasonable time and in accordance with applicable law. Certain requests may be denied or limited where permitted by law or where fulfilling them would impact the rights of others.
The Services are not directed to children under the age of 16, and we do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us at blake@midnightsun.ai so we can take appropriate action.
We may revise this Privacy Policy periodically. Material changes will be communicated by posting the updated Policy or through other appropriate notice.
The "Last updated" date will reflect the effective date of the revision.
Your continued use of the Services after any update signifies your acceptance of the revised Policy.
For questions about this Privacy Policy or our data practices, contact:
Midnightsun Partners LLC
2212 Sawmill Creek Road, Sitka, AK 99835 USA