Binboi may collect account information such as name, email address, avatar, and sign-in metadata when authentication providers are enabled.

The product also stores access-token metadata such as token name, prefix, creation time, last-used time, revocation state, and a secure hash of the token. Raw token values are not stored after creation.

For operating the tunnel platform, Binboi may process tunnel metadata, request counts, byte counts, event logs, IP information, and webhook or request metadata that passes through the relay.

We use data to operate the control plane, authenticate CLI sessions, maintain audit trails, prevent abuse, debug failures, and improve the reliability of the product.

If you enable AI-assisted search or summaries, the assistant uses server-side context and optional environment-configured model access to answer product questions. Secrets are not intended to be sent to the client browser.

Binboi is built for developer workflows, not for silently processing unlimited sensitive production traffic.

Operators should avoid tunneling highly regulated or internal-only systems through public URLs unless they control the deployment, logging, domain, and security boundaries.

Where request or webhook inspection exists, it should be treated as operational tooling. Keep payload retention narrow and avoid sending secrets that do not need to traverse the tunnel.

Account records, token metadata, and event logs may be retained for operational, security, and audit purposes for as long as reasonably necessary.

Where practical, operators can revoke tokens, delete local data stores, or remove self-hosted infrastructure to limit retained information.

Binboi stores access tokens as hashes plus prefixes, uses revocation states, and aims to keep operational credentials separate from dashboard account access.

No software system is perfectly secure, especially in early-stage infrastructure products. Operators remain responsible for deployment choices, network exposure, firewall rules, and edge TLS.

If you have privacy questions, requests, or concerns, contact the project operator through the repository or the company channels referenced on the Binboi website.

This privacy policy may evolve as Binboi adds managed infrastructure, billing, more formal data processing relationships, or broader team features.