Privacy Policy

Last updated: March 30, 2026

Callout (“we”, “us”, or “our”) operates the withcallout.com website and the Callout embeddable widget (collectively, the “Service”). This Privacy Policy explains how we collect, use, and protect information when you use our Service.

1. Information We Collect

We collect data in two contexts: from site visitors (people who visit withcallout.com) and from end users (people who interact with the Callout widget embedded on a customer's website).

Site visitors:

• Basic analytics data (page views, referrer, country) via privacy-friendly analytics
• Information you voluntarily provide (e.g. email address if you contact us)

End users (widget interactions):

• Screenshots captured and annotated by the user
• Bug report description text entered by the user
• Browser and OS details (name, version, viewport, resolution)
• Current page URL
• JavaScript console errors (if enabled by the project owner)
• Session replay links (if a supported replay tool is detected)
• IP address (used for rate limiting and abuse prevention)
• User identity information (if provided by the customer's authentication system)

2. How We Use Information

We use the information collected to:

• Deliver bug reports to the customer's configured issue tracker (GitHub, Linear, or Jira)
• Improve and maintain the Service
• Respond to support requests
• Monitor for abuse and ensure platform security

3. Data Sharing

We do not sell your data. Bug report data is delivered to the customer's configured issue tracker and is governed by that platform's own privacy policy. We may share data with service providers who help us operate the Service (e.g. hosting, database), subject to confidentiality obligations.

4. Cookies

The withcallout.com website may use essential cookies for functionality (e.g. authentication sessions). The embeddable widget does not set any cookies. We do not use third-party advertising cookies.

5. Data Retention

Bug report data (screenshots, descriptions, metadata) is stored on our servers to power the customer dashboard and is delivered to the customer's configured issue tracker. Customers may delete individual reports from their dashboard at any time. IP addresses are retained alongside reports for abuse prevention. Analytics data is retained for up to 12 months.

6. Data Security

We use industry-standard security measures to protect data in transit (TLS encryption) and at rest. However, no method of electronic transmission or storage is 100% secure.

7. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, delete, or export your personal data. To exercise these rights, contact us at the email below.

8. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the “Last updated” date above.

10. Contact

If you have questions about this Privacy Policy, contact us at [email protected].