Privacy Policy
Last updated: March 19, 2026
osTicket Awesome is a product of Red e Technology (d.b.a. osAwesome), based in Nelson, BC, Canada. This policy describes what personal data we collect through our website at osaweso.me, why we collect it, how we protect it, and what rights you have regarding that data.
We are a Canadian business subject to the Personal Information Protection and Electronic Documents Act (PIPEDA). If you are located in the European Economic Area, the General Data Protection Regulation (GDPR) also applies to our handling of your data.
What We Collect and Why
When You Purchase a Subscription
Our store is powered by WooCommerce. When you purchase an osTicket Awesome subscription, we collect:
- Your name, email address, and billing address
- Payment information (processed by our payment gateway; we do not store credit card numbers on our servers)
- Your order history, subscription status, and associated license keys
We use this information to process your payment, deliver your software license, manage your subscription, and provide customer support.
When Your Installation Contacts Our Server
osTicket Awesome includes a license module that contacts osaweso.me once every 24 hours when a staff member loads the admin panel. Two separate requests are made:
License status check. Your installation sends your license key and domain name to verify your subscription status. Our server responds with your plan tier, expiry date, and installation count.
Diagnostic report. Your installation sends the following:
- Software versions (osTicket Awesome, upstream osTicket, PHP, MySQL/MariaDB)
- Server environment (web server software, operating system)
- Aggregate usage metrics (number of agents, departments, tickets, and custom forms)
- Your license key, installation URL, and language setting
All metrics are aggregate counts. No agent names, email addresses, ticket content, customer data, or attachments are collected. This data helps us provide faster support (we already know your environment when you open a ticket) and informs development decisions (which PHP versions to support, how large typical installations are).
If your installation cannot reach osaweso.me (intranet, firewall, offline), nothing happens. No errors, no degraded functionality.
For a complete field-by-field breakdown, see our Telemetry Disclosure page.
When You Use Our Community Forum
Our forum is powered by wpForo. When you participate in the forum, we store your username, email address, and the content of your posts. Forum access is tied to your subscription status: active subscribers can post, while expired subscribers retain read-only access.
When You Submit a Support or Assistance Request
We use Gravity Forms to collect information needed to provide support, custom work, or migration assistance. Depending on the request, this may include:
- Your name and email address
- Details about your osTicket installation (URL, version, hosting environment)
- Server access credentials (control panel logins, SSH/SFTP credentials, database credentials, osTicket administrator passwords)
Credential handling: Any server credentials submitted through our forms are encrypted at rest in our database using AES-256 encryption. Credentials are excluded from email notifications and are only viewable by the site administrator through the secured WordPress admin interface. All credential-containing form entries are automatically and permanently deleted after 30 days.
We strongly recommend that you change any passwords shared with us after your support request has been completed.
When We Perform Custom Work or Migrations
If you engage us for custom development, migration, or troubleshooting that requires access to your server or osTicket installation, we may be temporarily exposed to data within your helpdesk, including ticket content, end-user information, and system configuration. We access this data solely to perform the work you have requested. We do not copy, retain, or use this data for any other purpose. Upon completion of the work, we remove any local copies of your data and revoke any access credentials you have provided (or request that you do so).
When You Visit Our Website
Our website uses cookies that are essential for the store and forum to function (shopping cart, login sessions). See our Cookie Notice for details.
We do not sell, rent, or share your personal data with third parties for marketing purposes.
Third-Party Services
We use the following third-party services that may process your data:
| Service | Purpose | Their Privacy Policy |
|---|---|---|
| Stripe | Payment processing | Stripe Privacy Policy |
| PayPal | Payment processing | PayPal Privacy Statement Brevo (Sendinblue) Email delivery Brevo Privacy Policy |
We do not share your data with any third parties beyond what is necessary to operate the services described above.
Data Retention
| Data Type | Retention Period |
|---|---|
| Account and order information | Retained for the duration of your subscription and for up to 7 years afterward for tax and accounting compliance |
| License keys and activation records | Retained for the duration of your subscription; deactivated keys are purged upon subscription cancellation |
| Forum posts | Retained indefinitely (you may request deletion) |
| Support request credentials | Automatically deleted after 30 days |
| Support request details (non-credential) | Retained for the duration of your subscription to provide ongoing support context |
| Website cookies | See Cookie Notice |
Data Security
We take reasonable measures to protect your personal data:
- All connections to our website are encrypted via HTTPS/TLS
- Server credentials submitted through our forms are encrypted at rest (AES-256) and automatically purged
- Our server is secured with key-only SSH access, regular security updates, and restricted administrative access
- We are a solo operation; your data is not accessible to employees, contractors, or third parties beyond what is described in this policy
Because osTicket Awesome is self-hosted software, the helpdesk data belonging to your organization is stored on your servers, under your control. We have no access to your helpdesk data unless you explicitly provide it to us for a support engagement.
Your Rights
Under PIPEDA (Canada)
You have the right to:
- Access the personal information we hold about you
- Request correction of inaccurate information
- Withdraw consent for the collection or use of your information (which may affect our ability to provide services)
Under GDPR (European Economic Area)
If you are located in the EEA, you additionally have the right to:
- Request erasure of your personal data
- Request restriction of processing
- Data portability (receive your data in a structured, machine-readable format)
- Object to processing
- Lodge a complaint with your local data protection authority
To exercise any of these rights, please contact us at the address below.
Children’s Privacy
Our services are intended for business use and are not directed at individuals under the age of 16. We do not knowingly collect personal data from children.
Changes to This Policy
We may update this policy from time to time. Material changes will be communicated via email to active subscribers. The “last updated” date at the top of this page reflects the most recent revision.
Contact
If you have questions about this policy or wish to exercise your privacy rights:
Red e Technology
d.b.a. osAwesome
Nelson, BC, Canada
info@rede.ca