Legal · Tray Stack

Privacy Policy

This Privacy Policy explains how New Horizon Code PTY LTD (we, us, or our) collects, uses, stores, discloses, and protects personal information when you use Tray Stack, including the Tray Stack desktop application, website, account services, billing services, support services, updates, and related features.

Last updated
2 June 2026
Effective
2 June 2026

Tray Stack is a desktop utility that scans certain technical information on your local computer to help identify locally running development servers, ports, processes, folders, and related metadata. This Privacy Policy is written to reflect that Tray Stack's core scanning functionality is designed to operate locally on your device.

By using Tray Stack, you agree to the collection and handling of information as described in this Privacy Policy.

  1. Who This Policy Applies To

    This Privacy Policy applies to users of Tray Stack, including:

    1. users of the Tray Stack desktop application;
    2. users who create an account;
    3. users who purchase a licence or subscription;
    4. users who contact us for support;
    5. visitors to our website;
    6. users of trial, beta, preview, or paid versions; and
    7. business or organisational users who use Tray Stack internally.

    If you use Tray Stack on behalf of a company, employer, client, or organisation, you are responsible for ensuring that your use of Tray Stackcomplies with that organisation's privacy, security, and device-use policies.

  2. Summary

    Tray Stack is designed to scan technical information on your own computer so it can show you what local development servers, ports, processes, and projects are running.

    In general:

    1. local scan information is intended to be processed on your device;
    2. Tray Stack does not intentionally upload your full local process list, project folder paths, Git metadata, or local scan results to us as part of ordinary scanning functionality;
    3. we may collect account, billing, licence, activation, support, update, crash, diagnostic, and security information;
    4. if you send us screenshots, logs, support requests, or diagnostic files, those may contain information about your device, projects, folders, processes, or development environment; and
    5. we use personal information to provide, secure, support, bill for, maintain, and improve Tray Stack.
  3. Information Tray Stack May Process Locally

    Tray Stack may process certain information locally on your device to provide its core features.

    Depending on your operating system, permissions, settings, and enabled features, this may include:

    1. listening network ports;
    2. localhost or local network URLs;
    3. running processes;
    4. process names;
    5. process identifiers;
    6. executable paths;
    7. process working directories;
    8. project folder names;
    9. Git repository metadata, where available;
    10. CPU usage;
    11. memory usage;
    12. runtime or process start-time information;
    13. local development server information; and
    14. other similar technical information required to display and manage local processes and development servers.

    This information is referred to in this Privacy Policy as Local Scan Data.

    Local Scan Data may include sensitive technical information, such as project names, folder names, repository names, internal development URLs, or information that identifies your development environment.

    Unless we expressly state otherwise, Local Scan Data is intended to be processed locally on your device and is not intentionally transmitted to us as part of Tray Stack's ordinary scanning functionality.

  4. Information We May Collect

    We may collect the following categories of information.

    Account information

    If you create an account, we may collect:

    1. your name;
    2. email address;
    3. username;
    4. password or authentication information;
    5. account settings;
    6. organisation or team name;
    7. account status;
    8. login history; and
    9. security-related account information.

    We do not store your plain-text password where third-party authentication or hashed password systems are used.

    Billing and payment information

    If you purchase Tray Stack, we or our payment processor may collect:

    1. billing name;
    2. billing email;
    3. billing address;
    4. payment method details;
    5. subscription status;
    6. invoice details;
    7. transaction history;
    8. tax information;
    9. refund or chargeback information; and
    10. plan or licence details.

    Payment card details are usually processed by our payment processor. We do not intend to store full payment card numbers unless expressly stated.

    Licence and activation information

    To activate, validate, renew, or enforce access to Tray Stack, we may collect:

    1. licence key;
    2. account identifier;
    3. subscription or plan status;
    4. Device ID;
    5. activation date;
    6. activation status;
    7. device count;
    8. app version;
    9. operating system type and version;
    10. IP address used during activation;
    11. validation logs; and
    12. information required to prevent licence abuse, fraud, or unauthorised sharing.

    A Device ID may be generated from technical information about your operating system or device. Where possible, this may be hashed or transformed before being sent to us.

    The purpose of a Device ID is to help confirm that a licence is being used within the permitted device limits.

    Website and online service information

    When you visit our website or use online services related to Tray Stack, we may collect:

    1. IP address;
    2. browser type;
    3. device type;
    4. operating system;
    5. pages viewed;
    6. referral URLs;
    7. approximate location based on IP address;
    8. cookie identifiers;
    9. session information; and
    10. analytics and usage information.

    Support information

    If you contact us for support, we may collect:

    1. your name and contact details;
    2. account information;
    3. device and operating system details;
    4. app version;
    5. issue description;
    6. support messages;
    7. screenshots you provide;
    8. logs or diagnostic files you provide;
    9. attachments you submit; and
    10. any other information you choose to include.

    You should not send us source code, passwords, API keys, secrets, private repository information, sensitive project information, client data, health information, financial information, or confidential business information unless it is necessary and you are authorised to share it.

    Crash reports and diagnostics

    Tray Stack may collect crash reports, diagnostics, or technical logs to help us identify errors, improve reliability, and maintain the Software.

    This may include:

    1. app version;
    2. operating system version;
    3. device type;
    4. error messages;
    5. stack traces;
    6. crash timestamps;
    7. performance data;
    8. memory or CPU-related information;
    9. feature usage leading up to an error; and
    10. limited technical context needed to troubleshoot the issue.

    Where practical, diagnostics are designed not to include full Local Scan Data, project contents, source code, passwords, secrets, or private files.

    However, technical logs may sometimes include incidental information, especially if you manually submit logs or screenshots to us.

    Communications information

    If we communicate with you, we may collect:

    1. email messages;
    2. support conversations;
    3. feedback;
    4. survey responses;
    5. product enquiries;
    6. marketing preferences; and
    7. records of notices sent to you.
  5. Information We Do Not Intentionally Collect Through Local Scanning

    As part of ordinary local scanning functionality, Tray Stack is not intended to collect or transmit to us:

    1. your full source code;
    2. private project files;
    3. passwords;
    4. API keys;
    5. environment secrets;
    6. database contents;
    7. browser history;
    8. personal documents;
    9. emails;
    10. photos;
    11. private messages;
    12. full local process history; or
    13. complete file system contents.

    Tray Stack's purpose is to detect and display relevant local development server and process information, not to read or upload the contents of your files.

    However, some project names, folder paths, repository names, local URLs, or technical identifiers may be visible in the Tray Stack interface and may be included if you voluntarily send screenshots, logs, recordings, or support materials to us.

  6. How We Use Information

    We may use information for the following purposes:

    1. to provide Tray Stack;
    2. to create and manage accounts;
    3. to activate and validate licences;
    4. to manage subscriptions and billing;
    5. to process payments, invoices, refunds, and taxes;
    6. to provide support;
    7. to troubleshoot bugs and crashes;
    8. to improve product reliability and performance;
    9. to provide updates and security patches;
    10. to prevent fraud, abuse, licence sharing, and unauthorised access;
    11. to enforce our Terms of Service and EULA;
    12. to communicate with you about your account, subscription, product updates, or support requests;
    13. to send service notices;
    14. to send marketing communications where permitted;
    15. to comply with legal obligations;
    16. to protect our legal rights; and
    17. to maintain the security and integrity of Tray Stack.
  7. Local Scan Data

    Local Scan Data is primarily used to display information inside Tray Stack on your device.

    We do not claim ownership over Local Scan Data.

    You are responsible for ensuring you are permitted to process Local Scan Data on the device where Tray Stack is installed.

    If you use Tray Stack on a work, client, school, managed, or shared device, you should confirm that you have permission to scan local process, port, and project information.

    You should also consider whether Local Scan Data may reveal confidential information, such as internal project names, client names, repository names, or development URLs.

  8. Device ID and Licence Validation

    Tray Stack may use a Device ID for licence validation, activation limits, fraud prevention, and subscription enforcement.

    A Device ID may be generated from device or operating system information and may be hashed or transformed before being sent to us.

    We use Device IDs to:

    1. bind a licence to a device;
    2. prevent licence sharing;
    3. manage device limits;
    4. identify suspicious activation activity;
    5. enable offline or grace-period validation; and
    6. help you manage legitimate reactivations.

    Depending on applicable law, a Device ID may be considered personal information because it can relate to a specific user account or device.

  9. Cookies and Similar Technologies

    Our website and online services may use cookies, pixels, local storage, or similar technologies.

    These may be used to:

    1. keep you logged in;
    2. remember preferences;
    3. provide security features;
    4. analyse website performance;
    5. understand product interest;
    6. improve website functionality;
    7. prevent fraud or abuse; and
    8. support marketing or attribution.

    You can usually manage cookies through your browser settings.

    Some cookies are necessary for the website or account services to function. Disabling them may affect your ability to use certain features.

  10. Analytics and Telemetry

    We may use analytics or telemetry to understand how Tray Stack and related services are used, improve performance, identify bugs, and make product decisions.

    Analytics or telemetry may include:

    1. app version;
    2. operating system;
    3. feature usage;
    4. installation or activation events;
    5. crash frequency;
    6. performance events;
    7. approximate region; and
    8. subscription or plan type.

    Where reasonable, we aim to minimise telemetry and avoid collecting sensitive Local Scan Data.

    If optional telemetry controls are available, you may be able to disable certain analytics or diagnostics in the app settings.

    Some technical information may still be collected where necessary for licence validation, security, fraud prevention, billing, updates, or legal compliance.

  11. When We Share Information

    We may share personal information with:

    1. hosting providers;
    2. database providers;
    3. authentication providers;
    4. payment processors;
    5. billing and invoicing providers;
    6. analytics providers;
    7. crash reporting and diagnostics providers;
    8. support and helpdesk providers;
    9. email and communication providers;
    10. fraud prevention and security providers;
    11. professional advisers, such as lawyers, accountants, and auditors;
    12. regulators, courts, law enforcement, or government agencies where required; and
    13. buyers, successors, or parties involved in a merger, acquisition, restructure, financing, or sale of business assets.

    We do not sell your personal information to advertisers.

    We do not intentionally share your Local Scan Data with third parties as part of ordinary local scanning functionality.

  12. Third-Party Providers

    Tray Stack may rely on third-party providers for services such as:

    1. payments;
    2. authentication;
    3. hosting;
    4. database storage;
    5. website analytics;
    6. email delivery;
    7. support management;
    8. crash reporting;
    9. update distribution; and
    10. fraud prevention.

    Third-party providers may process information according to their own terms and privacy policies.

    We use reasonable efforts to work with reputable providers, but we are not responsible for the privacy practices of third-party websites, services, or platforms that we do not control.

  13. International Transfers

    Your information may be processed or stored in countries other than the country where you live.

    These countries may have privacy laws that differ from your local laws.

    Where required, we will take reasonable steps to protect personal information transferred internationally, including through contractual safeguards or other lawful transfer mechanisms.

    If you require a specific data residency arrangement, you should contact us before using Tray Stack in a regulated or enterprise environment.

  14. Data Retention

    We retain personal information only for as long as reasonably necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

    Retention periods may vary depending on the type of information.

    For example:

    1. account information may be retained while your account remains active;
    2. billing records may be retained as required for tax, accounting, and legal compliance;
    3. licence activation records may be retained to manage licensing, security, and fraud prevention;
    4. support records may be retained to provide ongoing support and maintain a history of issues;
    5. crash reports may be retained for troubleshooting and product improvement; and
    6. backups may retain information for a limited period before deletion or overwrite.

    When information is no longer required, we will delete, de-identify, or securely archive it where reasonable.

  15. Security

    We take reasonable steps to protect personal information against misuse, interference, loss, unauthorised access, modification, or disclosure.

    Security measures may include:

    1. access controls;
    2. authentication systems;
    3. encryption in transit where appropriate;
    4. hashed or transformed identifiers where appropriate;
    5. restricted access to production systems;
    6. monitoring and logging;
    7. secure third-party providers;
    8. staff or contractor access controls; and
    9. operational security practices.

    No software, network, system, or method of transmission is completely secure.

    You are responsible for securing your own device, account credentials, licence key, local development environment, source code, secrets, and backups.

  16. Your Responsibilities

    You are responsible for:

    1. only installing Tray Stack on devices you own or are authorised to use;
    2. complying with workplace, client, school, or organisational policies;
    3. reviewing what information is visible before sharing screenshots or logs;
    4. not sending us source code, secrets, credentials, or confidential information unless necessary and authorised;
    5. keeping your account credentials secure;
    6. keeping your device secure;
    7. maintaining backups of your work; and
    8. ensuring your use of Tray Stack complies with applicable law.
  17. Your Privacy Rights

    Depending on where you live, you may have rights to:

    1. access personal information we hold about you;
    2. request correction of inaccurate information;
    3. request deletion of certain information;
    4. object to certain processing;
    5. restrict certain processing;
    6. request a copy of certain information in a portable format;
    7. withdraw consent where processing is based on consent;
    8. opt out of marketing communications; and
    9. make a complaint to a privacy regulator.

    To exercise privacy rights, contact us at privacy@newhorizoncode.io.

    We may need to verify your identity before responding.

    Some information may need to be retained for legal, billing, security, fraud prevention, dispute resolution, or legitimate business reasons.

  18. Marketing Communications

    We may send you product updates, launch notices, educational content, offers, or marketing communications where permitted by law.

    You can opt out of marketing emails by using the unsubscribe link or contacting us.

    Even if you opt out of marketing, we may still send service-related communications, including billing notices, account notices, security alerts, support messages, legal notices, and important product updates.

  19. Children

    Tray Stack is not intended for children.

    You must not use Tray Stack if you are under the age required to consent to these terms and privacy practices in your jurisdiction.

    We do not knowingly collect personal information from children.

    If we become aware that we have collected personal information from a child without appropriate consent, we will take reasonable steps to delete it.

  20. Business and Workplace Use

    If Tray Stack is used in a business, workplace, client, school, or managed environment, the relevant organisation may have its own rules, monitoring practices, security policies, and privacy obligations.

    You are responsible for ensuring that:

    1. you have permission to install Tray Stack;
    2. your use complies with internal policies;
    3. local scanning is permitted;
    4. any support materials you send us are authorised; and
    5. you do not disclose confidential, client, employee, regulated, or sensitive information without permission.

    If an organisation purchases or manages Tray Stack for its users, that organisation may control access, billing, account status, licence assignment, and related administrative information.

  21. Sensitive Information

    Tray Stack is not designed to collect sensitive personal information, such as health information, biometric information, racial or ethnic origin, religious beliefs, political opinions, union membership, criminal history, or sexual orientation.

    You should not provide sensitive personal information to us unless it is necessary and you are authorised to do so.

    If you include sensitive information in support requests, screenshots, logs, attachments, or communications, we may process it only as needed to respond, comply with law, protect rights, or maintain records.

  22. AI Features

    If Tray Stack later includes AI-powered features, such as process explanations, project summaries, error analysis, or support automation, additional privacy terms may apply.

    Such features may require sending selected information to an AI provider or processing service.

    We will aim to provide notice before enabling AI features that transmit user-selected information outside your device.

    You should not submit source code, secrets, credentials, confidential client information, or sensitive personal information to AI features unless you are authorised and understand how the information will be processed.

  23. Changes to This Privacy Policy

    We may update this Privacy Policy from time to time.

    If we make material changes, we may notify you by:

    1. posting the updated policy on our website;
    2. showing an in-app notice;
    3. sending an email; or
    4. using another reasonable method.

    The updated Privacy Policy will apply from the effective date stated above.

    Your continued use of Tray Stack after the updated Privacy Policy takes effect means you acknowledge the updated policy.

  24. Contact Us

    For questions, requests, or complaints about this Privacy Policy or our handling of personal information, contact us at:

    Company
    New Horizon Code PTY LTD
    Trading name
    Tray Stack
    Privacy email
    privacy@newhorizoncode.io
    Support
    support@traystack.dev
    Website
    traystack.dev
    Address
    Suite 121 Level 14, 167 Eagle Street, Brisbane QLD 4000 Australia
  25. Australian Privacy Notice

    If we are subject to the Privacy Act 1988 (Cth) and the Australian Privacy Principles, we will handle personal information in accordance with those requirements.

    You may contact us to request access to or correction of your personal information.

    If you have a privacy complaint, please contact us first using the details above. We will take reasonable steps to respond.

    If you are not satisfied with our response, you may be able to contact the Office of the Australian Information Commissioner.

  26. Plain-English Summary

    Tray Stack scans your computer locally so it can show you running development servers, ports, processes, and project information.

    We do not intend to upload your full local scan results to our servers during normal use.

    We may collect information for accounts, billing, licence activation, updates, support, crash reports, diagnostics, security, and legal compliance.

    Be careful when sending screenshots or logs to support, because they may include project names, folder paths, repository names, local URLs, or other technical information.

    Only install Tray Stack on computers you own or are authorised to use.