In order to provide up-to-date bypasses, Universal Bypass sends a request to Github every hour, and if a new commit is found, it will download the latest "injection script."
For this, Github's privacy policy applies.
When Crowd Bypass (Options > "Give and take the destinations of unbypassable shorteners.") is enabled, a request to my server is being sent for it to work, of which I store nothing.
I use Clouflare and their privacy policy applies to you as an "End User."