Privacy Policy

01 — Information We Collect

What We Collect

We only collect information necessary to provide and improve our service. This falls into two broad categories:

Information you provide: name, email address, account credentials, and any content you submit directly to us.
Usage data: pages visited, features used, time spent, device type, browser, and IP address collected automatically.
Communication data: messages you send us via support, email, or contact forms.
Payment data: processed by our payment provider; we do not store card details on our servers.

We never sell your personal data to third parties. Full stop.

02 — How We Use Your Information

Purpose of Processing

Your data is used for specific, legitimate purposes:

To create and manage your account and deliver our core services.
To send transactional emails (receipts, security alerts, password resets).
To improve our product through aggregated, anonymised analytics.
To comply with legal obligations and enforce our Terms of Service.
To respond to your enquiries and provide customer support.

We do not use your data for automated decision-making that produces legal or similarly significant effects without human review.

03 — Sharing & Disclosure

Who Sees Your Data

We share data only in these limited circumstances:

Service providers: vetted vendors (hosting, analytics, payment) under strict data processing agreements.
Legal requirements: when required by valid court order, subpoena, or applicable law.
Business transfers: if we merge or are acquired, your data may transfer; you will be notified in advance.
With your consent: any other sharing requires your explicit, informed approval.

04 — Cookies & Tracking

Cookies We Use

We use a minimal set of cookies to keep the service working and to understand aggregate usage:

Essential cookies: session management and security tokens — cannot be disabled.
Analytics cookies: anonymised, aggregated usage statistics (e.g. Google Analytics with IP anonymisation).
Preference cookies: store your language and theme settings across visits.

You can manage cookie preferences through your browser settings or our in-app consent banner. Disabling non-essential cookies does not affect core functionality.

05 — Data Retention

How Long We Keep It

We keep personal data only as long as necessary for the purpose it was collected or as required by law:

Account data is retained for the lifetime of your account plus 90 days after deletion.
Anonymised analytics data may be kept indefinitely for product improvement.
Support correspondence is retained for 3 years from last contact.
Financial records are retained for 7 years to comply with tax regulations.

06 — Your Rights

Control Over Your Data

Depending on your location (including GDPR and CCPA jurisdictions), you may have the right to:

Access: request a copy of all personal data we hold about you.
Correction: ask us to correct inaccurate or incomplete data.
Deletion: request erasure of your data ("right to be forgotten").
Portability: receive your data in a structured, machine-readable format.
Objection: object to processing based on legitimate interests or direct marketing.
Restriction: request that we limit how we process your data.

To exercise any right, contact us using the form below. We will respond within 30 days.

07 — Security

How We Protect Your Data

We apply industry-standard security measures including TLS encryption in transit, AES-256 encryption at rest, access controls with least-privilege principles, and regular third-party security audits.

No system is completely secure. In the event of a data breach that affects your rights, we will notify you within 72 hours in accordance with applicable law.

08 — Children's Privacy

Under 13 Policy

Our service is not directed at children under 13 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us immediately and we will delete it promptly.

09 — Policy Changes

Updates to This Policy

We may update this Privacy Policy periodically. For material changes, we will notify you by email or prominent in-app notice at least 14 days before the change takes effect. Continued use of our service after that date constitutes acceptance of the revised policy.

The version date at the top of this page always reflects when the policy was last changed.