Privacy Policy
Introduction
Your privacy is important to us. This Privacy Policy outlines how we collect, use, and protect your information when you access our website. By using our platform, you consent to the data practices described in this policy, subject to your rights and controls described below.
Data Collection and Use
We collect personal information only when necessary to provide and improve our services. This may include:
- Identifiers (e.g., name, email address)
- Usage data (e.g., IP address, browser type, activity logs)
- Interactions with support or feedback forms
This data enables us to operate the platform, personalize features, maintain security, and analyze trends.
Legal Basis for Processing
We process your personal data based on one or more of the following legal bases:
- Your consent (e.g., for analytics or marketing)
- Performance of a contract (e.g., providing services you subscribe to)
- Our legitimate interests (e.g., platform optimization, fraud prevention)
- Compliance with legal obligations
Cookies and Tracking Technologies
We use cookies and similar technologies to analyze usage and enhance user experience. These tools may set cookies in your browser and collect behavioral and technical data. Where required by law, these cookies will only be activated after obtaining your consent. You may manage or withdraw cookie preferences using your browser settings.
Data Sharing and Disclosure
We do not sell your personal information. We may share personal data only in the following circumstances:
- With trusted third-party service providers (e.g., hosting, analytics, support), under strict confidentiality and data protection agreements
- To comply with legal obligations or valid governmental requests
- In connection with a business transfer (e.g., merger, acquisition)
Subprocessors
We use subprocessors to deliver certain parts of our service infrastructure. These include cloud platforms (e.g., AWS or equivalent), analytics providers, and customer support systems. All subprocessors are bound by contractual agreements to ensure data protection compliance. A complete list is available upon request.
International Data Transfers
Your personal data may be transferred to and processed in countries outside your own. In such cases, we ensure appropriate safeguards, such as Standard Contractual Clauses (SCCs) or other lawful transfer mechanisms approved by regulators.
Data Retention
We retain personal data only as long as necessary to fulfill our services or legal obligations. Anonymous or aggregated data may be retained for analytics. You may request deletion of your data at any time (see below).
Your Rights
Depending on your jurisdiction (e.g., EU, UK, California), you may have the following rights:
- Access your personal data
- Correct or update inaccuracies
- Request deletion ("right to be forgotten")
- Object to or restrict processing
- Withdraw consent (where applicable)
- Request a copy of your data (data portability)
- Lodge a complaint with a data protection authority
To exercise these rights, please contact us.
California Privacy Rights (CCPA)
If you are a California resident, you also have the right to:
- Request to know what personal data we collect and share
- Request deletion of your personal data
- Opt-out of the "sale" or "sharing" of your data (we do not sell data)
Data Security
We use industry-standard measures to protect your data, including TLS for encryption in transit and AES-256 encryption at rest. Access is controlled via role-based permissions and security monitoring. No system is 100% secure, but we implement best practices to reduce risk.
Business Transfers
If our company is involved in a merger, acquisition, or asset sale, your data may be transferred. We will notify affected users and honor the protections outlined in this Privacy Policy.
Data Processing Agreement (DPA)
If you are a business customer and we process personal data on your behalf, our Data Processing Agreement (DPA) governs that relationship. The DPA includes GDPR-required terms and is available upon request or linked in applicable contracts.
Children's Privacy
Our platform is not directed to or intended for use by individuals under the age of 13 in the United States, or under the age of digital consent as defined by applicable data protection laws in other jurisdictions (typically 13 to 16 years old). We do not knowingly collect personal data from children. If you believe we've collected such data, please contact us to request removal.
Changes to This Privacy Policy
We may update this Privacy Policy periodically. Material changes will be posted here and, where appropriate, notified by email. Continued use of our platform after changes constitutes your acceptance of the updated terms.
Contact
If you have questions, concerns, or data-related requests, contact us.