Privacy Policy
Applicability
This policy applies to all personal data collected, stored, and processed when you interact with the service on web, mobile, or through APIs. It outlines data collection methods, purposes, and protective measures. Continued use of the service signifies acceptance of these practices. Please revisit this policy periodically for updates.
Data We Collect
We collect basic personal data—such as email, username, IP address, device information, and usage logs. Data is gathered via user input (e.g., registration, feedback) and automatically through cookies and server logs. No sensitive personal data (e.g., financial, health, or biometric) is ever requested. Each data collection point clearly states the purpose of processing.
Purpose of Processing
Personal data is used to authenticate access, maintain security, and provide customer support. Aggregate, anonymized analytics guide performance optimizations and feature development. We do not share personal data with advertisers or marketing partners without separate, explicit consent. Any additional processing purposes will be publicly announced and require opt-in.
Cookies & Tracking
Essential cookies maintain session state, security tokens, and core functionality. Non-essential cookies for analytics and performance remain disabled until you enable them. Third-party advertising cookies are never placed without your explicit consent. You may manage cookie preferences via browser settings or account controls.
Security Measures
All data in transit is encrypted using HTTPS/TLS to protect against eavesdropping. Data at rest is protected by encryption (e.g., AES-256) and stored in secure environments. Access is restricted by role-based controls and multi-factor authentication. We conduct regular security assessments and pen tests to identify and fix vulnerabilities.
Retention & Deletion
Personal data is retained only as long as necessary for the original purpose, generally not exceeding 24 months from last user activity. Backups are purged within 90 days after active retention periods expire. Anonymized data sets may be retained indefinitely for research and analysis. Our retention schedule is available upon request.
User Rights
You have the right to access, correct, and delete your personal data at any time by submitting a request through your account or support channels. We respond to valid requests within 30 calendar days, subject to legal constraints. Data required for compliance or dispute resolution may remain in anonymized form. You may also withdraw any previously granted consent for optional processing.
Data Breach Notification
If a confirmed data breach affects your personal information, you will be notified within 72 hours of breach confirmation. The notification will include details on the breach’s nature, data categories involved, and recommended protective steps. Relevant regulatory authorities will be informed according to applicable laws. A post-incident review will inform future safeguards.
Automated Decision-Making
Automated systems may analyze anonymized data to detect fraud or optimize resource usage. If an automated decision materially affects your account status, you will receive notice and have the right to request human review. Non-critical personalization features operate only with your explicit consent. All automated processes are documented and subject to audit.
Third-Party Processors
We share data only with third-party providers essential for service operation (e.g., hosting providers, payment processors, email services) under strict data protection agreements. Each processor is audited regularly to ensure compliance with our privacy standards. No personal data is shared for marketing or advertising without separate opt-in. All third-party transfers are logged and available for review.
Policy Updates
This policy is reviewed and updated at least once per year or whenever significant legal or operational changes occur. Material updates will be communicated via in-service notices and email at least 14 days before they take effect. Continued use of the service after the effective date indicates acceptance of revised terms. Archived versions remain accessible for transparency.
