Privacy Policy
Scope
This policy governs all personal information collected when you use the service via web, mobile, or API. It explains how data is collected, processed, stored, and protected. Continued use implies acceptance of these practices. Please review periodically for any updates.
Information Collected
We collect only the minimum data required for core functionality, such as email addresses, user identifiers, device metadata, and usage logs. Collection occurs through explicit user input (e.g., registration forms) and automatic processes (e.g., cookies, server logs). No sensitive categories (health, financial, biometric) are ever requested. Each collection point clearly states its purpose.
Purpose of Use
Personal information is used to authenticate users, maintain security, and diagnose technical issues. Aggregate, anonymized metrics help optimize performance and guide feature development. We never sell or rent personal data to third parties without explicit, separate consent. Any new uses of data will be communicated and require opt-in.
Cookies & Tracking
Essential cookies support login sessions, security tokens, and site performance. Non-essential analytics cookies remain disabled until you explicitly enable them in settings. Third-party advertising trackers are never deployed without separate consent. Cookie preferences can be managed through your browser or account dashboard.
Data Security
All data in transit is encrypted using industry-standard protocols (e.g., TLS). Information at rest is encrypted with robust algorithms (e.g., AES-256) and stored in access-controlled environments. Internal access requires multi-factor authentication and role-based controls. Regular security audits and vulnerability assessments help ensure ongoing protection.
Data Retention
Personal data is retained only as long as necessary to fulfill its original purpose, typically no more than twenty-four months after last activity. After this period, data is securely deleted or irreversibly anonymized. Backup copies are purged within ninety days following the end of the active retention period. Retention schedules are reviewed at least annually.
User Rights
You have the right to request access to, correction of, or deletion of your personal data at any time. Requests are processed within thirty calendar days, subject to legal obligations. Data essential for compliance or dispute resolution may be retained in anonymized form. You may also withdraw previously granted consents for optional processing.
Breach Notification
In the event of a confirmed breach affecting personal data, affected individuals will be notified within seventy-two hours of breach confirmation. Notifications include the nature of the breach, categories of data involved, and recommended protective steps. Regulatory authorities are informed as required by law. A thorough post-incident review will guide future improvements.
Anonymization & Aggregation
Direct identifiers (e.g., names, emails) are removed or replaced with irreversible pseudonyms before analytics or reporting use. Aggregated statistics contain no individual-level information and cannot be traced back to specific users. Anonymized data may be retained indefinitely for research and performance tuning. This approach preserves user privacy while enabling actionable insights.
Third-Party Processors
Data is shared only with essential third-party providers (e.g., hosting, payment, email) under strict data protection agreements. Each processor is audited regularly for compliance with our privacy standards. No data is shared with marketing or advertising networks without explicit consent. All transfers are logged and available for audit.
Policy Updates
This policy is reviewed and updated at least once per year or whenever significant legal or operational changes occur. Material revisions are communicated via in-service notifications and email at least fourteen days before taking effect. Continued use after the effective date signifies acceptance of revised terms. Archived versions remain accessible for transparency.
