📋 Privacy at a Glance
No Data Selling
We never sell your data to third parties. Period.
End-to-End Encryption
Your data is encrypted with keys you control.
Minimal Data Collection
We only collect what's necessary for the service.
You're in Control
Export, delete, or modify your data anytime.
📊 Information We Collect
👤 Account Information
Basic information needed to create and manage your account:
- Email address (for login and communications)
- Name and optional profile information
- Password (hashed with bcrypt)
- Authentication tokens and session data
📈 Usage Analytics
Aggregated, anonymized data to improve our service:
- Feature usage patterns (no personal identifiers)
- Performance metrics and error reports
- Session duration and frequency
- Geographic region (country level only)
💬 Support Communications
Information you provide when contacting support:
- Support tickets and chat transcripts
- Email communications
- Diagnostic information you share
- Feedback and feature requests
🔧 Technical Data
Technical information for service operation:
- IP address (for security and rate limiting)
- Browser type and version
- Device information and screen resolution
- Referrer and landing page data
🚫 Information We NEVER Collect
We believe in privacy by design. Here's what we don't do:
No Personal Project Content
Your project data, code, documents, and creative content never touch our servers.
No Third-Party Tracking
We don't use Facebook Pixel, Google Analytics, or other invasive tracking.
No Data Mining
We don't analyze your content for advertising or sell insights to third parties.
No Location Tracking
We don't track your precise location - only country-level for compliance.
🎯 How We Use Your Information
| Data Type | Primary Use | Retention Period | Your Control |
|---|---|---|---|
| Account Information | Service delivery, authentication | Until account deletion | Full control - export/delete anytime |
| Usage Analytics | Service improvement, bug fixes | 13 months (aggregated) | Opt-out available in settings |
| Support Data | Customer support | 2 years (or until resolved) | Request deletion anytime |
| Technical Data | Security, performance | 90 days (logs) | Limited - essential for security |
👤 Your Privacy Rights
You have complete control over your data. Here are your rights:
Data Portability
Export all your data in machine-readable formats (JSON, CSV, SQL) anytime from your dashboard.
Right to Deletion
Delete your account and all associated data permanently. We'll remove everything within 30 days.
Access & Transparency
Request a detailed report of all data we have about you, including how it's used and stored.
Correction Rights
Update or correct any personal information we hold about you through your account settings.
🤝 Data Sharing & Third Parties
🔐 Data Security Measures
We protect your data with enterprise-grade security:
🔒 Encryption
- AES-256 encryption for data at rest
- TLS 1.3 for all data in transit
- End-to-end encryption for sensitive communications
- Encrypted backups with secure key management
🏗️ Infrastructure Security
- SOC 2 Type II compliant data centers
- 24/7 security monitoring and threat detection
- Regular penetration testing and security audits
- Employee access controls and background checks
🔑 Access Control
- Multi-factor authentication required for all staff
- Principle of least privilege access
- Audit logging for all data access
- Regular access reviews and certifications
🌍 International Data Transfers
🇪🇺 European Users (GDPR)
We provide enhanced protections for EU residents:
- Data processing agreements available
- EU data center options
- GDPR-compliant data handling
- DPO (Data Protection Officer) available
- Standard Contractual Clauses for transfers
🇺🇸 California Users (CCPA)
California residents have additional rights:
- Know what personal data is collected
- Delete personal data collected
- Opt-out of sale or sharing (we don't sell)
- Non-discrimination for exercising privacy rights
- Authorized agent representation
🌏 Global Standards
We comply with international privacy standards:
- PIPEDA (Canada) compliance
- LGPD (Brazil) requirements
- PDPA (Singapore) standards
- APPI (Japan) regulations
👶 Children's Privacy
Our service is not intended for children under 13. We do not knowingly collect personal information from children under 13.
🛡️ Our Policy
- We do not target our services to children under 13
- If we discover we've collected a child's information, we delete it immediately
- Parents can contact us if they believe their child has provided information
- We comply with COPPA requirements for children's privacy
📝 Changes to This Policy
We may update this privacy policy, but we'll always be transparent about changes:
Notification
We'll notify you of significant changes via email and in-app notifications at least 30 days before implementation.
Clear Summary
We provide a clear summary of what changed and how it affects you.
Opt-Out Options
For changes that reduce your privacy, we provide opt-out options where technically feasible.
Version History
We maintain a public version history of all privacy policy changes.
📧 Questions About Privacy?
Our privacy team is here to help with any questions or concerns.