Privacy Policy
Applicability
This policy covers all personal data collected when you interact with the service on any platform. It outlines our practices for collection, use, sharing, and protection. Your continued use indicates acceptance of these terms. Please check periodically for updates.
Information Gathered
We gather only non‑sensitive data—email, username, IP address, device type, and usage metrics. Collection is via user-provided inputs and automated logging (cookies, server logs). We never request health, financial, or biometric data. Each data point’s purpose is clearly stated.
Purpose
Personal data is processed to authenticate sessions, secure accounts, and provide support. Aggregate, anonymized metrics guide reliability and feature roadmaps. No personal data is used for unsolicited marketing. Any expansion of purposes will require opt‑in consent.
Cookie Usage
Essential cookies maintain security and session continuity. Analytics cookies remain off until you opt in. Third‑party advertising cookies are never installed without permission. Cookie settings can be managed in your browser.
Data Security
Data in transit is secured with HTTPS/TLS encryption. Data at rest is encrypted with strong ciphers and stored in secure data centers. Access controls and multi‑factor authentication limit internal exposure. Regular security reviews and penetration tests maintain integrity.
Retention Period
We retain personal data only as long as necessary—typically 18 months from last activity. Afterward, data is deleted or anonymized. Backups are purged within 90 days of retention expiry. Retention schedules are documented and reviewed yearly.
User Access
You can access, correct, or delete your personal data via your account settings or support. Requests are fulfilled within 30 days, subject to legal requirements. Data needed for compliance or dispute resolution may be retained in anonymized form. You can also request a portable copy of your data.
Breach Response
In case of a confirmed breach, affected users will be notified within 72 hours of verification. Notifications detail breach scope, affected data categories, and recommended steps. Authorities will be informed as required by law. A thorough post‑incident analysis will improve security.
Automated Processing
Automated systems may analyze anonymized data for threat detection and capacity planning. If an automated decision significantly affects you, you will be notified and can request human review. Personalization features operate only with explicit consent. All automated processes are documented.
Third‑Party Sharing
We share data only with necessary third‑party processors under strict confidentiality agreements. These include hosting providers, payment gateways, and email services. No data is shared for advertising without separate consent. All transfers are logged and reversible.
Policy Revisions
This policy is updated at least once per year or upon major regulatory changes. Significant revisions are announced via email and in‑service notifications at least 14 days before enforcement. Continued use implies acceptance. Archived versions remain available for reference.