Privacy Policy
Scope
This policy applies to all personal information collected when you interact with the service in any form, including web, mobile, and API. It governs how data is gathered, used, shared, and retained. Continued use of the service constitutes acceptance of these practices. Please review this policy periodically for updates.
Data Collected
Only the minimal personal data necessary for service operation is collected, such as contact identifiers, usage logs, and device information. No sensitive categories like health, financial, or biometric data are ever requested. Collection points are clearly disclosed at the time of data entry. Users retain control over optional data through explicit opt-in.
Use of Information
Collected data is used to authenticate users, secure sessions, and resolve technical issues. Aggregate, de-identified information guides performance improvements and feature development. Personal data is never sold or shared for advertising without separate, explicit consent. Any new data uses will be publicly announced and require opt-in.
Cookies and Tracking
Essential cookies and similar technologies maintain core functionality like login state and security tokens. Non-essential analytics cookies remain disabled unless explicitly enabled in settings. No third-party advertising trackers are deployed by default. You may adjust or disable non-essential cookies through your browser or account controls.
Data Security
All data transmissions employ industry-standard encryption protocols to prevent interception. Stored information is encrypted at rest with robust algorithms and segmented access controls. Role-based permissions and multi-factor authentication limit internal access. Regular security audits and penetration tests ensure ongoing protection.
Data Retention
Personal data is retained only as long as needed to fulfill its original purpose, generally not exceeding 24 months from last user activity. After this period, records are securely deleted or irreversibly anonymized. Retention schedules are reviewed annually to align with best practices. You may request details of our retention timelines.
User Rights
You may request access to, correction of, or deletion of your personal data at any time. Requests are fulfilled within 30 calendar days, subject to legal requirements. Data essential for compliance or dispute resolution may be retained but anonymized. You can also withdraw previously granted consents without impacting core service use.
Breach Notification
In the unlikely event of a data breach, affected individuals will be notified within 72 hours of confirmation. Notifications will detail the breach’s nature, data categories involved, and recommended remedial actions. Regulatory authorities will be alerted as required by law. A thorough post-incident review ensures continuous improvement.
Anonymization & Aggregation
Direct identifiers are removed or pseudonymized before any analytical or reporting use. Aggregated data sets contain no individual-level details and cannot be reverse-engineered. Anonymized information may be retained indefinitely for statistical purposes. This preserves user privacy while enabling meaningful insights.
Third-Party Processors
Data is shared only with essential third-party processors under strict data protection agreements. Each processor is regularly audited to verify compliance with our privacy standards. No data is shared with advertising networks or data brokers. All transfers are logged and auditable upon request.
Policy Updates
This policy is reviewed and updated at least once per year or whenever legal or operational changes occur. Material revisions are communicated via in-service notices and email at least 14 days before taking effect. Continued use after the effective date indicates acceptance. Archived versions remain available for transparency.