Privacy Policy

We collect the following categories of personal information, which may be provided directly by you, collected automatically through your use of our Services, or received from third-parties:

• Identifiers: Name (where provided), email address, username, account credentials, and similar identifiers collected at account creation and for communications.
• Internet or Network Activity and Technical Data: IP address, browser type and version, operating system, device identifiers, referring URLs, pages visited, time spent on pages, clickstream data, cookie identifiers, and other technical data collected automatically through cookies, web beacons, pixels, and similar tracking technologies.
• Usage Data: Records of how you interact with our Services, including features accessed, search queries, preferences, settings, and other behavioral data related to your use of the Services.
• Communications Data: Records of your correspondence with us, including support requests, feedback, and survey responses.

We do not intentionally collect sensitive personal information as defined under applicable law (e.g., Social Security numbers, financial account numbers, precise geolocation, biometric data, health data, or data concerning racial or ethnic origin, religious beliefs, or sexual orientation). If you believe you have submitted such information, please contact us immediately at [Contact Email] so we may delete it.

Sources of Personal Information: We collect personal information (a) directly from you when you register, contact us, or use our Services; (b) automatically through cookies and tracking technologies when you interact with our Services; and (c) from third-party service providers (such as analytics providers and advertising partners) and, where applicable, from publicly available sources.

We use the personal information we collect for the following purposes, in accordance with the legal bases described in Section 3:

• Providing our Services: To create, maintain, and manage user accounts, authenticate users, and deliver the features and functionality of our Services.
• Marketing and Communications: To send promotional materials, newsletters, product updates, and other commercial communications, subject to your consent where required by law and with a clear right to opt out at any time.
• Analytics and Improvement: To monitor, analyze, and improve the performance, security, and functionality of our Services, and to conduct internal research and development.
• Security and Fraud Prevention: To detect, investigate, and prevent fraudulent transactions, unauthorized access, abuse, and other illegal activities, and to protect the rights and interests of the Company and our users.
• Legal Compliance and Rights: To comply with applicable laws, regulations, and legal obligations; to respond to lawful requests, court orders, and legal process; and to establish, exercise, or defend legal claims.
• Business Transfers: In connection with, or during negotiations of, any merger, acquisition, financing, reorganization, bankruptcy, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction, subject to standard confidentiality arrangements.

Automated Decision-Making: We do not engage in solely automated decision-making, including profiling, that produces legal or similarly significant effects on users. If this practice changes, we will update this Policy and provide any required notices and rights.

• Consent (Article 6(1)(a)): Where you have given us your freely given, specific, informed, and unambiguous consent to process your personal data (e.g., for direct marketing emails and non-essential cookies). You may withdraw your consent at any time without affecting the lawfulness of processing prior to withdrawal.
• Legitimate Interests (Article 6(1)(f)): Where processing is necessary for our legitimate interests or those of a third-party, including operating and improving our Services, ensuring network and information security, preventing fraud, and conducting analytics, provided such interests are not overridden by your fundamental rights and freedoms.
• Legal Obligation (Article 6(1)(c)): Where processing is necessary to comply with a legal obligation to which we are subject, including applicable data protection law, tax law, and regulatory requirements.
• Performance of a Contract (Article 6(1)(b)): Where processing is necessary to perform a contract to which you are a party, or to take steps at your request prior to entering into a contract (e.g., creating and managing your account).

Right to Object: Where we rely on legitimate interests as a legal basis, you have the right to object to that processing at any time on grounds relating to your particular situation. We will cease such processing unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or the processing is necessary for establishing, exercising, or defending legal claims.

UK and Switzerland: References to GDPR in this Policy apply equally to the UK GDPR (as incorporated into UK law by the European Union (Withdrawal) Act 2018) and, where applicable, to the Swiss Federal Act on Data Protection (nDSG), as amended.

We do not share, sell, rent, or trade your personal information with third-parties except as described in this Policy. We may disclose your personal information to the following categories of recipients:

• Service Providers and Processors: Third-party vendors and service providers that perform services on our behalf, including web hosting, cloud infrastructure, email delivery, customer support, analytics, payment processing, and marketing platforms. These providers are contractually obligated to use your personal information only as directed by us and in accordance with this Policy, and may not use it for their own independent purposes.
• Legal and Regulatory Authorities: Government agencies, law enforcement, regulators, courts, or other third-parties where we are required or permitted to do so by applicable law, legal process, subpoena, court order, or regulatory requirement, or where we believe disclosure is necessary to protect the safety, rights, or property of the Company, our users, or others.
• Business Transfers and Successors: In connection with a prospective or actual merger, acquisition, asset sale, financing, reorganization, change of control, or similar transaction, your personal information may be transferred to the acquiring entity. We will notify you via this Policy or direct communication before your personal information is transferred and becomes subject to a different privacy policy.

We do not sell your personal information for monetary consideration. We also do not share your personal information with third-parties for cross-context behavioral advertising purposes. If this practice changes, we will provide notice and the required opt-out rights before doing so.

Third-Party Links: Our Services may contain links to third-party websites, applications, or services that are not operated or controlled by us. This Policy does not apply to such third-party services. We encourage you to review the privacy policies of any third-party services you visit or use.

We and our third-party service providers use cookies, web beacons, pixels, local storage, and similar tracking technologies to operate, analyze, and improve our Services. The types of cookies we use include: (a) Strictly Necessary Cookies, which are essential for the Services to function and cannot be disabled; (b) Analytics and Performance Cookies, which help us understand how users interact with our Services; and (c) Functionality Cookies, which allow the Services to remember your preferences. Where required by applicable law (including users in the EEA and UK), we obtain your prior consent before placing non-essential cookies. You may manage or withdraw your consent to cookies at any time through our cookie consent manager (where available) or through your browser settings. Please note that disabling certain cookies may affect the functionality of our Services. We currently do not respond to "Do Not Track" signals transmitted by web browsers; however, we will honor opt-out preferences submitted through applicable privacy rights mechanisms. For more information about cookies and how to manage them, visit www.allaboutcookies.org.

We retain personal information for as long as necessary to fulfil the purposes for which it was collected, including to provide our Services, comply with our legal obligations, resolve disputes, and enforce our agreements. The criteria used to determine our retention periods include: (a) the duration of your account or relationship with us; (b) the nature and sensitivity of the personal information; (c) applicable statutory or regulatory retention obligations (e.g., tax, accounting, or legal hold requirements); and (d) our legitimate business needs. When personal information is no longer needed, we delete, destroy, or anonymize it in accordance with our internal data retention schedule. Account data is generally retained for the duration of the active account and for three (3) years following account closure, unless a longer period is required by law. If you request deletion of your personal information, we will comply subject to any legal obligations that require us to retain certain data.

Depending on your jurisdiction of residence, you may have the following rights with respect to your personal information. We will respond to verified requests within the timeframes required by applicable law (e.g., 45 days under CCPA/CPRA; one month under GDPR, extendable by two additional months in complex cases). We will not discriminate against you for exercising any privacy rights.

• Right to Know and Access: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, our business or commercial purposes for collecting or sharing it, and the categories of third-parties with whom we have shared it.
• Right to Opt Out of Sale or Sharing and Marketing: You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising (CCPA/CPRA). You also have the right to opt out of receiving direct marketing communications at any time.
• Right to Data Portability: Where applicable, you have the right to receive a copy of the personal information you provided to us in a structured, commonly used, and machine-readable format, and to transmit that data to another controller without hindrance from us.
• Right to Correction, Erasure, and Restriction: You have the right to request that we correct inaccurate personal information, delete your personal information (subject to legal exceptions), and, where applicable under GDPR, restrict the processing of your personal information in certain circumstances.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights. We will not deny you goods or services, charge you different prices, provide a different level or quality of services, or suggest that you will receive a different level or quality of services as a result of exercising your rights.
• Right to Lodge a Complaint: If you are located in the EEA, UK, or Switzerland, you have the right to lodge a complaint with your local data protection supervisory authority. UK residents may contact the Information Commissioner's Office (ICO).
• Authorized Agents: California residents may designate an authorized agent to submit requests on their behalf. We may require verification of the agent's authorization and verification of the consumer's identity before processing any such request.

How to Exercise Your Rights: To submit a privacy rights request, please contact us by email at [Contact Email]. We may need to verify your identity before processing your request. We will not require you to create an account solely to submit a request.

We may send you transactional emails (e.g., account verification, order confirmations, security alerts) and, where you have provided consent or we have a legitimate interest as permitted by applicable law, promotional and marketing communications. All commercial email communications comply with the CAN-SPAM Act and include: (a) accurate header information identifying us as the sender; (b) a clear subject line that is not deceptive; (c) our valid physical postal address; and (d) a clear and conspicuous mechanism to unsubscribe. You may opt out of receiving marketing emails at any time by clicking the "Unsubscribe" link in any marketing email or by contacting us at [Contact Email]. We will process opt-out requests within ten (10) business days. Please note that even if you opt out of marketing communications, we may still send you transactional or service-related emails necessary to the operation of your account.

We implement and maintain reasonable and appropriate technical, administrative, and physical security measures designed to protect your personal information against unauthorized access, disclosure, alteration, destruction, or loss. These measures include, but are not limited to, encryption of data in transit (TLS/SSL), access controls and authentication requirements, regular security assessments, and employee training on data protection. However, no method of transmission over the internet or electronic storage is completely secure. While we strive to protect your personal information, we cannot guarantee absolute security. In the event of a data breach that affects your rights and freedoms, we will notify you and/or the relevant supervisory authorities as required by applicable law (e.g., within 72 hours of discovery under GDPR Article 33; as required under applicable US state breach notification laws). You are responsible for maintaining the confidentiality of any account credentials and for notifying us promptly if you suspect unauthorized access to your account.

Our Services are not directed to, and we do not knowingly collect personal information from, children under the age of thirteen (13). If you are under 13 years of age, please do not use our Services or submit any personal information to us. If we learn that we have inadvertently collected personal information from a child under 13 without verifiable parental consent, we will take prompt steps to delete that information from our records. If you are a parent or guardian and believe that your child has provided personal information to us, please contact us immediately at [Contact Email] and we will work to identify and delete that information. For users in the European Economic Area, where the applicable age of digital consent is higher (up to 16 years in certain member states), we comply with applicable national law requirements.

We are a United States-based company and your personal information may be processed and stored in the United States and in other countries where our service providers operate, which may have data protection laws that differ from those in your country of residence. If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, please be aware that these transfers outside of those regions are conducted pursuant to appropriate safeguards as required by applicable law, including: (a) the European Commission's Standard Contractual Clauses (SCCs) (Module 2: Controller to Processor, where applicable), as adopted pursuant to Commission Implementing Decision (EU) 2021/914; (b) the UK International Data Transfer Agreement (IDTA) or UK Addendum to the EU SCCs, as applicable; (c) adequacy decisions issued by the European Commission where available; or (d) other lawful transfer mechanisms as permitted under GDPR Chapter V. By using our Services, you acknowledge and agree to the transfer of your personal information to the United States and other jurisdictions. You may request a copy of the applicable transfer safeguards by contacting us at [Contact Email].

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, technology, legal requirements, or for other business reasons. When we make changes, we will update the "Last Revised" date at the top of this Policy. For material changes that significantly affect your rights or the way we process your personal information, we will provide you with more prominent notice, such as by sending an email notification to the address associated with your account or by displaying a prominent notice on our website prior to the change becoming effective. We encourage you to review this Policy periodically to stay informed about our privacy practices. Your continued use of our Services after the effective date of any updated Policy constitutes your acknowledgment of the changes, to the extent permitted by applicable law.

Privacy Email: [Contact Email]

This Privacy Policy is governed by and construed in accordance with the laws of the State of Delaware, without regard to its conflict of law provisions, except as otherwise required by applicable data protection law.