Privacy Policy
Scope of Policy
This policy applies to all personal information collected through the service interface, including web, mobile, and API interactions. It governs data collection, use, disclosure, and retention. By using the service, you consent to these terms. Please review this policy periodically for updates.
Information Collected
Only the minimum personal data needed is gathered, such as identifiers and usage logs. No sensitive categories (e.g., health or financial data) are ever requested. Collection occurs through user input and automated system logs. All collection points are clearly communicated to you.
Purpose of Processing
Data is used to authenticate access, maintain session integrity, and troubleshoot technical issues. Anonymous usage metrics help optimize performance and guide feature improvements. No personal information is sold or shared for advertising. Any new processing purposes are publicly announced and require your opt-in.
Cookies and Tracking
Essential cookies ensure core functionality and cannot be disabled. Optional analytics cookies remain inactive unless you enable them in settings. No third-party advertising cookies are used without explicit consent. Cookie preferences can be changed at any time via your browser or account controls.
Data Security
All data transmissions employ strong encryption protocols to prevent interception. Stored information is encrypted at rest with industry-standard algorithms. Access is restricted by role-based permissions and monitored via audit logs. Regular security assessments help identify and remediate vulnerabilities.
Data Retention
Personal data is retained only as long as necessary to fulfill its original purpose, generally no more than twenty-four months after last activity. After this period, information is either securely deleted or irreversibly anonymized. Retention schedules are reviewed annually. You may request details of our retention timelines.
User Rights
You may request access to, correction of, or deletion of your personal information at any time. Requests are processed within thirty days in line with applicable regulations. Certain logs required for compliance may be retained longer but will be anonymized. You may also withdraw consent to optional processing without affecting essential functions.
Data Breach Response
In case of a confirmed breach, affected users will be notified within seventy-two hours. Notifications will include breach scope, data types involved, and recommended mitigation steps. Relevant authorities will also be informed as required by law. A full post-incident review ensures continuous improvement.
Anonymization & Aggregation
Direct identifiers are replaced with pseudonyms or removed before any analytical processing. Aggregated data sets are used for performance reporting and trend analysis. Individual users cannot be re-identified from anonymized data. Aggregated reports never include personal identifiers.
Third-Party Processors
Only trusted service providers receive data strictly necessary to perform their function. All processors are bound by confidentiality and data protection obligations. No data is shared with advertisers or data brokers. Transfers are logged and auditable upon request.
Policy Updates
This policy is reviewed and updated at least once per year or upon major legal changes. Material revisions will be announced at least fourteen days before they take effect. Continued use after the effective date implies acceptance. Previous versions remain available for your reference.
