Privacy Policy
Introduction
This Privacy Policy explains how personal data is collected, used, and protected when you interact with the service on any platform. Your use indicates acceptance of these terms. Updates may occur without explicit notice, so please review regularly. Continued use constitutes agreement to any changes.
Data Collection
We collect only non-sensitive data: email addresses, usernames, IP addresses, device types, and activity logs. Data is gathered through user inputs and automatically via cookies and server logs. Sensitive categories (health, financial, biometric) are never requested. Each collection point clearly indicates its purpose.
Purpose of Processing
Collected data is processed to authenticate users, maintain service integrity, and provide support. Aggregated analytics guide system improvements and feature planning. No personal data is used for unsolicited marketing without separate consent. Future processing purposes will be communicated and require opt-in.
Legal Basis
Processing is based on contractual necessity for service provision, legitimate interests in security and improvement, and explicit consent for optional features. Each processing activity is tied to a specific legal basis. Consent for non-essential processing can be revoked at any time. Core functionalities remain unaffected.
Cookies & Similar Technologies
Essential cookies and local storage maintain login sessions and security tokens. Non-essential analytics cookies are disabled by default and can be enabled in settings. Third-party advertising cookies are never deployed without explicit user permission. You may block or delete cookies via your browser.
Data Security
Data in transit is secured by TLS encryption to prevent interception. Data at rest is encrypted with strong algorithms and stored in secured environments. Access is restricted by role-based permissions and multi-factor authentication. Regular vulnerability scans and audits ensure robust security.
Access & Control
You have the right to access, correct, or delete your personal data via account settings or support. We process valid requests within 30 days, subject to applicable laws. Data required for compliance or dispute resolution may be retained in anonymized form. You may also download a portable copy of your data.
Retention
Personal data is retained only as long as necessary—typically no more than 18 months from last use. Backup copies are purged within 90 days after retention expiry. Anonymized logs may be kept indefinitely for research and development. Detailed retention schedules are available on request.
Breach Response
In case of a confirmed data breach, affected users will be notified within 72 hours of verification. Notifications will detail the breach’s nature, affected data categories, and recommended protective actions. Regulatory bodies will be informed as required by law. A post-incident review will enhance future resilience.
Automated Decision-Making
Automated processes may analyze anonymized data for threat detection and resource optimization. If an automated decision materially affects your account, you will be notified and given the option for human review. Optional personalization features operate only with your consent. All automated systems are documented for audit.
Policy Changes
This policy is reviewed annually or upon significant legal or operational changes. Material updates will be communicated via email and in-service notifications at least 14 days before taking effect. Continued use after the effective date indicates acceptance. Archived versions remain accessible for transparency.
