Privacy Policy

Applicability

This Privacy Policy applies to all personal data collected through your use of the service, including web, mobile, and API interactions. It governs collection, processing, and protection measures. Your continued use of the service indicates acceptance of these practices. Revisions may be made without direct notice.

Data Collected

Only the minimum data necessary is gathered: user identifiers, login credentials, and system logs. Sensitive categories such as health, finance, or biometrics are never collected. Optional survey responses and preferences require explicit opt-in. All collection points are clearly documented at time of capture.

Purpose of Processing

Data is used to authenticate user sessions, secure access, and deliver customer support. Anonymized analytics support reliability and performance improvements. Personal data is never exchanged for marketing without separate, affirmative consent. Any new processing uses are disclosed in advance.

Consent & Opt-Out

Optional data collection—such as advanced usage analytics—requires explicit, revocable consent. Consent prompts are clear and distinct from mandatory requirements. You may withdraw consent at any time in your account settings. Withdrawal does not affect processing already completed.

Cookies & Local Storage

Essential cookies maintain session integrity and security tokens. Non-essential cookies for analytics remain disabled until opted in. Browser settings also allow you to block or remove cookies. No third-party tracking cookies are employed without your permission.

Data Security

All data transfers use TLS encryption to protect against interception. Data at rest is encrypted using industry-standard algorithms with secure key management. Access to stored data is restricted and monitored through audit logs. Penetration tests and vulnerability assessments are conducted regularly.

Rights of Access

You may request a copy of all personal data held about you and request corrections of inaccuracies. Data deletion requests are honored within thirty days, subject to legal obligations. Confirmation of request fulfillment is provided via email. Certain logs required for security or compliance may be retained but anonymized.

Retention Policy

Personal data is kept only as long as necessary, generally no longer than twenty-four months after last user interaction. Archived backups are purged within ninety days following active retention expiry. Anonymized data sets may be retained indefinitely for research. Detailed retention schedules are available on request.

Breach Notification

Confirmed breaches involving personal data will trigger notifications to affected parties within seventy-two hours. Notifications include incident details, data categories affected, and recommended next steps. Regulatory notifications follow applicable legal timelines. A root-cause analysis informs corrective measures.

Automated Decisions

Automated systems analyze anonymized data for fraud detection and resource allocation. Any automated decision that materially affects your account status will result in a notification and an option for a manual review. Personalization features operate only with your prior consent. Algorithmic logic is documented for oversight.

Policy Updates

This policy is reviewed at least annually or upon significant legal or operational changes. Material revisions are communicated via in-app notices and email at least fourteen days before implementation. Continued use after the effective date implies acceptance. Archived versions remain accessible for full transparency.