Made on
Tilda
Privacy Policy
Applicability
This policy applies to all personal data collected, used, and stored when you interact with the service. It covers data from web, mobile, and API interactions. Continued use implies acceptance of these terms. Please review this policy periodically for any updates.
Data Types Collected
We collect only non-sensitive personal data, including email addresses, usernames, IP addresses, device models, and basic usage logs. No financial, medical, or biometric information is ever requested. Optional data (e.g., preferences, surveys) requires separate opt-in. All collection mechanisms clearly state their purpose.
Purpose of Data Use
Personal data is processed to authenticate user sessions, maintain security, and provide support. Aggregate, anonymized metrics drive system performance improvements and feature development. No personal data is sold or shared for marketing without explicit, separate consent. Any new uses of data will be announced and require opt-in.
Cookies & Tracking Technologies
Essential cookies handle session integrity and security tokens. Optional analytics cookies remain off by default and can be enabled by the user. Third-party advertising cookies are never deployed without explicit permission. You may block or delete non-essential cookies via browser settings; essential cookies are necessary for core functionality.
Data Security
All data transmissions use encryption (e.g., TLS) to protect against interception. Data stored on servers is encrypted at rest with advanced algorithms (e.g., AES-256). Access controls restrict internal data access to authorized personnel with multi-factor authentication. Regular security audits and vulnerability scans ensure defenses remain robust.
Retention Policy
Personal data is retained only as long as needed to achieve its original purpose, typically not exceeding twenty-four months from last user activity. Backup copies are purged within ninety days after the active retention period ends. Anonymized logs may be retained indefinitely for analytics and research. A detailed retention schedule is available upon request.
User Rights
You may request access to, correction of, or deletion of your personal data at any time. Requests are handled within thirty days in accordance with applicable regulations. Data necessary for legal compliance or dispute resolution may be retained but will be anonymized. You may also revoke any given consent for optional processing without affecting essential services.
Breach Procedures
In the event of a data breach, affected users will be notified within seventy-two hours of breach confirmation. Notifications will detail the nature of the breach, types of data involved, and recommended actions. Regulatory bodies will be informed in accordance with applicable laws. A thorough post-incident review will guide future preventative measures.
Anonymization & Aggregation
Personal identifiers are removed or pseudonymized before any analytical or reporting use. Aggregated datasets do not contain individual-level information and cannot be traced back to specific users. Anonymized data may be retained indefinitely for performance and usage studies. This approach preserves privacy while enabling operational insights.
Third-Party Processors
Data is shared only with third-party providers essential to service operation (e.g., hosting, payment processing, email delivery). Each processor is contractually obligated to maintain equivalent data protection standards. No data is shared with advertisers or data brokers. All third-party transfers are logged and available for audit.
Policy Updates
This policy undergoes annual review or whenever significant legal or operational changes occur. Material changes are communicated via inservice notifications and email at least fourteen days before they take effect. Continued use after the effective date indicates acceptance of updated terms. Historical versions remain accessible for transparency.