Privacy Policy

Scope

This policy applies to all personal information collected when you interact with the service via web, mobile, or API. It covers data gathering, usage, disclosure, and retention practices. Using the service constitutes acceptance of these terms. Please review periodically for updates.

Data Collection

Only essential personal data is collected, including unique identifiers, contact information, and usage logs. Sensitive categories (health, financial, biometric) are never requested. Collection methods include user inputs and automated system tracking. All data-gathering points are clearly communicated at the time of collection.

Purpose Limitation

Personal data is processed solely to operate and maintain core features, secure user sessions, and diagnose technical issues. Aggregate, de-identified data is used for performance analysis and strategic improvements. No personal data is sold or traded. Any new uses require explicit user opt-in.

Cookies & Tracking

Essential cookies ensure functionality such as authentication and session management. Non-essential analytics cookies remain disabled unless you activate them. Third-party advertising trackers are not employed without your clear consent. You may disable non-essential cookies in your browser at any time.

Data Security

All information in transit is protected by modern encryption protocols. Stored data resides in encrypted repositories with strict access controls. Multi-factor authentication and role-based permissions guard against unauthorized access. Regular security audits and penetration tests verify the integrity of our controls.

Data Retention

Personal data is retained only for as long as necessary to fulfill its original purpose, generally no more than twenty-four months after last activity. After this period, records are securely deleted or irreversibly anonymized. Retention schedules are reviewed annually to comply with best practices. You may request details of our retention timelines at any time.

User Rights

You have the right to access, correct, or delete your personal data at any time. Requests are processed within thirty calendar days in accordance with applicable laws. Records necessary for legal compliance may be retained beyond deletion requests but will be anonymized when possible. You may also withdraw previously granted consents without affecting essential services.

Breach Notification

In the unlikely event of a data breach, affected individuals will receive notice within seventy-two hours of breach confirmation. Notifications will detail the breach’s nature, data types involved, and recommended protective steps. Authorities will be informed in accordance with legal requirements. A full post-incident review will guide improvements.

Anonymization & Aggregation

Direct identifiers are removed or replaced with irreversible pseudonyms before analysis or reporting. Aggregated data sets never contain individual-level details. Anonymized information may be retained indefinitely for statistical purposes. This approach ensures user privacy while enabling meaningful insights.

Third-Party Processors

Data is shared only with essential third-party processors under strict confidentiality and security agreements. Processors are regularly audited to ensure compliance with our privacy standards. No data is shared with advertisers or other marketing entities. All disclosures are logged and subject to review.

Policy Updates

This policy is reviewed and updated at least once per year or when regulations change. Material revisions are communicated via in-service notices and email at least fourteen days before enactment. Continued use following updates implies acceptance. Archived versions remain available for reference.