Privacy Policy

Introduction

This Privacy Policy explains how personal information is collected, used, and protected across all service platforms. It applies when you register, submit data, or use any features. Your use of the service indicates acceptance of these terms. Updates may occur without direct notice, so please check back regularly.

Information Collected

We gather only non-sensitive data, such as email addresses, user IDs, and interaction logs. No medical, financial, or biometric data is ever required. Collection methods include user-provided forms and automated system logs. Each data-gathering point is clearly labeled with its purpose.

Legal Basis

Processing relies on contractual necessity, legitimate interests in service security, and user consent for optional features. Each data use is tied to a specific legal basis. Consent for non-essential processing can be revoked at any time. Core functionalities remain unaffected by consent withdrawal.

Use Cases

Data is used to ensure account security, diagnose issues, and optimize performance. Aggregate, anonymized statistics guide product improvements. No personal data is used for marketing without separate consent. Any new use cases will be disclosed and require opt-in.

Cookies & Local Storage

Essential cookies and local storage maintain authentication, preferences, and session continuity. Non-essential cookies for analytics or personalization remain inactive unless explicitly enabled. You may manage cookie preferences in your browser or through account settings. Third-party advertising cookies are never deployed without distinct opt-in.

Data Security

All communications use HTTPS with TLS encryption to secure data in transit. Data at rest is encrypted using AES-256 or equivalent standards. Access controls restrict data access to authorized personnel only. Regular vulnerability scans and audits validate security posture.

User Control

A privacy dashboard allows you to view collected data, manage consents, and request deletion. Changes apply immediately to future processing. Previously collected data remains subject to retention policies but can be anonymized on request. You may export your data in a machine-readable format.

Retention & Deletion

User data is retained only as long as necessary, typically no more than 18 months from last interaction. Archived backups are purged within 90 days following retention expiry. Anonymized logs may be kept indefinitely for research. Detailed retention schedules are provided upon request.

Breach Procedures

A documented incident response plan governs breach identification, containment, and remediation. Affected users receive notifications within 72 hours of breach confirmation. Regulatory bodies are informed per jurisdictional requirements. Post-incident analyses drive enhancements.

Automated Decisions

Automated algorithms may process anonymized data for fraud detection and system tuning. Any automated decision significantly affecting you will trigger a notification and an option for human review. Non-critical personalization relies solely on opt-in data. All automated processes are documented for transparency.

Policy Revision

This policy undergoes annual review or updates as needed. Material changes are communicated via in-service alerts and email at least 14 days prior. Continued use indicates acceptance of the new terms. Historical versions remain accessible for audit.