Privacy Policy
Applicability
This Privacy Policy covers all data interactions with the platform, including direct input, log files, and embedded widgets. It applies regardless of device or channel used. Your use of the platform indicates acceptance of these terms. Updates may be made without explicit notice, so periodic review is advised.
Data Collection Methods
Data is collected via registration forms, direct user actions, and background system logs. Only non-sensitive identifiers and usage metadata are gathered. Surveys and feedback forms are strictly optional. All points of collection are transparent and documented.
Use of Information
Collected data supports account management, technical support, and operational analytics. It also helps detect and prevent fraudulent activities. No personal data is used for unsolicited marketing without discrete consent. Insights are drawn from aggregated, anonymized data.
Consent & Choices
You may opt in to optional features such as personalized recommendations and performance analytics. Clear prompts request your consent before any non-essential data is processed. You can revoke consent at any time via your account settings. Withdrawal does not affect data processed prior to revocation.
Session Management
Secure session tokens and essential cookies maintain logged-in state and defend against unauthorized session hijacking. These mechanisms cannot be disabled without disrupting basic functionality. Manual cookie clearing may force re-authentication. No profiling or advertising cookies are deployed by default.
Data Encryption
All data exchanged with servers is encrypted in transit using modern TLS protocols. Data at rest is stored in encrypted databases with strict access controls. Encryption keys are rotated regularly under a key-management policy. Audit logs record access to encrypted data.
Access and Rectification
You can request a copy of your data and correct any inaccuracies through the support interface. Such requests are fulfilled within thirty days, subject to applicable laws. Irretrievable deletion can be requested for non-archival records. Certain records may remain if required for legal compliance.
Retention and Deletion
User data is retained only as long as needed to provide the service or meet legal obligations, typically not exceeding twenty-four months. Post-retention, data is either deleted or anonymized. Archived backups are purged on a six-month cycle after initial retention. A detailed retention schedule is available upon request.
Incident Notification
If personal data is compromised, affected individuals will receive notice within 72 hours. The notice will explain the incident’s nature, data types involved, and steps for protection. Regulatory bodies will be informed according to applicable laws. A root-cause analysis follows to prevent recurrence.
Automated Processing
Automated systems analyze anonymized data for anomaly detection and capacity planning. You will be notified if any decision materially affecting your access is based solely on automated processing. Options for human review are provided upon request. Non-critical automation features are always opt-in.
Policy Revisions
This policy is updated whenever necessary to reflect legal, technical, or operational changes. A “Last Updated” date appears at the top for clarity. Significant revisions will be communicated via in-app notices and email alerts. Continued platform use after revisions implies consent.
