Privacy Policy

General Overview

This Privacy Policy describes how personal data is gathered, used, and protected across all service channels. It applies to any interaction you have with the platform. Using the service indicates acceptance of these practices. Updates may occur without direct notice, so please review regularly.

Information Gathered

Only non-sensitive personal data—such as email, username, and device metadata—is collected. No health, financial, or biometric data is ever required. Optional preference settings and feedback are collected only with explicit consent. Collection methods are clearly disclosed at each point.

Usage of Data

Collected information is used to authenticate accounts, maintain security, and provide customer support. Aggregate anonymized metrics guide system maintenance and new feature development. No personal data is sold or shared for marketing purposes. Any additional processing requires your explicit opt-in.

Cookies and Session Tokens

Essential cookies and session tokens maintain login status and security. Non-essential analytics cookies remain disabled unless you activate them. You may control cookie settings via your browser or account dashboard. We do not use third-party advertising cookies without your consent.

Data Protection

All data in transit is secured by modern TLS encryption. Stored data is encrypted at rest with strong algorithms and segmented storage. Access is controlled via multi-factor authentication and role-based permissions. Regular security audits and vulnerability scans ensure robust defenses.

Access and Correction

You can request access to the personal data held about you and correct inaccuracies at any time. Requests are processed within thirty business days. You may also request deletion of your data, subject to legal retention requirements. Confirmation is provided upon completion of these requests.

Retention and Deletion

Personal data is retained only as long as necessary, typically no more than twenty-four months from last usage. Archived backups are purged within ninety days of retention expiry. Anonymized logs may be stored indefinitely for research. Specific retention schedules are available upon request.

Breach Response

A breach notification will be issued to affected individuals within seventy-two hours of confirmation. Notifications include details of the data involved and recommended remedial actions. Relevant regulators are also informed as required. A post-incident review leads to improved safeguards.

Automated Processing

Automated analytics and threat-detection systems operate on anonymized data. Any automated decision materially affecting your rights will trigger notification and an option for human review. Optional personalization systems require opt-in. Documentation of algorithmic logic is available for audit.

Third-Party Processors

Data is shared only with necessary third-party providers bound by data protection agreements. Providers undergo regular security audits to ensure compliance with these standards. No data is disclosed to advertisers or data brokers. All third-party data transfers are logged and transparent.

Policy Revision

This policy is reviewed and revised at least annually or when legal/regulatory changes occur. Material updates are announced via in-app messages and email at least fourteen days prior. Continued use after the effective date constitutes acceptance. Archived versions remain accessible for your reference.