Privacy Policy
Last updated: April 30, 2026
1. Information We Collect
Account Information: When you register, we collect your email address and a password (stored as a hash). We do not require your real name, phone number, or physical address.
Usage Data: When you use the Service, we collect:
- The text you submit for risk analysis (listing titles, descriptions, tags)
- Analysis results and risk scores generated by the Service
- Timestamps and usage counts for rate limiting
- Your subscription status and plan type
Technical Data: We automatically collect:
- Browser type and version
- IP address (processed in real-time, not permanently stored)
- Pages visited and interaction patterns
2. How We Use Your Information
- To provide and improve the Service
- To create and manage your account
- To process subscriptions and payments
- To send service-related notifications (e.g., subscription renewal)
- To improve the accuracy of our risk analysis engine
- To prevent abuse and enforce rate limits
3. How We Do NOT Use Your Information
We will never:
- Sell your personal data to third parties
- Share your listing text with competitors or brand enforcement agencies
- Use your data to train models for brand monitoring services
- Send marketing emails without your consent
4. Data Storage
Your data is stored with the following service providers:
- Supabase (database and authentication) — hosted in the United States
- Vercel (application hosting) — global edge network
- Payment processor (subscription billing) — transaction data handled by the payment provider
All data is transmitted over HTTPS (TLS 1.2+) encryption.
5. Data Retention
- Check history: Retained for 30 days, then automatically deleted
- Account data: Retained while your account is active. Deleted within 30 days of account deletion request
- Subscription records: Retained as required by financial regulations
- Usage analytics: Aggregated and anonymized after 90 days
6. Your Rights
You have the right to:
- Access: Request a copy of the personal data we hold about you
- Correction: Request correction of inaccurate personal data
- Deletion: Request deletion of your personal data and account
- Portability: Request your data in a machine-readable format
- Objection: Object to the processing of your data for specific purposes
To exercise any of these rights, contact us at the email below. We will respond within 30 days.
7. GDPR Compliance (EU Users)
If you are a resident of the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR), including:
- The right to lodge a complaint with your local data protection authority
- The right to restrict processing of your data
- The right to data portability
Our legal basis for processing your data includes: contract performance (providing the Service), legitimate interests (improving the Service and preventing abuse), and consent (where explicitly obtained).
8. Cookies
We use minimal cookies for:
- Session management (authentication)
- Rate limiting (daily free usage count)
We do not use tracking cookies, advertising cookies, or third-party analytics cookies.
9. Third-Party Services
The following third-party services may process your data when you use our Service:
- Supabase — Authentication and database services. Their privacy policy: supabase.com/privacy
- Vercel — Application hosting. Their privacy policy: vercel.com/legal/privacy-policy
- Payment provider — Handles all payment data. We do not store your credit card information
We are not responsible for the privacy practices of these third-party services.
10. Data Security
We implement reasonable technical and organizational measures to protect your data, including:
- HTTPS encryption for all data in transit
- Row-level security policies on all database tables
- Service role keys stored as environment variables, never in client-side code
- Regular access audits
No method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.
11. Children's Privacy
The Service is not intended for use by persons under the age of 18. We do not knowingly collect personal information from children.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised date. We encourage you to review this policy periodically.
13. Contact
For privacy-related inquiries or to exercise your data rights:
Email: liyleon78@gmail.com
We will respond to all legitimate requests within 30 days.