Privacy Policy

Only essential personal information—such as your username, email address, and session identifiers—is collected to enable user authentication and account management. No health, financial, or sensitive personal details are ever sought. All data collection mechanisms are described upfront. You may decline optional data requests without losing access to core features.

Usage logs capture feature access times, error events, and performance metrics solely for system monitoring and debugging. These logs are anonymized for any analytical reporting. We do not share log‑based insights with advertisers. All log entries older than twelve months are purged automatically.

Session cookies and local storage tokens ensure continuity of your login state and protect against unauthorized session hijacking. Essential cookies cannot be disabled without disrupting fundamental functionality. You may clear cookies manually, but doing so will require you to re‑sign in. No tracking or profiling cookies are deployed without your explicit opt‑in.

Data transmission always uses secure encryption protocols to prevent eavesdropping. Data stored on servers is encrypted at rest with industry‑recognized algorithms. Access controls and multi‑factor authentication protect storage environments. Regular vulnerability assessments validate our security posture.

You have the right to access, correct, and delete your personal data. Requests are processed within thirty days, with confirmation upon completion. Deleted data is removed from active systems and eventually from backups as well. Exemptions apply only for data required by law or for resolving ongoing disputes.

Personal information is retained only for as long as necessary to deliver the service, fulfill contractual obligations, or comply with legal requirements. Standard retention spans up to twenty‑four months from last user activity. After the retention period, data is either anonymized irreversibly or securely deleted. Retention policies are reviewed and updated annually.

In case of a suspected or confirmed data breach, we will notify you within seventy‑two hours. The notification will outline the breach’s scope, the categories of data involved, and steps to protect yourself. We also inform regulatory authorities in accordance with local laws. A thorough post‑mortem ensures continuous security improvements.

Automated threat‑detection systems analyze anonymized usage data to identify potential attacks or performance anomalies. If an automated decision directly affects your access, you will receive a notice and can request human intervention. Non‑critical feature suggestions derived from automation are opt‑in only. You may turn off all automated personalization in settings.

Third‑party providers—such as hosting, analytics, and customer support platforms—receive only the data strictly necessary for their functions. Each provider is bound by confidentiality agreements and must adhere to equivalent data protection standards. No personal data is disclosed to advertising networks. All transfers are logged and auditable.

We review and update this Privacy Policy at least once per year or whenever required by law or organizational changes. Substantive changes will be communicated via email and in‑app alerts at least fourteen days prior to their implementation. Your continued use after the effective date indicates acceptance of the revised policy. Archived versions are available upon request.

For privacy inquiries, to exercise your rights, or to lodge complaints, contact our dedicated Privacy Support team via the in‑app support channel. We generally acknowledge and respond to all requests within five business days. If dissatisfied, you may escalate the matter to relevant supervisory authorities. We remain committed to safeguarding your privacy.