ACME
BlogPricingSign Up

Privacy Policy

Last updated: February 26, 2026

Your privacy matters to us. This Privacy Policy explains how Our Service ("we", "us", or "our") collects, uses, and protects your information when you use our service at https://example.com.

1. Information We Collect

Information You Provide

When you create an account or use our Service, you may provide:

  • Account information: name and email address
  • Authentication data: password (stored as a secure hash — we never store or see your plain-text password)
  • Payment information: billing details processed securely through Stripe. We do not store credit card numbers on our servers.
  • Communications: messages you send us through support or contact forms

Information Collected Automatically

When you use the Service, we may automatically collect:

  • Usage data: pages viewed, features used, and interactions with the Service
  • Device information: browser type, operating system, and screen resolution
  • IP address: logged for security purposes (rate limiting, fraud prevention) and recorded in activity logs
  • Cookies: essential cookies for session management (see Section 5)

Information from Third Parties

We may receive limited information from third-party services we integrate with, such as Stripe (payment status, subscription details). We do not purchase or obtain your personal data from data brokers.

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service
  • Process payments and manage your subscription
  • Send transactional emails (account verification, password resets, billing notifications)
  • Respond to your support requests and communications
  • Improve the Service through aggregated, anonymized analytics
  • Detect and prevent fraud, abuse, or security incidents
  • Comply with legal obligations

We do not sell your personal data. We never have and never will.

3. How We Share Your Information

We only share your information in the following circumstances:

  • Payment processing: Stripe processes your payment information. See Stripe's Privacy Policy.
  • Email delivery: We use a transactional email provider to send account-related emails (verification, password reset, billing).
  • Analytics: We use privacy-focused analytics to understand how the Service is used. Analytics data is aggregated and does not identify individual users.
  • Legal requirements: We may disclose your information if required by law, legal process, or government request.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity.

4. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. If you delete your account:

  • Your personal data (name, email) is anonymized
  • Your account is deactivated and cannot be used to sign in
  • We may retain anonymized, aggregated data for analytics purposes
  • We retain billing records as required by tax and accounting regulations

5. Cookies & Tracking Technologies

We use a minimal number of cookies:

  • Session cookie: An essential, HTTP-only cookie used to keep you signed in. It expires after 24 hours of inactivity and cannot be read by JavaScript.
  • Analytics: If enabled, we use privacy-focused, cookie-less analytics to track page views and feature usage. This analytics service does not use cookies and does not track you across websites.

We do not use advertising cookies, tracking pixels, or third-party marketing trackers.

6. Data Security

We take reasonable measures to protect your information, including:

  • Passwords are hashed using industry-standard algorithms (bcrypt)
  • Sessions use secure, HTTP-only cookies with SameSite protection
  • Authentication endpoints are rate-limited to prevent brute-force attacks
  • Payment data is handled entirely by Stripe and never touches our servers
  • Webhook signatures are verified to prevent tampering

While we strive to protect your information, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security.

7. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

For All Users

  • Access: You can view your personal data in your account settings
  • Update: You can update your name and email in your account settings
  • Delete: You can request account deletion through your account settings or by contacting us
  • Export: You can request a copy of your data by contacting us

For EEA/UK Residents (GDPR)

If you are in the European Economic Area or United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR), including the right to data portability, the right to restrict processing, and the right to object to processing. Our legal basis for processing your data is (a) your consent, (b) performance of our contract with you, and (c) our legitimate interests in operating the Service. You may also lodge a complaint with your local data protection authority.

For California Residents (CCPA)

If you are a California resident, you have the right to know what personal information we collect, request deletion of your personal information, and opt out of the sale of personal information. As stated above, we do not sell your personal information.

8. International Data Transfers

Our Service is hosted in the United States. If you access the Service from outside the United States, your information may be transferred to and processed in the United States. By using the Service, you consent to this transfer. We take steps to ensure your data is protected in accordance with this Privacy Policy regardless of where it is processed.

9. Children's Privacy

The Service is not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete it promptly. If you believe a child has provided us with personal data, please contact us through our contact form.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the "Last updated" date at the top of this page. We encourage you to review this page periodically. Your continued use of the Service after changes are posted constitutes your acceptance of the updated Privacy Policy.

11. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, contact us through our contact form.