Privacy Policy

At SubSmack, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our subscription management platform. Please read this policy carefully. By using SubSmack, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

We collect personal information that you voluntarily provide when you register for an account, including your name, email address, and password. When you connect your email accounts for subscription discovery, we access only the metadata and content necessary to identify subscription-related messages. We do not store the full contents of your emails.

We automatically collect certain usage data when you interact with our platform, including your IP address, browser type, operating system, referring URLs, pages visited, and timestamps. This information helps us understand how our service is used and improve the user experience.

When you add subscriptions or connect financial accounts, we may collect financial data such as subscription names, billing amounts, billing cycles, and renewal dates. We use bank-level encryption to protect all financial information and never store your bank account credentials directly on our servers.

Analytics Data: With your explicit consent, we use PostHog to collect anonymous usage data including page views, navigation patterns, and device information. No personally identifiable information (such as your name or email address) is sent to our analytics provider. You can opt out of analytics tracking at any time via the consent banner or by clearing your browser cookies. See our Cookie Policy for more details.

2. How We Use Your Information

We use the information we collect primarily to provide, operate, and maintain our subscription management service. This includes detecting your subscriptions, tracking spending, sending renewal alerts, and providing cancellation guidance. Your data enables us to deliver personalized insights about your subscription spending patterns.

We also use your information to improve and develop new features, respond to customer service requests, send administrative communications such as account confirmations and security alerts, and, with your consent, send marketing communications about new features or promotions. You can opt out of marketing emails at any time through your account settings or by clicking the unsubscribe link in any marketing email.

3. Information Sharing

We do not sell, trade, or rent your personal information to third parties. We may share your data with trusted third-party service providers who assist us in operating our platform, such as cloud hosting providers, email delivery services, and analytics tools. These providers are contractually obligated to protect your information and may only use it to perform services on our behalf.

We may disclose your information if required to do so by law or in response to valid legal requests by public authorities, including to meet national security or law enforcement requirements. We may also share information to protect the rights, property, or safety of SubSmack, our users, or the public, or to detect, prevent, or otherwise address fraud, security, or technical issues.

4. Data Security

We implement industry-standard security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. All data transmitted between your browser and our servers is encrypted using TLS 1.3. Sensitive data stored in our databases is encrypted at rest using AES-256 encryption.

Access to personal information is restricted to authorized employees and contractors who need the information to perform their job functions. We conduct regular security audits and penetration testing to identify and address potential vulnerabilities. While we strive to protect your data, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

5. Your Rights

You have the right to access the personal information we hold about you at any time through your account dashboard. You can request a complete copy of your data in a portable, machine-readable format. If any of your information is inaccurate or incomplete, you have the right to request correction or update it directly in your account settings.

You may request deletion of your account and all associated personal data at any time. Upon receiving a deletion request, we will remove your data from our active systems within 30 days, though some information may be retained in encrypted backups for up to 90 days. If you are located in the European Economic Area, you have additional rights under the GDPR, including the right to restrict processing and the right to object to processing based on legitimate interests.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with our services. If you close your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal, tax, or regulatory purposes.

Aggregated and anonymized data that cannot be used to identify you may be retained indefinitely for analytical and statistical purposes. Audit logs related to account activity are retained for up to 12 months to support security investigations and compliance requirements. You may contact us at any time to request information about the specific retention periods applicable to your data.

7. Contact Us

If you have any questions about this Privacy Policy, your personal data, or would like to exercise any of your rights, please contact us at hello@subsmack.ai. We will respond to your inquiry within 30 days.

You may also reach us by mail at our principal office address. If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.