Privacy Policy

Effective Date: Coming Soon
Last Updated: Coming Soon

🔒 We Never Sell Your Data

YOUR WAITINGLIST WILL NEVER SELL, RENT, OR TRADE YOUR DATA OR YOUR SUBSCRIBERS' DATA.

Period. We don't sell:

  • Client account information (emails, names, payment details)
  • Subscriber lists or contact information collected through your waitlists
  • Analytics or usage data
  • Any personal information to third parties for their marketing purposes

The only data sharing we do is with essential service providers needed to run the service (payment processing via Stripe, email delivery, hosting infrastructure). These providers are contractually bound to protect your data and cannot use it for their own purposes.

Introduction

Welcome to Your Waitinglist ("we," "us," or "our"). We are committed to protecting your privacy and the privacy of your subscribers. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our waitlist management service.

Important: Data Controller vs. Data Processor
• For your account data (client data), we are the Data Controller
• For subscriber data collected through your waitlists, we are the Data Processor - you are the Controller

1. Information We Collect

1.1 Client Data (You Provide)

When you register and use Your Waitinglist, we collect:

  • Account Information: Email address, name, password (encrypted)
  • Payment Information: Billing details processed through Stripe
  • Project Information: Project names, domain names, form configurations
  • Communication Data: Support tickets, feedback, correspondence

1.2 Subscriber Data (We Process on Your Behalf)

When people sign up to your waitlist, we collect:

  • Contact Information: Email addresses, names (if you choose to collect)
  • Technical Data: IP address, browser type, operating system, device type
  • Geolocation Data: Country, timezone (derived from IP address)
  • Timestamp Data: Signup date and time, verification status

1.3 Automatically Collected

  • Usage Data: Pages visited, features used, time spent on platform
  • Analytics Data: Performance metrics, error logs
  • Cookies: Essential cookies for authentication and functionality

2. How We Use Your Information

2.1 Client Data (We are the Controller)

We use your account data to:

  • Provide and maintain the service
  • Process payments and send billing information
  • Send important service updates and security alerts
  • Provide customer support
  • Improve our service and develop new features
  • Detect and prevent fraud or abuse

2.2 Subscriber Data (We are the Processor)

We process subscriber data solely according to your instructions:

  • To send double opt-in verification emails
  • To send welcome emails you configure
  • To display subscriber lists in your dashboard
  • To enable data export functionality
  • To track referrals if you enable that feature

We do NOT:
• Use subscriber data for our own marketing
• Share subscriber data with third parties (except essential service providers)
• Sell, rent, or commercialize subscriber data in any way
• Contact your subscribers unless you instruct us to

3. Data Sharing and Disclosure

3.1 Service Providers (Sub-Processors)

We share data only with trusted service providers necessary to operate the service:

Provider Purpose
Stripe Payment processing
Email Provider Transactional emails
Hosting Provider Infrastructure (all data encrypted)

What We NEVER Do:

  • We NEVER sell your data
  • We NEVER rent your subscriber lists
  • We NEVER trade data with third parties
  • We NEVER use your subscribers' emails for our own marketing

4. Data Retention

  • Active accounts: Retained as long as your account is active
  • Inactive accounts: Deleted after 12 months of inactivity (with prior notice)
  • After deletion: Backups retained for 30 days, then permanently deleted
  • Subscriber data: Retained as long as your project exists or per your instructions

5. Your Rights (GDPR & Privacy Laws)

5.1 Your Rights as a Client

You have the right to:

  • Access: Request a copy of your data
  • Rectification: Correct inaccurate data
  • Erasure: Delete your account and data ("right to be forgotten")
  • Portability: Export your data in a machine-readable format
  • Objection: Object to processing based on legitimate interest

How to exercise: Email [email protected] or use account settings.

6. Data Security

We implement industry-standard security measures:

  • Encryption: All data encrypted in transit (TLS/SSL) and at rest (AES-256)
  • Access Control: Role-based access, two-factor authentication available
  • Monitoring: 24/7 security monitoring and intrusion detection
  • Backups: Regular encrypted backups with disaster recovery plan

If a breach occurs, we will notify affected users within 72 hours per GDPR requirements.

7. Cookies and Tracking

We use only essential cookies necessary for the service to function:

  • Authentication cookies: Keep you logged in
  • Security cookies: Prevent CSRF attacks
  • Preference cookies: Remember your settings

We do NOT use: Third-party advertising cookies, cross-site tracking, or behavioral profiling for marketing.

8. Contact Us

Privacy Email: [email protected]
Data Protection Officer: [email protected]
Security Concerns: [email protected]

Note: This is a template document. The full, legally-reviewed Privacy Policy will be published before launch. By using the Service during development, you acknowledge this is a preview version.

✅ Quick Reference: Our Privacy Commitments

✅ We NEVER sell your data
✅ We are GDPR compliant
✅ We encrypt all data
✅ We honor all data subject rights
✅ Easy data export and deletion
✅ 72-hour breach notification
✅ You control subscriber data
✅ Full transparency always