Privacy Policy

Welcome to Savefolio. We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services. By using Savefolio, you agree to the collection and use of information in accordance with this policy.

Savefolio is the data controller responsible for your personal data. If you have any questions about this Privacy Policy or our data practices, please contact us using the information provided at the end of this document.

We collect information you provide directly to us, including: - Account information: email address, username, and name when you create an account - Profile information: biography, social media links, and avatar image - Referral codes: the codes you share through our platform - Usage data: information about how you interact with our service, including page views, clicks, and search queries - Communications: messages you send to us through our contact form We also automatically collect certain information when you visit our website, including your IP address, browser type, operating system, and cookies.

We use the information we collect to: - Provide, maintain, and improve our services - Create and manage your account - Display your public profile and referral codes to other users - Communicate with you about your account and respond to inquiries - Analyze usage patterns to improve user experience - Protect against fraud and unauthorized access - Comply with legal obligations

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds: - Consent: When you create an account and agree to our terms - Contract performance: To provide you with our services as described - Legitimate interests: To improve our services, prevent fraud, and ensure security - Legal obligations: To comply with applicable laws and regulations

We use the following third-party services to operate our platform: - Supabase: Database hosting and authentication (EU) - Google: OAuth authentication for Google sign-in - Vercel: Website hosting and content delivery These service providers have access to your personal data only to perform specific tasks on our behalf and are obligated to protect your information.

We retain your personal data for as long as your account is active or as needed to provide you with our services. You may request deletion of your account and associated data at any time through your account settings. After account deletion, we may retain certain information as required by law or for legitimate business purposes, such as resolving disputes or enforcing our agreements.

Under the GDPR and other applicable data protection laws, you have the following rights:

• Right to access: You can request a copy of the personal data we hold about you
• Right to rectification: You can request correction of inaccurate or incomplete data
• Right to erasure: You can request deletion of your personal data
• Right to data portability: You can request your data in a machine-readable format
• Right to object: You can object to processing based on legitimate interests
• Right to withdraw consent: You can withdraw consent at any time for processing based on consent

We use essential cookies to operate our website and maintain your session. These cookies are necessary for the website to function properly. Essential cookies include: - Session cookies: To keep you logged in - Security cookies: To protect against cross-site request forgery You can manage cookie preferences through your browser settings. Disabling essential cookies may affect website functionality.

Your information may be transferred to and processed in countries other than your own, including the United States and European Union countries where our service providers are located. When we transfer data internationally, we ensure appropriate safeguards are in place to protect your information in compliance with applicable data protection laws.

Our service is not intended for individuals under the age of 16. We do not knowingly collect personal data from children under 16. If you become aware that a child has provided us with personal information, please contact us immediately.

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

If you have any questions about this Privacy Policy, wish to exercise your data protection rights, or have concerns about how we handle your personal information, please contact us.

Contact us