Privacy Policy

1. Who We Are

PepFinder is operated by [COMPANY NAME], registered in [JURISDICTION]. This policy explains how we collect, use, and protect your personal information when you use our platform at pepfinder.ai. For questions, contact us at [CONTACT EMAIL].

2. Information We Collect

We collect information in the following ways:

• Account data: Email address and display name when you create an account.
• Usage data: Pages visited, search queries, and features used — collected automatically via server logs and analytics.
• Payment data: Subscription and billing information processed by Stripe. We do not store full card numbers.
• Email capture: If you submit your email for a free verification report, we store that address to fulfill the request and may send relevant updates (you can unsubscribe at any time).
• Device data: IP address, browser type, and OS — used for security and fraud prevention.

3. How We Use Your Information

• To provide and improve the Service.
• To send you verification reports or updates you have requested.
• To process payments and manage subscriptions.
• To detect and prevent fraud, abuse, or unauthorized access.
• To comply with legal obligations.

We do not sell your personal data to third parties.

4. Cookies & Tracking

We use:

• Essential cookies: Required for authentication and session management (Supabase).
• Analytics cookies: [ADD ANALYTICS PROVIDER, e.g., Plausible / PostHog] — used to understand aggregate usage patterns. [DESCRIBE IF/HOW USER CAN OPT OUT.]

You can disable non-essential cookies in your browser settings; this may affect some functionality.

5. Third-Party Services

We share data with the following processors:

• Supabase — database and authentication hosting.
• Stripe — payment processing.
• Resend — transactional email.
• Vercel — web hosting and edge infrastructure.
• RevenueCat — mobile subscription management.

Each processor operates under its own privacy policy and data processing agreement.

6. Data Retention

We retain your account data for as long as your account is active or as required by law. If you delete your account, we will delete your personal data within [X] days, except where retention is required by law or for fraud prevention.

7. Your Rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your data (“right to be forgotten”).
• Object to or restrict certain processing.
• Data portability (receive your data in a machine-readable format).
• Withdraw consent where processing is based on consent.

To exercise any of these rights, email us at [CONTACT EMAIL]. We will respond within [30] days.

8. Security

We implement industry-standard security measures including encrypted storage, HTTPS-only transport, and access controls. However, no system is 100% secure. You are responsible for maintaining the confidentiality of your account credentials.

9. Children

The Service is not directed at children under 18. We do not knowingly collect personal information from minors. If you believe we have done so, contact us and we will delete the information promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice on the Service or emailing registered users. Continued use after changes constitutes acceptance.

11. Contact

Questions or concerns? Reach us at [CONTACT EMAIL] or write to: [COMPANY NAME], [MAILING ADDRESS].