SubsTracking

Privacy Policy

Last updated: October 9, 2025

1. Introduction

At SubsTracking, we take the protection of your personal data very seriously. This Privacy Policy explains how we collect, use, store, and protect your personal information in accordance with the General Data Protection Regulation (GDPR) of the European Union.

2. Data Controller

Name: SubsTracking

Contact email: contact@substracking.com

3. Data We Collect

3.1. Registration Data

  • First and last name
  • Email address
  • Password (encrypted)

3.2. Usage Data

  • Subscriptions and trial periods you register
  • Notification preferences
  • Payment information (processed by secure third parties)

3.3. Technical Data

  • IP address
  • Browser type and device
  • Cookies and similar technologies

4. Purpose of Processing

We use your personal data to:

  • Provide and improve our services
  • Send you reminders about your subscriptions and trial periods
  • Process payments for Premium subscriptions
  • Communicate with you about service updates
  • Comply with legal obligations
  • Prevent fraud and ensure security

5. Legal Basis for Processing

  • Consent: For sending marketing communications
  • Contract performance: To provide our services
  • Legitimate interest: To improve our services and prevent fraud
  • Legal obligation: To comply with tax and legal requirements

6. Sharing Data with Third Parties

We only share your data with:

  • Service providers: Hosting (Vercel), database (Supabase), email (Resend)
  • Payment processors: To manage Premium subscriptions
  • Legal authorities: When required by law

We never sell your personal data to third parties.

7. Your Rights (GDPR)

You have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Restrict the processing of your data
  • Portability: Receive your data in a structured format
  • Object: Object to the processing of your data
  • Withdraw consent: At any time

To exercise these rights, contact us at: contact@substracking.com

8. Data Retention

We retain your personal data while you maintain an active account with us. When you delete your account, we will delete your personal data within 30 days, unless we are legally required to retain it for longer.

9. Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction, or alteration. This includes SSL/TLS encryption, secure password storage, and regular security audits.

10. International Transfers

Some of our service providers may be located outside the European Economic Area (EEA). When we transfer data outside the EEA, we ensure adequate safeguards are in place, such as standard contractual clauses approved by the European Commission.

11. Children

Our services are not directed to children under 16 years of age. We do not knowingly collect personal data from children. If we discover that we have collected data from a child, we will delete it immediately.

12. Changes to this Policy

We may update this Privacy Policy occasionally. We will notify you of any significant changes by email or through a prominent notice on our website.

13. Contact

If you have questions about this Privacy Policy or how we handle your personal data:

Email: contact@substracking.com

You also have the right to file a complaint with the data protection authority in your country.

← Back to home