ProtocolStack

Privacy Policy

Last updated: December 15, 2025

At ProtocolStack, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

1. Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Name (if provided via Google OAuth)
  • Profile picture (if provided via Google OAuth)

Usage Data

As you use our service, we collect:

  • Protocol completions and tracking history
  • Stack configurations
  • Feature usage patterns
  • Device and browser information

Payment Information

Payment processing is handled by Stripe. We do not store your credit card details. We only receive:

  • Subscription status
  • Payment confirmation
  • Last four digits of your card (for display purposes)

2. How We Use Your Data

We use your information to:

  • Provide and maintain the Service
  • Process your subscription and payments
  • Send important service updates
  • Improve our features and user experience
  • Respond to your inquiries and support requests
  • Detect and prevent fraud or abuse

3. Third-Party Services

We use the following third-party services:

  • Supabase: Database hosting and authentication
  • Stripe: Payment processing
  • Vercel: Website hosting
  • Resend: Email delivery

Each of these services has their own privacy policy governing their use of your data.

4. Data Retention

We retain your data as follows:

  • Active accounts: Data retained while your account is active
  • Cancelled accounts: Data retained for 30 days, then deleted
  • Upon request: Data deleted within 30 days of your request

5. Your Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update inaccurate information
  • Deletion: Request deletion of your data
  • Export: Download your data in a portable format
  • Opt-out: Unsubscribe from marketing emails

To exercise these rights, contact us at hanthienduc.96@gmail.com.

6. Cookies and Tracking

We use essential cookies for:

  • Authentication and session management
  • Remembering your preferences

We do not use advertising cookies or sell your data to third parties.

7. Data Security

We protect your data using:

  • HTTPS encryption for all data transmission
  • Secure password hashing
  • Row-level security in our database
  • Regular security audits

8. International Data Transfers

Your data may be processed in countries outside your residence. We ensure appropriate safeguards are in place for any international transfers.

9. Children's Privacy

Our Service is not intended for children under 16. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or through the Service. Continued use after changes constitutes acceptance.

11. Contact Us

For privacy-related questions or to exercise your rights, contact us:

Kawasaki City, Takatsu Ward
Suward 2-9-27
High Town Tamagawa No.2, Room 311
Japan