Privacy Policy

1. Information We Collect

• Account information. Name, email, and password when you register. Optionally, a profile picture and organization details.
• Project information. Details you provide about your SaaS idea during onboarding — descriptions, requirements, preferences.
• Payment information. Processed by Stripe. We do not store your full credit card number.
• Usage data. Pages visited, features used, and device/browser information. Collected via our own analytics — no third-party tracking.
• Communication data. Messages in project channels, support emails, and contact form submissions.

2. How We Use Your Information

• Provide and deliver SaaS build services.
• Process payments and send billing information.
• Communicate about project progress, updates, and support.
• Analyze usage patterns to improve the Service (first-party analytics only).
• Detect and prevent fraud or unauthorized activity.

3. Analytics

We use built-in, first-party analytics only. No Google Analytics, no Facebook Pixel, no third-party tracking scripts. We track:

• Page views and section visibility on our landing page.
• Conversion events (sign-up clicks).
• General usage patterns within the dashboard.

All analytics data is collected and stored on our own infrastructure. We do not share it with third parties.

4. Data Storage (Supabase)

All data is stored in Supabase (PostgreSQL), hosted in compliance with industry standards. Supabase processes data on our behalf and is contractually obligated to handle it in accordance with applicable data protection laws.

For more information, see the Supabase Privacy Policy.

5. Email Practices

We send emails for:

• Account verification and password resets.
• Project updates and milestone notifications.
• Payment receipts and billing alerts.
• Occasional product updates (only if you opted in).

We never sell your email address. You can unsubscribe from non-essential emails at any time. Transactional emails (account, billing, project) cannot be disabled.

6. Third-Party Services

• Supabase. Authentication, database, file storage. Supabase Privacy Policy.
• Stripe. Payment processing. Stripe Privacy Policy.

We do not use any other third-party services that collect personal data. No ad networks, no social media trackers, no external analytics providers.

7. Data Retention

• Account data. Retained while your account is active and up to 90 days after deletion.
• Project data. Retained for the duration of the project and 1 year after completion.
• Billing records. Retained as required by tax regulations, typically 7 years.
• Analytics data. Retained for up to 2 years, then anonymized or deleted.

8. Your Rights

Depending on your location, you may have the right to access, correct, delete, or export your personal data. To exercise these rights, contact us at the email below. We respond within 30 days.

9. Security

We implement appropriate technical and organizational measures to protect your data. Row-level security (RLS) policies enforce data access at the database level. All data in transit is encrypted via TLS.

10. Changes

We may update this Policy. Material changes will be posted here with a new "Last updated" date.

11. Contact

Questions about this Policy? Contact us at privacy@quantoxt.com.