Privacy Policy

We collect information you provide directly to us, including:

• Account information (name, email address, profile picture)
• Company information (company name, website, social media profiles)
• Email signature content and preferences
• Communications with us

When you use our Services, we automatically collect:

• Usage data (features accessed, actions taken, timing of activities)
• Device information (browser type, operating system, device type)
• IP address and approximate location (derived from IP address)
• Log data (access times, pages viewed, referring websites)

We may receive information about you from:

• Google authentication services (when you sign in with Google)
• Third-party analytics providers
• Other users (when they invite you to their team)

We use your information to:

• Create and manage your account
• Generate and manage your email signatures
• Process your requests and respond to your inquiries
• Improve and optimize our Services
• Develop new features and functionality
• Monitor and analyze trends and usage

We may use your information to:

• Send you technical notices, updates, security alerts, and support messages
• Communicate about your account, services, and features
• Respond to your comments, questions, and customer service requests
• Send you marketing communications (with your consent where required by law)

We use your information to:

• Protect against, investigate, and prevent fraudulent, unauthorized, or illegal activity
• Enforce our Terms of Service and other usage policies
• Debug to identify and repair errors in our Services
• Ensure the security and integrity of our Services

We share information with third-party service providers who help us:

• Host our Services (Supabase for database and authentication)
• Process authentication (Google Sign-In)
• Analyze our Services usage (analytics providers)
• Provide customer support
• Process payments and prevent fraud

These service providers are only authorized to use your information as necessary to provide services to us and are required to maintain the confidentiality of your information.

We may disclose your information if required to do so by law or in response to valid requests from public authorities (e.g., a court or government agency). We may also disclose your information when we believe disclosure is necessary to:

• Comply with legal obligations
• Protect our rights, privacy, safety, or property
• Protect our users or the public from harm or illegal activities
• Respond to an emergency

If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or uses of your information via email and/or a prominent notice on our website.

We may share your information with third parties when you explicitly authorize us to do so.

We use Supabase, a cloud platform provider, to store and process your data. Supabase's infrastructure is built on top of AWS and provides:

• Database hosting in secure data centers
• Automated backups and data redundancy
• Industry-standard encryption for data in transit and at rest
• Compliance with major security standards and certifications

We implement appropriate technical and organizational measures to protect your information, including:

• Encryption of data in transit using SSL/TLS
• Secure authentication and authorization systems
• Regular security assessments and monitoring
• Access controls and logging mechanisms
• Employee training on security and privacy practices

In the event of a data breach that affects your personal information, we will:

• Notify affected users promptly
• Investigate and remediate the breach
• Provide information about steps you can take to protect yourself
• Notify relevant authorities as required by law

We use the following key third-party service providers:

• Supabase: For database hosting, authentication, and file storage
• Google: For authentication and API services
• Analytics providers: To understand service usage and improve our platform

Each of these providers has their own privacy policy governing how they handle your data. We encourage you to review their policies.

Our Services may contain links to other websites or services that are not operated by us. We are not responsible for the privacy practices of these third-party websites. We encourage you to review the privacy policies of any third-party sites you visit.

Cookies are small text files that are placed on your device when you visit our website. We use cookies and similar tracking technologies to:

• Maintain your session and authentication status
• Remember your preferences and settings
• Understand how you use our Services
• Improve our Services based on usage data

• Essential Cookies: Required for the operation of our Services (e.g., authentication)
• Preference Cookies: Remember your settings and preferences
• Analytics Cookies: Help us understand how visitors interact with our Services

Most web browsers allow you to control cookies through their settings preferences. However, limiting cookies may impact the functionality of our Services.

Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

• We access only the Google user data our app needs to provide our services
• We do not sell Google user data
• We do not use Google user data for advertising
• We do not allow humans to read Google user data unless:
  • We have your explicit consent
  • It's necessary for security purposes
  • It's required for compliance with applicable laws

We retain your information for as long as necessary to:

• Provide our Services to you
• Comply with our legal obligations
• Resolve disputes
• Enforce our agreements

When you delete your account, we will delete or anonymize your information unless:

• We are required to retain it by law
• There are legitimate business purposes for retention
• The data is needed to prevent fraud or future abuse

Depending on your location, you may have certain rights regarding your personal information:

• Access your personal information
• Correct inaccurate or incomplete data
• Request deletion of your personal information
• Object to or restrict processing of your data
• Export your data in a portable format
• Withdraw consent where processing is based on consent

To exercise these rights, please contact us at privacy@tryfirma.com.

We process data globally and may transfer your information to countries other than where you live. When we do so, we ensure appropriate safeguards are in place:

• Using EU-approved Standard Contractual Clauses
• Transferring to countries with adequate data protection laws
• Implementing appropriate security measures

Our Services are not directed to children under 16. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us. If we become aware that we have collected personal information from children without verification of parental consent, we will take steps to remove that information.

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the new Privacy Policy on our website
• Sending you an email notification
• Displaying a prominent notice in our Services

Your continued use of our Services after any changes indicates your acceptance of the updated Privacy Policy.

If you have any questions about this Privacy Policy or our data practices, please contact us:

• Email: privacy@tryfirma.com
• Website: tryfirma.com