Privacy Policy

1. Introduction

sprintrr ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our project management platform and services (collectively, the "Service").

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this policy, please do not access the Service.

2. Information We Collect

2.1 Personal Information

We may collect the following personal information:

• Name and email address (when you create an account)
• Payment information (processed securely through Polar.sh)
• Profile information you choose to provide
• Communication preferences

2.2 Project Data

When you use our Service, we store:

• Projects, tasks, and milestones you create
• Time tracking data
• Templates and exports you generate
• AI-generated content based on your prompts

2.3 Usage Information

We automatically collect certain information about your device and usage:

• Browser type and version
• Operating system
• IP address (anonymized)
• Pages visited and features used
• Time spent on pages
• Referring website addresses

2.4 Cookies and Tracking

We use essential cookies to maintain your session and preferences. These are strictly necessary for the Service to function properly. We do not use advertising or third-party tracking cookies.

3. How We Use Your Information

We use the collected information for:

• Providing and maintaining our Service
• Processing your transactions and managing subscriptions
• Sending important updates about your account or the Service
• Responding to your comments, questions, and support requests
• Improving our Service and developing new features
• Detecting and preventing technical issues or abuse
• Complying with legal obligations

4. Data Storage and Security

4.1 Where We Store Data

Your data is stored securely using Supabase infrastructure, which employs industry-standard security measures. Data is encrypted both in transit (using TLS) and at rest.

4.2 Data Retention

We retain your personal information and project data for as long as your account is active. You can request deletion of your account and associated data at any time. Some information may be retained for legal or legitimate business purposes.

4.3 Security Measures

• Row Level Security (RLS) ensures data isolation between users
• Secure authentication through Supabase Auth
• Regular security updates and monitoring
• Encrypted connections for all data transfers
• Secure payment processing through Polar.sh (PCI compliant)

5. Third-Party Services

We use the following third-party services:

5.1 Service Providers

• Supabase: Database and authentication services
• Polar.sh: Payment processing and subscription management
• Anthropic Claude API: AI project generation (prompts are processed, not stored by Anthropic)
• Vercel: Hosting and deployment services

These providers have access to your information only to perform specific tasks on our behalf and are obligated to protect your information in accordance with their own privacy policies.

6. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share your information only in the following situations:

• With your explicit consent
• To comply with legal obligations or court orders
• To protect our rights, privacy, safety, or property
• In connection with a merger, acquisition, or sale of assets (with notice)

7. Your Rights and Choices

7.1 Access and Control

You have the right to:

• Access your personal information
• Correct inaccurate or incomplete information
• Request deletion of your account and data
• Export your project data
• Opt-out of non-essential communications

7.2 Data Portability

You can export your projects, tasks, and milestones at any time through the export feature in your dashboard. We support JSON, CSV, and template formats.

7.3 Account Deletion

To delete your account and all associated data, please contact us at support@sprintrr.ai. We will process your request within 30 days.

8. GDPR Compliance (For EU Users)

If you are a resident of the European Union, you have additional rights under the General Data Protection Regulation (GDPR):

• Right to be informed: This privacy policy serves this purpose
• Right of access: Request a copy of your personal data
• Right to rectification: Request correction of inaccurate data
• Right to erasure: Request deletion of your data
• Right to restrict processing: Request limitation of data processing
• Right to data portability: Receive your data in a portable format
• Right to object: Object to certain types of processing
• Rights related to automated decision making: We do not use automated decision-making

Our legal basis for processing personal data is your consent and our legitimate interests in providing the Service.

9. California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

• The right to know what personal information is collected
• The right to know if your personal information is sold or disclosed
• The right to opt-out of the sale of personal information (we do not sell your data)
• The right to request deletion of your personal information
• The right to non-discrimination for exercising your privacy rights

10. Children's Privacy

Our Service is not intended for individuals under the age of 13. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us immediately.

11. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your state, province, country, or other governmental jurisdiction. By using our Service, you consent to such transfers.

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we will provide additional notice via email.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

14. Data Protection Officer

For GDPR-related inquiries, please contact us at support@sprintrr.ai