2 Privacy Policy 2.1 Information We Collect Category Examples Source Account Data Name, business email, company name Presale checkout form Payment Data Card token, billing address (handled by Stripe) Stripe Checkout Usage Data Page views, click paths, device/browser info Google Analytics 4 Support Data Emails, chat transcripts You, when you contact us 2.2 How We Use Data Provide and maintain the Service and presale communication Process payments and manage subscriptions Analyze aggregate usage to improve UX and compliance features Send transactional emails (receipts, onboarding) and limited product‑update marketing 2.3 Legal Bases (GDPR) Where GDPR applies, our processing bases include contract (Article 6 (1)(b)), legitimate interests (Article 6 (1)(f)), and consent where required for analytics cookies. 2.4 Disclosure to Third Parties We share data only with processors that enable core operations: Stripe, Inc. – payment processing Netlify, Inc. – form handling & hosting Google LLC – analytics (IP anonymization enabled) These parties process data pursuant to written agreements that uphold confidentiality and security. 2.5 International Transfers Data may be stored in the United States. Where required, we rely on Standard Contractual Clauses for EU–US transfers. 2.6 Data Retention Account and billing records are retained for as long as you remain a customer, plus seven (7) years for tax compliance. Email addresses collected during presale but not converted to paying customers are purged twelve (12) months after GA. 2.7 Your Rights Subject to local law, you may request access, correction, deletion, or portability of your personal data by emailing privacy@cancelwidget.com. We will respond within 30 days. 2.8 Security We employ TLS encryption, periodic penetration testing, and least‑privilege access controls. No method is 100 % secure, but we strive to protect your data. 2.9 Changes Material changes will be announced via email and posted here at least 14 days in advance.