BreakSyncer ("we," "us," or "our") operates the website breaksyncer.com and the BreakSyncer platform (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this policy carefully. By using the Service, you consent to the data practices described in this policy.
1.1 Information You Provide Directly
- Account Information: When you create an account, we collect your name, email address, password (stored in hashed form), and optionally your business or organization name.
- Payment Information: When you subscribe to a paid plan, payment details (such as credit card number, billing address, and related information) are collected and processed directly by our third-party payment processor, Stripe. We do not store your full credit card number on our servers.
- Customer Data: Information you enter about your own customers, including names, email addresses, phone numbers, shipping addresses, and purchase histories, as part of managing your card breaks.
- Communications: If you contact us for support or other inquiries, we retain the content of those communications along with your email address.
1.2 Information Collected Automatically
- Usage Data: We collect information about how you interact with the Service, including pages visited, features used, break creation and management activity, and timestamps.
- Device and Browser Information: We may collect your IP address, browser type, operating system, device type, and screen resolution.
- Cookies: We use cookies and similar technologies to maintain your session, remember your preferences, and secure the Service. Please refer to our Cookie Policy for details.
1.3 Information from Third Parties
We may receive limited information from third-party services you integrate with your BreakSyncer account, such as Stripe (payment status and subscription details) or any future integrations you choose to enable.
We use the information we collect for the following purposes:
- To create, maintain, and secure your account
- To provide and operate the Service, including managing breaks, customers, and analytics
- To process subscription payments and manage billing
- To send transactional emails (account verification, password resets, billing receipts, break notifications)
- To provide customer support and respond to your inquiries
- To monitor usage and analyze trends to improve the Service
- To detect, prevent, and address fraud, abuse, or security issues
- To enforce our Terms of Service and other agreements
- To comply with applicable legal obligations
We use the following third-party services to operate the Service. Each has its own privacy policy governing the use of your information:
- Stripe— Payment processing. Stripe collects and processes your payment information in accordance with its privacy policy at stripe.com/privacy. We receive limited payment data from Stripe, such as the last four digits of your card, card brand, and subscription status.
- Resend— Transactional email delivery. Resend processes your email address to deliver emails on our behalf, such as password resets, billing confirmations, and break notifications.
- Cloudflare— Content delivery network (CDN) and security. Cloudflare may process your IP address and request headers to provide DNS resolution, DDoS protection, and performance optimization for the Service.
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
We retain your personal information for as long as your account is active or as needed to provide you with the Service. Specifically:
- Account data: Retained for the lifetime of your account and for up to 30 days after account deletion to allow for recovery.
- Billing records: Retained for up to 7 years to comply with tax and accounting obligations.
- Usage logs: Retained for up to 90 days for security and debugging purposes.
- Customer data you enter: Deleted when you delete the data within the Service or upon account deletion, subject to any applicable retention periods.
After the applicable retention period, we will securely delete or anonymize your information.
Depending on your location, you may have the following rights regarding your personal information:
- Access: You may request a copy of the personal information we hold about you.
- Correction: You may request that we correct inaccurate or incomplete personal information.
- Deletion: You may request that we delete your personal information, subject to certain legal exceptions.
- Data Portability: You may request a machine-readable copy of your data.
- Objection: You may object to our processing of your personal information in certain circumstances.
- Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time.
To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.
We implement industry-standard technical and organizational measures to protect your personal information, including encryption of data in transit (TLS/SSL), hashed password storage, and secure session management. However, no method of electronic storage or transmission over the Internet is 100% secure, and we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.
The Service is not directed to individuals under the age of 13, and we do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete that information promptly. If you believe that a child under 13 has provided us with personal information, please contact us at [email protected].
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you, the sources of that information, our purposes for collecting it, and the categories of third parties with whom we share it.
- Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
- Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
- No Sale of Personal Information: We do not sell your personal information as defined under the CCPA.
To submit a CCPA request, contact us at [email protected].
If you are located in the European Economic Area (EEA) or the United Kingdom, you have rights under the General Data Protection Regulation (GDPR), including the rights listed in Section 5 above.
Legal Basis for Processing: We process your personal information on the following legal bases:
- Contract: Processing necessary to perform our contract with you (providing the Service).
- Legitimate Interests: Processing necessary for our legitimate interests, such as improving the Service, preventing fraud, and ensuring security.
- Consent: Where you have given us specific consent for a particular processing activity.
- Legal Obligation: Processing necessary to comply with applicable laws.
For GDPR inquiries or to exercise your rights, contact us at [email protected].
Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have data protection laws that differ from your jurisdiction. By using the Service, you consent to such transfers. We take appropriate safeguards to ensure your information remains protected in accordance with this Privacy Policy.
We may update this Privacy Policy from time to time. When we make changes, we will update the "Last Updated" date at the top of this page. If we make material changes, we may also notify you by email or through a notice within the Service. Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at: