Back to home

Privacy Policy

Effective Date: February 22, 2026

1. Information We Collect

Information you provide:

  • Account information: name, email address, company name
  • Payment information: processed and stored by Stripe (we never see full card numbers)
  • Content: requests, comments, files, and other data you upload to the Service
  • Communications: emails or messages you send to our support team

Information collected automatically:

  • Log data: IP address, browser type, operating system, referring URLs
  • Usage data: pages viewed, features used, time spent in the Service
  • Device data: device type, screen resolution, language preferences
  • Cookies: session tokens, authentication tokens, preference cookies

2. How We Use Your Information

  • Provide, maintain, and improve the Service
  • Process transactions and send related information
  • Send technical notices, updates, and security alerts
  • Respond to your comments and support requests
  • Monitor and analyze usage trends to improve user experience
  • Detect, prevent, and address technical issues and abuse

3. Data Sharing

We do not sell your personal information. We share data only with:

  • Service providers who assist us in operating the Service (Supabase, Stripe, Cloudflare, Resend)
  • Law enforcement when required by law or to protect our legal rights
  • Business transfers in the event of a merger, acquisition, or asset sale

4. Data Security

  • All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Authentication tokens are managed with industry-standard security via NextAuth.js
  • Database connections use connection pooling with SSL enforcement
  • We conduct regular security reviews and monitor for vulnerabilities

5. Data Retention

  • Account data is retained for the lifetime of your account
  • Upon account deletion, personal data is removed within 30 days
  • Aggregated, anonymized analytics data may be retained indefinitely
  • Backup data is purged within 90 days of deletion

6. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Delete your personal data (“right to be forgotten”)
  • Export your data in a portable format
  • Object to processing of your data for marketing purposes
  • Restrict processing of your data under certain circumstances

To exercise any of these rights, contact us at: privacy@originspillar.com

7. Cookies

We use essential cookies for:

  • Authentication and session management (secure session tokens)
  • Security and fraud prevention
  • User preference storage

We do not use third-party advertising or tracking cookies.

8. International Data Transfers

Your data may be processed in data centers located in the United States, Europe, and Asia-Pacific regions. We ensure appropriate safeguards for international transfers.

9. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect data from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification.

11. Contact Us

For privacy-related inquiries:

Email: privacy@originspillar.com

Address: Origins Pillar LLC, Dubai, United Arab Emirates