Privacy Policy

At ClipifyIt ("we," "us," or "our"), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our clipboard management service at clipifyit.com (the "Service").

Please read this Privacy Policy carefully. By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

1. Information We Collect

1.1 Personal Information

When you register for an account, we collect:

• Email Address: Used for account creation, authentication, and communication
• Name: Optional display name for your profile
• Password: Stored securely using industry-standard encryption (we never store passwords in plain text)
• Authentication Tokens: OAuth tokens if you sign in with Google or other third-party providers

1.2 Clipboard Content

The primary function of our Service is to store and manage your clipboard data:

• Text Content: Any text, URLs, code snippets, or other content you paste into the Service
• Metadata: Timestamps, labels, folders, projects, and organizational data you create
• Offline Articles: Content from web pages you save for offline reading (Pro feature)

1.3 Payment Information

For paid subscriptions (Pro/Pro+ plans), we use Stripe to process payments. We do not store your full credit card details on our servers. Stripe collects and processes:

• Credit card information
• Billing address
• Payment history

Please refer to Stripe's Privacy Policy for information on how they handle your payment data.

1.4 Usage Data

We automatically collect certain information about your device and how you interact with our Service:

• Device Information: Browser type, operating system, device type
• Log Data: IP address, access times, pages viewed, referring URLs
• Analytics Data: How you use our Service, features accessed, session duration (collected via Google Analytics)
• Cookies and Tracking: See Section 5 for details

1.5 Service Worker and Local Storage

For offline functionality and improved performance:

• Service Workers: Cache certain assets and enable offline access
• IndexedDB: Store offline articles and cached data locally on your device
• LocalStorage: Store preferences, UI settings, and temporary data

This data remains on your device and can be cleared by clearing your browser data.

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 To Provide and Maintain Our Service

• Create and manage your account
• Store and synchronize your clipboard data across devices
• Enable offline article reading and caching
• Organize content into projects and folders
• Process and manage your subscription

2.2 To Improve Our Service

• Analyze usage patterns to enhance user experience
• Identify and fix technical issues
• Develop new features and functionality
• Conduct research and analysis

2.3 To Communicate With You

• Send service-related notifications and updates
• Respond to your inquiries and support requests
• Send important account information
• Notify you of changes to our Service or policies

2.4 To Ensure Security

• Detect and prevent fraud, abuse, and security incidents
• Monitor and analyze security threats
• Enforce our Terms of Service

2.5 For Legal Compliance

• Comply with legal obligations and regulations
• Respond to legal requests and prevent harm
• Protect our rights, privacy, safety, or property

3. How We Share Your Information

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

3.1 Service Providers

We work with trusted third-party service providers who assist us in operating our Service:

• Supabase: Database and authentication services (see Supabase Privacy Policy)
• Stripe: Payment processing (see Stripe Privacy Policy)
• Google Analytics: Usage analytics and statistics
• Vercel: Hosting and content delivery

These providers are contractually obligated to protect your data and may only use it to provide services to us.

3.2 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Valid legal requests (subpoenas, court orders, legal processes)
• Compliance with applicable laws and regulations
• Protection of our rights, property, or safety
• Prevention of fraud, security issues, or illegal activity

3.3 Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred as part of the business transaction. We will notify you of any such change and any choices you may have regarding your information.

3.4 With Your Consent

We may share your information for any other purpose with your explicit consent.

4. Data Storage and Security

4.1 Where We Store Your Data

Your data is stored securely using Supabase's cloud infrastructure, which is built on top of AWS (Amazon Web Services). Data may be processed and stored in servers located in various countries, including the United States and other jurisdictions where our service providers operate.

4.2 How We Protect Your Data

We implement industry-standard security measures to protect your information:

• Encryption: Data is encrypted in transit using TLS/SSL and at rest using AES-256 encryption
• Access Controls: Strict access controls limit who can access your data
• Authentication: Secure authentication mechanisms including OAuth and JWT tokens
• Row-Level Security: Database policies ensure users can only access their own data
• Regular Audits: Security assessments and monitoring for vulnerabilities
• Secure Development: Following secure coding practices and regular updates

4.3 Data Retention

We retain your information for as long as necessary to:

• Provide our Service and maintain your account
• Comply with legal obligations
• Resolve disputes and enforce our agreements

When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal or regulatory purposes.

4.4 Data Security Limitations

While we strive to protect your information using commercially reasonable means, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

5. Cookies and Tracking Technologies

5.1 What Are Cookies?

Cookies are small text files stored on your device that help us provide and improve our Service. We use both session cookies (deleted when you close your browser) and persistent cookies (remain until deleted or expired).

5.2 How We Use Cookies

• Essential Cookies: Required for authentication and basic Service functionality
• Authentication Tokens: Keep you logged in and maintain your session
• Preference Cookies: Remember your settings (dark mode, compression mode, etc.)
• Analytics Cookies: Google Analytics cookies help us understand how you use our Service

5.3 Third-Party Tracking

We use Google Analytics to collect usage statistics. Google Analytics uses cookies and may collect:

• Pages visited and features used
• Time spent on pages
• Navigation paths
• Device and browser information

You can opt-out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

5.4 Managing Cookies

You can control cookies through your browser settings. However, disabling certain cookies may limit your ability to use some features of our Service. Essential cookies required for authentication cannot be disabled while using the Service.

6. Your Privacy Rights

6.1 Access and Portability

You have the right to:

• Access your personal information
• Export your clipboard data in Excel, CSV, or JSON format
• Request a copy of your data in a machine-readable format

6.2 Correction and Update

You can update your account information at any time through your Dashboard:

• Edit your profile name
• Update email preferences
• Modify labels, folders, and project names

6.3 Deletion

You have the right to delete your account and data:

• Visit your Dashboard and click "Delete My Account"
• All your personal information and clipboard data will be permanently deleted
• This action cannot be undone
• Some information may be retained for legal or regulatory purposes

6.4 Opt-Out of Communications

You can opt-out of non-essential communications by:

• Clicking unsubscribe links in emails
• Contacting us directly

Note: We will still send essential service-related emails (security alerts, billing notifications, etc.).

6.5 GDPR Rights (European Users)

If you are located in the European Economic Area (EEA), you have additional rights under GDPR:

• Right to Access: Obtain confirmation of data processing and access to your data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restriction: Limit how we process your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time
• Right to Lodge a Complaint: File a complaint with your local data protection authority

6.6 CCPA Rights (California Users)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request disclosure of data collection and sharing practices
• Right to Delete: Request deletion of personal information
• Right to Opt-Out: Opt-out of the sale of personal information (Note: We do not sell personal information)
• Right to Non-Discrimination: Not be discriminated against for exercising your rights

6.7 How to Exercise Your Rights

To exercise any of these rights, please:

• Use the self-service options in your Dashboard
• Email us at privacy@clipifyit.com
• Use our contact form

We will respond to your request within 30 days.

7. Children's Privacy

Our Service is not intended for children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws than your country. By using our Service, you consent to the transfer of your information to these countries.

We ensure appropriate safeguards are in place to protect your data during international transfers, including:

• Using service providers that comply with international data protection standards
• Implementing standard contractual clauses approved by the European Commission
• Ensuring adequate security measures are in place

9. Third-Party Links

Our Service may contain links to third-party websites, services, or resources. We are not responsible for the privacy practices or content of these third parties. When you click on external links, you leave our Service and are subject to the privacy policies of those third parties. We encourage you to review their privacy policies before providing any information.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. We will notify you of any material changes by:

• Posting the updated policy on this page
• Updating the "Last Updated" date at the top
• Sending an email notification for significant changes
• Displaying a prominent notice on our Service

Your continued use of our Service after we make changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this page periodically for the latest information on our privacy practices.

11. Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you and relevant authorities as required by applicable law. Notifications will include:

• The nature of the breach
• The data that was affected
• Steps we are taking to address the breach
• Recommendations for protecting your information

12. Your Responsibilities

While we take measures to protect your data, you also play a role in keeping your information secure:

• Keep your password secure and do not share it with others
• Use a strong, unique password for your account
• Enable two-factor authentication when available
• Log out of your account when using shared devices
• Be cautious about what content you store in our Service
• Regularly review your account activity for suspicious behavior
• Keep your browser and operating system updated

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will respond to your inquiry within 30 days.

14. Additional Information

14.1 Do Not Track

Some browsers have a "Do Not Track" feature that signals to websites you visit that you do not want to have your online activity tracked. Our Service does not currently respond to Do Not Track signals.

14.2 Your California Privacy Rights

California Civil Code Section 1798.83 permits California residents to request information regarding disclosure of personal information to third parties for direct marketing purposes. We do not share personal information with third parties for their direct marketing purposes.

14.3 Accessibility

We are committed to ensuring this Privacy Policy is accessible to all users. If you need this policy in an alternative format, please contact us.